LATEST ARTICLES

VPN Security

This article will discuss what is a VPN? Why it’s necessary? What are some good features to have in a VPN? How do you further lockdown your VPN? What is a VPN? A VPN is a virtual private network whereby you can tunnel or create a virtual private communications channel tunneled over the Internet. It is a way to secure...

Geo Blocking and its benefits

Let’s say your company only does business in Florida or the US-then you may be an ideal candidate for GEO locking at the Firewall Level. How does this work? You would configure the firewall to block or create an DENY DENY Rule/ACL for all non us countries. You may have to go in occasionally and create an exception for a...

What if they do get in? How can we stop the bleeding? Network Segmentation

Network segmentation is highly useful as part of an effective and aggressive defense in depth strategy to protect your network. It’s based on the idea of military strategy and warfare-in the worst case scenario that you have a breach the attackers have very little if any access and you can quickly shut them down. Think of Russia during world war...

Change Management for the Network Security Team

All mature networks need a regular change management strategy invoked by a CAB-Change Advisor Board. The Network Security Team is no different. Any scheduled or even emergency changes, should be documented and approved by the CAB. In the case of emergency changes or upgrades, the correct procedures need to be followed and all stakeholders advised on a predetermined or reasonable...

Patching and updating of Network Devices

Most mature security programs monitor the monthly patching of all client hosts and servers. Every single month all machines weather client or server weather windows or Linux should be fully patched at the OS level. Additionally applications such as Office, Adobe Flash, Adobe Reader, and Java should be patched monthly as well as they represent well known harbingers of...

Host Level IDS/IPS Devices

Host Level IDS-Intrusion Detection Systems or IPS Intrusion Detection and Prevention Systems are a very powerful way to protect your network. An IDS and IPS looks at network traffic and irregularities. They can be signature based meaning they can identify known attack signatures already in the wild or heuristic/behavioral based. The behavioral based devices provide a great many false positives...

Network Level IDS/IPS Devices

Network level and Host Level IDS-Intrusion Detection Systems or IPS Intrusion Detection and Prevention Systems are a very powerful way to protect your network. Many Level 7/Next generation/Application Level Firewalls such as Palo Alto, Fortinet, Checkpoint can provide deep packets inspection, analyses session level traffic, filter on applications and work as an IPS/IDS as well. An IDS and IPS looks...

Types of Firewalls

There are 3 main types of firewalls used on corporate networks. These are: Packet Filtering Firewalls, Application level Firewalls, Stateful Multilayer Inspection Firewalls. There also exists Circuit Level Firewalls but these are not commonly used, they work at the session layer. Each of these types of firewalls has certain advantages and disadvantage, which one you need depends on your...

Why Is Perimeter Security so important?

This short article will focus on Network and Perimeter Security and the reason it’s so important. First, it’s important to emphasize that will Network Perimeter security is important defense in depth in necessary to truly secure a network. You don’t want to put all your eggs in one basket. If you think that by having a good firewall you...

How Parents can monitor and Protect their children’s online activities

There’s an old English saying that an ounce of prevention is worth more than a pound of cure. Risk avoidance or prevention, protecting your children from harm is far better than finding out something happened and the painful consequences of having to deal with the trauma afterword. Monitoring your sons’ and daughter’s online activities can prevent most of the harm...