Sunday, June 25, 2006

Network configuration management: an innovative, additional layer of network security - Storage Networking

With the increased number of cyber attacks and the overall complexity of enterprise networks today, IT professionals are challenged with the daunting task of protecting networks from known and unknown malicious activity. To combat network security issues, many organizations are deploying a layered security architecture that spans from the Internet to the desktop. The typical network security solutions companies deploy include firewalls, intrusion detection systems, anti-virus software, etc. Many organizations also utilize vulnerability assessments, penetration tests and other means to identify network vulnerabilities.

While traditional security solutions and services are being deployed to protect the network, devices continue to fall victim to attacks. As a result, many organizations are looking outside the "security application box" to other solutions that can more effectively secure, manage and maintain critical devices throughout the network. One particular application category IT professionals are turning to is Network Configuration Management.

Network configuration management solutions are specifically designed to automate the process of changing, securing and managing devices throughout the enterprise. Companies are turning to network configuration management solutions because there is a direct correlation between properly configured devices and network security. Whether configuration changes are introduced through malicious attacks, manual update errors, or network product defects, devices can become vulnerable and place your business at risk.

By leveraging a configuration management solution as part of your security strategy, organizations can arm IT professionals with device security and intrusion response functionality that is not found in traditional security solutions. Additionally, network configuration management solutions provide organizations with a disciplined, change management methodology that ensure IT professionals can only make changes that comply with the enterprise security policies.

Tuesday, June 20, 2006

Network Security Services target small to medium businesses

Secure Remote Management and Threat Management Services guide SMBs through IP migration process by providing assessment, provisioning and integration, monitoring and proactive management, and issue resolution for network and security events. Remote Management Service monitors each component of infrastructure, including devices, servers, and applications. Threat Management Service extends security capabilities through continuous monitoring of routers, security devices, and Internet data traffic.

New NEC Secure Remote Management and Threat Management Services Provide Unparalleled Network Reliability and Security

IRVING, Texas, March 7 /-- NEC Unified Solutions, Inc. (NEC), a leader in converged voice and data communications for the enterprise, today announced the availability of two new managed services offerings: NEC Secure Remote Management Services and NEC Secure Threat Management Services. Designed for the small-to-medium business (SMB) and enterprise markets, these solutions improve network management and reliability while mitigating security risks and bolstering customers' network security posture.

Together, NEC's latest offerings ensure application and hardware availability by taking proactive measures to monitor and assess potential network issues and threats and enable NEC to assist customers throughout all phases of the IP migration process. The new services provide end-to-end assistance through the assessment, provisioning and integration, monitoring and proactive management and issue resolution for network and security events that occur in any organizations' business-critical voice and data networks.

Monday, June 19, 2006

Network Security Solution can be deployed non- intrusively

CleanTraffic(TM) defends enterprises and service providers from targeted DDoS attacks, active zombies, and rapid malware. Within hours of deployment, product automatically learns about all network endpoints and detects, tracks, and mitigates outside-in or inside-out attacks to or from any endpoints. Solutions can be deployed using appliances that scale from 1 Gbps of traffic for smaller organizations, to over 10 Gbps of traffic for very large organizations.

PALO ALTO, Calif., March 20 / -- netZentry, a leader in advanced network security today announced the immediate availability of CleanTraffic(TM), a breakthrough solution designed to defend enterprises and service providers from the triple threat of targeted DDoS attacks, active zombies, and rapid malware. Unlike other forms of network attacks, triple threat attacks are signature-less, have zero-day characteristics, and are distributed in nature. These attacks cannot be effectively solved by traditional security offerings, including Intrusion Prevention Systems (IPS) and Application Firewalls.

netZentry's CleanTraffic(TM) solution uses patented technology to detect, track, and mitigate all forms of triple threat. CleanTraffic is deployed non- intrusively, as a sideline device, without disrupting existing infrastructure or affecting network performance. Within hours of deployment, CleanTraffic automatically learns about all the endpoints of the network, detects, tracks, and mitigates outside-in or inside-out attacks, to or from any of the endpoints. These include many-to-one DDoS attacks, one-to-many malware outbreaks, and active zombie traffic. CleanTraffic features a powerful, unified, real-time user-interface that simplifies defense management by providing rich analytics on a per-endpoint basis. CleanTraffic solutions are deployed using appliances that scale from 1 Gbps of traffic for smaller organizations, to over 10 Gbps of traffic for very large organizations.

