 |
 |
|
Cisco Intrusion Prevention System - Call PBM IT at (888) 233-6471A Cisco Secure Network Foundation uses many tools to keep customer information from unauthorized users inside or outside the business. Virtual private networks (VPNs) allow small offices and traveling workers to communicate with each other and their head office in complete privacy, even when using the public Internet for transport. The highest user authentication standards ensure only valid users can access the VPN network. Strong encryption technologies make the data unintelligible to anyone attempting to intercept VPN communications across a public network. Firewall and IPS at every network entry point helps stop worms, spyware, or hacker attempts from penetrating the business network to steal information. Firewalls are also useful in preventing internal users from accessing sensitive information. For example, internal firewall policies can prevent unauthorized employees from accessing finance, human resources, or accounting computers, or from viewing their traffic. Virtual LANs (VLANs) allow businesses to further segment internal communications within their organization. Sensitive financial or customer information can be placed on its own VLAN, logically separate from employee LANs. The Cisco Secure Network Foundation helps businesses meet legal requirements for the security and privacy of customer information by protecting the network from security breaches or unauthorized intruders from inside or outside the network. Cisco IronPort Web Security Appliances (1) Integrate industry-leading web-usage controls, reputation filtering, malware filtering, and data security, (2) Take advantage of Cisco Security Intelligence Operations (SIO) and global threat correlation technology to help optimize threat detection and mitigation, (3) Combine multiple layers of web security technology to combat complex and sophisticated web-based threats, and (4) Support built-in management capabilities to simplify administration and provide visibility into threat-related activity. Cisco AnyConnect Secure Mobility Solution (1) Provides an intelligent, smooth, and reliable connectivity experience, (2) Is ideal for companies that want to give users a choice of how, when, where, and on what device they access their information, (3) Cisco AnyConnect Version 2.5, with ASA 5500 Series Adaptive Security Appliances at the headend, provides remote-access connectivity policy enforcement that is context-aware, comprehensive, and preemptive, and (4) Cisco IronPort S-Series Web Security Appliances apply context-aware policy, including enforcing acceptable use and protection from malware for all users. Threats to network security include: (1) Viruses : Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event, (2) Trojan horse programs : Delivery vehicles for destructive code, which appear to be harmless or useful software programs such as games, (3) Vandals : Software applications or applets that cause destruction, (4) Attacks : Including reconnaissance attacks (information-gathering activities to collect data that is later used to compromise networks); access attacks (which exploit network vulnerabilities in order to gain entry to e-mail, databases, or the corporate network); and denial-of-service attacks (which prevent access to part or all of a computer system), (5) Data interception : Involves eavesdropping on communications or altering data packets being transmitted, and (6) Social engineering : Obtaining confidential network security information through nontechnical means, such as posing as a technical support person and asking for people's passwords. An active attack is one in which an unauthorized change of the system is attempted. This could include, for example, the modification of transmitted or stored data, or the creation of new data streams. Sub-categories are (1) masquerade or fabrication, (2) message replay, (3) message modification and (4) denial of service or interruption of availability. Attacks on enterprise and service provider networks are increasing at an unprecedented rate. According to security experts, attacks are no longer measured by the number of events per week, but by the number of events that occur simultaneously. To protect your customers as well as your business investments, your organization must be able to maintain network security, and to react quickly if attacked. Juniper Networks Security Assessment and Risk Mitigation service can help you reduce network vulnerabilities, prevent attacks, and mitigate the disruptions they cause. Vulnerability involves bugs or mis-configurations or special sets of circumstances that could result in an exploitation of that vulnerability. A vulnerability could be exploited directly by an attacker, or indirectly through automated attacks such as Distributed Denial of Service (DDOS) attacks or by computer viruses. One form of attack on computing systems connected to the Internet is eavesdropping on network connections to obtain login ids and passwords of legitimate users [RFC 1704]. Bellcore's S/KEY(TM) one-time password system was designed to counter this type of attack, called a replay attack [RFC 1760]. Several one-time password implementations compatible with Bellcore's S/KEY (TM) system exist. These implementations are increasingly widely deployed in the Internet to protect against passive attacks. Deploy Comprehensive Network Security: Cisco adaptive security appliances integrate industry-leading firewalls, unified communications security , VPN technology, intrusion prevention, and content security in a unified platform to (1) Stop attacks before they penetrate the network perimeter, (2) Protect resources and data, as well as voice, video, and multimedia traffic, (3) Control network and application activity, and (4) Reduce deployment and operational costs. Network administrators can run the grep command against configuration files pulled from routers and firewalls and stored in local directory of their workstation (UNIX or Windows), or use grep statement build into Cisco IOS or ASA. For example, suppose the auditor wants to check the configuration for all telnet statements. The network administrator can run show running-config grep telnet and look through each entry (or without grep, just using include sh run i telnet), filter out addresses and send output to auditor. |
