Essay about Network Security Monitoring Tools - 873 Words

There are numerous network security devices and tools available to aid in computer network defense, and these tools are often relied upon for protecting against increasingly sophisticated, stealthy, and damaging attacks. When acting alone, the current generation of security devices has an exceedingly difficult time providing an effective defense against such threats, and the situation is particularly grim for targeted or novel attacks. It has been demonstrated that a number of interoperable systems must be implemented to fully protect a network; a strategy known as Defense in Depth. Due to the multitude of security devices and device categories available, it can be very difficult to identify the correct tools for meeting security†¦show more content†¦Other than this, they essentially work via the same mechanism and share similar goals. There four general types of IDPS: Network-Based, Host-Based, Wireless, and Network Behavior Analysis (NBA) [NIST]. In practice, most products are either Network-Based (NIDPS) or Host-Based (HIDPS). HIDPS observes only a single host (in many cases a vital device such as a database server), which gives them the benefits of seeing unencrypted traffic and having direct input to the machine they are on. Wireless systems have many unique vulnerabilities and Wireless IDPS will not be discussed in this report. 2.2 NIDPS Goals Some vendors have begun to merge the Network-Based and Network Behavior Analysis types together, and the resulting device will be the first focus of this report. These NIDPS types will monitor protocol activity on the interface or network segment on which they are connected and will analyze it for signs of possible incidents. Incidents are defined as the exploiting of a vulnerability to attack the confidentiality, integrity or availability of an information system [Pfleeger]. Specifically, NBA is designed to detect abnormal traffic flows from DoS attacks, reconnaissance of the network, data ex-filtration (IDPS is also one of the few defenses against the troublesome insider threat), and other attacks that traverse the internal network;Show MoreRelatedNetwork Monitoring And Packet Analysis. A Network Monitoring1482 Words   |  6 PagesNetwork Monitoring and Packet Analysis A network monitoring software is one that continually checks developments within the network, completes examinations, and signals IT personnel whenever a fault occurs or unwarranted standards are exceeded (MSDN Microsoft Technet). Network monitoring is very important and is typically suggested in order to keep a record of the readiness, operation, and bandwidth standard in an IT network. Network monitoring allows the administrator to intervene quickly, evenRead MoreMonitor The Network Of Home And Office Essay1266 Words   |  6 PagesObjective The objective of this project is to monitor the network of home and office and also to measure and provide network monitoring speed, power up and power down features for specific device. This also helps in monitoring the selected network devices along with speed uptime. In addition, this project also scans and provides the actual number of active computers in a network. Following are the project objectives 1. To publish network monitoring speed when a certain threshold is reached. 2. To knowRead MoreWhat Is Security Monitoring?729 Words   |  3 PagesSecurity monitoring of any IT infrastructure is one of the main aims of security professionals; to help avert any imminent security threats that might halt a company’s normal operation. The monitoring tools implemented should serve all or some of the IT security strategies such as risk acceptance, risk avoidance, risk sharing, and ultimately risk control. A typical Information Technology (IT) infrastructure has the seven domains that need to be adequately monitored from any risk using the followingRead MoreElements Of Network Security Essay1618 Words   |  7 PagesElements of Network Security Introduction The primary objective of a network security system is to, in a cost effective manner, balance convenient access to legitimate users and inaccessibility to attackers. In a nutshell, the goal is to prevent connectivity to anyone intending to cause harm to the network. The harm to which this paper refers can come in the following forms: 1. Application-level security threats, such as e-mail viruses and attachments. 2. Threats to network infrastructureRead MorePrevention / Containment Measures For Cyber Threats1406 Words   |  6 PagesExternal Networks †¢ Implement Network Segmentation and Apply Firewalls †¢ Use Secure Remote Access Methods †¢ Establish Role-Based Access Controls and Implement System Logging †¢ Use Only Strong Passwords, Change Default Passwords, and Consider Other Access Controls †¢ Maintain Awareness of Vulnerabilities and Implement Necessary Patches and Updates †¢ Develop and Enforce Policies on Mobile Devices †¢ Implement an Employee Cyber security Training Program †¢ Involve Executives in Cyber security †¢ ImplementRead MoreThe Impact Of Information Technology On An Institutions Security Program1713 Words   |  7 Pagesthe Payment Card Industry Data Security Standard, the banking sector needs to comply with the Gramm–Leach–Bliley Act, and educational institutions receiving funding from the government have the Family Educational Rights and Privacy Act. Even though these acts are as comprehensive as possible in terms of covering security features organizations need to implement, there always exist circumstances wherein certain entities exploit vulnerabilities in an institution’s security program, thereby compromisingRead MoreThe Impact Of Information Technology On An Institution s Security Program875 Words   |  4 Pagesthe Payment Card Industry Data Security Standard, the banking sector needs to comply with the Gramm–Leach–Bliley Act, and educational institutions receiving funding from the government have the Family Educational Rights and P rivacy Act. Even though these acts are as comprehensive as possible in terms of covering security features organizations need to implement, there always exist circumstances wherein certain entities exploit vulnerabilities in an institution’s security program, thereby compromisingRead MoreThe National Institute Of Standards And Technology1747 Words   |  7 PagesMonitoring The National Institute of Standards and Technology (NIST) defines Information Security Continuous Monitoring as â€Å"maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions† (Dempsey, et al., 2011). NIST advocates for continuous monitoring of information security systems, by the process of defining the program, establishing it, implementing the program, analyzing and reporting findings, responding to the findingsRead MoreElements of Network Security1681 Words   |  7 PagesElements of Network Security Louis Kibby Network / Datacom I TCM 537 Mr. Stuart Sandler November 28, 2005 Elements of Network Security Introduction The primary objective of a network security system is to, in a cost effective manner, balance convenient access to legitimate users and inaccessibility to attackers. In a nutshell, the goal is to prevent connectivity to anyone intending to cause harm to the network. The harm to which this paper refers can come in the following forms: 1. Application-levelRead MoreFailures in Design and Security Principles1347 Words   |  6 Pagescompanys employees. Hackers who do intentionally tamper with the companys network often do so because they are tempted by assets they know are poorly protected. Weak security policies present the image that a company does not truly value its assets, which in turn attracts the petty thief and curiosity seeker. Therefore, the preventive element of any network security system should include a strong and enforceable security policy for its employees to follow, re-enforced by a form of technical protection