"Enterprises and service providers alike are very vulnerable to the triple threat. These attacks, if not stopped, can result in substantial loss of revenue because of either loss of productivity or loss of customers caused by the outages. CleanTraffic is the only complete solution that detects triple threat attacks, and also neutralizes them before they can cause damage," said Vasu Vasudevan, President and CEO of netZentry.

The CleanTraffic solution is versatile and offers value to several market segments. For example, it enables service providers to protect not only their infrastructure but also their customers from outside-in DDoS attacks.

"The intuitive user interface and the attack mitigation capabilities of netZentry's CleanTraffic product make it easy for us to both save money and sleep better at night," said Ethan Burnside, Principal at Kattare Internet Services.

Chris Shaffer of 1-800-HOSTING added, "The CleanTraffic solution also helps detect active zombies within internal networks as has been the case at 1-800-HOSTING. netZentry's CleanTraffic products allow us to maintain a greater level of service availability during attacks by filtering the malicious traffic both to and from our customers' environment, allowing their businesses to continue uninterrupted."

Wednesday, June 14, 2006

The coast is clear: security software lets you know who's on the network

Getting your Wi-Fi equipment set up for security isn't as troublesome as it once was, but it can still be a headache. That's where software like Interlink Networks' LucidLink (www.lucidlink.com) comes in, offering enterprise-strength security for small and midsize businesses.

Ease of use is a must, and LucidLink gets good marks in that area. The only major hardware requirement is a computer wired to your router to run the authentication server part of the package. That computer has to be on whenever you want to use the software, but it doesn't have to be dedicated to the task. A small client program is then installed and configured on each computer you want to connect to your wireless network. The administrator authorizes users and can keep track of who is accessing the network.

LucidLink supports automatic access-point configuration for some devices. For other devices, you might have to manually configure your access point or router following instructions available online. Check the website to see if your hardware is supported. LucidLink is free for three or fewer users. Otherwise, pricing starts at $549 for four to 10 users.

Friday, June 09, 2006

Network security tools

Assuming familiarity with C, Perl, and the use of assessment tools, this guide introduces techniques for modifying open source assessment tools and testing security vulnerabilities in networks and web applications. The authors, who are managers at Ernst & Young's advanced security center, discuss Nessus, Ettercap, Hydra, Nikto, the Metasploit framework, the PMD tool, Linux kernel modules, network sniffers, and packet injectors.

Saturday, June 03, 2006

Hiring Network Security Professionals

The most important qualification for any security professional to have is experience. Five or more years of experience directly related to security is enough to have seen the trends, understand the mind-set of hackers, and see the common uses and mis-uses of networks.

With the high demand for network security professionals, and the drought of experienced candidates, businesses have been willing to settle for less experienced candidates. A number of organizations have assembled training courses and certification exams to help bring novices to a reasonable level of security understanding.

Certifications

There are a number of certifications offered for security professionals. No one standard has been generally accepted throughout the community, and it will be a while before one emerges at the top of the heap. The top contenders are:

* CISSP. This exam is considered to be the most difficult, and most comprehensive security exam.
* Security+. This exam was developed jointly between government, educational and business. It tests many important aspects of the security professional's knowledge.
* TICSA. Offered by TruSecure, a security services vendor, this exam is being heavily promoted. Check for discounts on exam fees.
* SANS GIAC Certification. The Global Incident Analysis Center offers a baker's dozen certifications in the security arena. These certifications are, for the most part, vendor neutral. However, they do offer Unix and Windows specific certifications.

There are a number of vendor-specific exams. These include some for Cisco and Microsoft. In general these exams only show competence in implementing and using vendor-specific hardware and network architectures, and are not broad enough for most business security needs.

Above all, ensure that any security professional you are looking to retain has substantial experience and good references. Look at what they've done for other companies similar to yours, how many years of experience they have and get references.