One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 2014658 |
| Date de publication | 2020-11-04 06:01:00 (vue: 2020-11-04 06:05:52) |
| Titre | What is network security? Network security technologies explained |
| Texte | This blog was written by a third party author. The modern-day organization is under constant pressure to remain operational and profitable. Both of these pressures are put to the test by cybercriminals daily, who attempt to infiltrate, compromise, navigate, and ultimately act in a threatening manner that can have negative repercussions to productivity, ability to transact, customer privacy, brand reputation and bottom-line revenue. So, it’s necessary that organizations look to have proper network security in place to address the looming threat of cyberattacks in an effort to maintain and protect the access to and confidentiality of, your organization’s network and data. What is network security? Network security is a combination of people, process, policy, and technology used in in a layered approach to create a network environment that allows for organizational productivity while simultaneously minimizing the ability for misuse by both external and internal threat actors. How is network security implemented? The people, process, and policy previously mentioned are a key part of the implementation of network security. They work together to take the security goals and create various types of security controls that are used to help establish how network security technologies will be implemented. The three most common types of network security controls are: Physical controls – These controls are used to prevent someone from physically gaining access to any of your organization’s network components. Your data center or server room likely has a keycard system to limit access. That’s a great example of a physical control. Security guards, video surveillance, picture IDs, and biometrics are other types of physical controls. Data and access controls – These controls are the process and policy that define how employees can and should act when working with sensitive data, applications, and systems. Password requirements, mobile device usage, and incident response are just a few examples of administrative controls. Technical controls – Acting as a safeguard or countermeasure when interacting with critical parts of your network environment, these controls are typically implemented via network security technologies. The remainder of this article will focus on these technologies. Primary network security technologies A successful layered approach to network security requires a number of technologies be put in place that each attempt to address the problem of malicious attacks from a different perspective. Some of the more common network security technologies include: Secure remote access – Access is the one thing every cybercriminal must have to successfully attack your organization. Access controls limit which users and devices are able to access specific internal or cloud-based resources. Modern implementations of access controls include zero trust network access (which facilitates access to internal and cloud-based resources without logically placing the user or their device on the corporate network), and secure remote access (a mix of technologies that can address endpoint security, authentication, secure remote connections, and elevation of privileges). Firewall – Firewalls sit at the logical perimeter of your organization’s network acting as a network security guard, inspecting inbound and outbound traffic and determining whether to allow or deny it in real-time. Virtual Private Network (VPN) – VPNs encrypt |
| Envoyé | Oui |
| Condensat | “never ability able above accepted access access act acting activities activity actors address administrative advantage against allow allowing allows also always and secure any anytime anywhere application applications approach architecture are are: around article assisting att&ck attack attacks attempt authentication author based begin between biometrics block blocking blog both bottom brand broker build building can casb center changing cis cloud coined combination common components comprised compromise confidentiality connection connections considered constant consuming continually continue control controls corporate countermeasure create critical customer cyberattacks cybercriminal cybercriminals cybersecurity cyberthreats daily data day ddos defense define defining denial deny designed determining developed device devices different direction distributed each effort elevation employees encompass encrypt endpoint enough environment environments equally establish etc ever every example examples explained external face facilitates facing firewall firewalls flow focus focused folks forrester found framework frameworks from functions gaining goals government’s great grown guard guards guidance hardware has have help here home how idea identify ids implement implementation implementations implemented inbound incident include include: infiltrate initially inspecting institute intelligence intended interact interacting internal internet intrusion ips it’s its’ just key keycard layered legitimate leverages likely limit line listed logical logically look looming maintain malicious manner many mentioned minimizing misuse mitigation mitre mix mobile modern more most must national nature navigate necessary need needed needs negative network nist number offers one online operational organization organization’s organizational organizations other out outbound outcomes overarching overwhelm own part parts party password people perimeter perspective physical physically picture place placing policy potentially pressure pressures prevent prevention prevention/mitigation previously primary principle principles privacy private privileges problem process productivity profitable proper protect protocol provide provides purchase put real recently references referencing remain remainder remediate remote repercussions reputation requests requirements requires researcher resources response result revenue room rules run safeguard saturating scans secure secured securing security seek sensitive server servers service services should shouldn’t simple simply simultaneously sit some someone specific standards stop strategies strategy successful successfully such support surveillance system systems take technical technologies technology test that’s them; these thing third those threat threatening threats three time together traffic transact true trust types typically ultimately under unlike usage use used user users uses using various verify” video virtual vpn vpns vulnerabilities we’re web websites well what when whether which who why will without work working worthy written your zero |
| Tags | Threat |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.