Presentation is loading. Please wait.

Presentation is loading. Please wait.

Keeping your network devices secure Despite constituting the lifeline of every corporate IT infrastructure, network devices happen to be the most notoriously.

Published byLaurence Ellis Modified over 7 years ago

Similar presentations

Presentation on theme: "Keeping your network devices secure Despite constituting the lifeline of every corporate IT infrastructure, network devices happen to be the most notoriously."— Presentation transcript:

1 Keeping your network devices secure Despite constituting the lifeline of every corporate IT infrastructure, network devices happen to be the most notoriously insecure, making them favorite targets of both sophisticated hackers and script kiddies. In the thick of mounting pressure from political groups in favor of government surveillance through backdoors in encrypted devices to combat terrorism, the likes of Juniper’s ScreenOS vulnerability have taught us how, to an experienced attacker, it can turn out to be a master-key not just to the organization’s data, but the government’s as well. The most valuable lesson we learned from the past year’s device hacks is that cyber criminals will never ignore an opportunity to exploit a gaping hole in discrepant security policies, mandates and protocols. Turning the tables on evasive device attacks Enterprise network devices shipped and installed with default insecurities and IP address spoofing possibilities unchecked by ISPs can be simultaneously leveraged by a number of extortion groups and individual threat actors. A colleague who correlates threat signatures pointed out an upsetting hike in sophistication of emerging exploit malcodes written for embedded devices. These next-generation Malware writers are challenging virtual machine sandboxes, proprietary operating system artifacts, and obfuscating internal data. “In the wake of waning certainty, an organization’s last line of defense undoubtedly rests on how well an anomalous activity is tracked, observed and interpreted.”

2 Your security monitoring system needs functionality that extends beyond mere alerting of suspicious traffic. A combination of active network scanning and passive monitoring will give you through information about the origin of malicious packets, intent and what gaps to fill. The result is an up-to-the-minute inventory of assets, addressing, traffic and header analysis in addition to system information of entities on your network. For instance, a threat actor might advertise a forged Autonomous Systems Number and trick an ISP gateway into redirecting to him, all traffic destined for the victimized route. The best way to deal with this at your perimeter is to monitor the routes of incoming packets and look for anomaly. Do the packets appear to be coming from Autonomous Systems Numbers that your ISP does not accept routes from? What are they targeting and what could be their motives? Such questions are inescapable and can only be answered with help from a threat data platform that documents known bad actors. Dig deep for vulnerabilities – Embedded systems configured for remote administration must be protected from emerging malware families that employ custom-built rootkits in password-guessing brute force attacks, especially those that can self-update once inside your network. Deep-level scanning of file integrity, registry settings and rootkits can help you detect it when abnormal infiltration attempts are underway. – Fix baselines for acceptable network activities and assess suspicious behavior with reference to asset databases and your inventory of active software and services. Tools that analyze network breach malware are limited to predefined detection signatures. Intrusion detection systems on the other hand, are designed to keep the entire attack lifecycle in perspective. – Most importantly, align network security policy management with your enterprise threat information. An organization that is well-aware of its security posture is one that uses a well-documented evaluation process to manage policies, appraise effectiveness and identify where to make amends. Keeping your network devices secure

3 – Integrating your firewalls configuration rule sets, secure shell server authentication policies and cryptographic key management tools with your incident response workflow can facilitate automated analysis of device-level policy compliance. Make sure that policy changes for all elements of perimeter defense are run through a streamlined risk assessment process to avoid risky changes. At Aleph Tav Technologies, we don’t just share insights. We show you how it’s done – for free.Aleph Tav Technologies Visit alephtavtech.com to know more about the 15-day no-obligations trial period for our 24×7 Managed Security Operations Suite. Keeping your network devices secure

Download ppt "Keeping your network devices secure Despite constituting the lifeline of every corporate IT infrastructure, network devices happen to be the most notoriously."

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.

Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
Intrusion Detection Systems By: William Pinkerton and Sean Burnside.

Intrusion Detection Systems By: William Pinkerton and Sean Burnside.
1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.

1www.skyboxsecurity.com Skybox Cyber Security Best Practices Three steps to reduce the risk of Advanced Persistent Threats With continuing news coverage.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.

The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Chapter 12 Network Security.

Chapter 12 Network Security.
Intrusion Detection Systems and Practices

Intrusion Detection Systems and Practices
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.

Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
John Felber.  Sources  What is an Intrusion Detection System  Types of Intrusion Detection Systems  How an IDS Works  Detection Methods  Issues.

John Felber.  Sources  What is an Intrusion Detection System  Types of Intrusion Detection Systems  How an IDS Works  Detection Methods  Issues.
Department Of Computer Engineering

Department Of Computer Engineering

Similar presentations

Ads by Google