Network security
Enterprise cyberdefense strategies must include network security best practices. Get advice on essential network security topics such as remote access, VPNs, zero-trust security, NDR, endpoint management, IoT security, hybrid security, Secure Access Service Edge, mobile security and more.
Top Stories
-
News
22 Nov 2024
Volexity details Russia's novel 'Nearest Neighbor Attack'
The security company warned that the new attack style highlights the importance of securing Wi-Fi networks, implementing MFA and patching known vulnerabilities. Continue Reading
-
Tutorial
21 Nov 2024
How to test firewall rules with Nmap
Using Nmap to identify potential shortfalls in the rules used to govern firewall performance gives teams an easy and cost-effective way to plug holes in their security frameworks. Continue Reading
-
Tip
19 Feb 2015
What the Community Health Systems breach can teach your organization
The Community Health Systems breach in 2014 provided a learning opportunity for organizations handling PHI. Expert Mike Chapple reviews the key takeaways from the breach. Continue Reading
-
Tip
06 Feb 2015
SSL/TLS security: Addressing WinShock, the Schannel vulnerability
Schannel is the latest cryptographic library to encounter SSL/TLS security issues. Expert Michael Cobb discusses the WinShock vulnerability and how to mitigate enterprise risks. Continue Reading
-
Tip
16 Jan 2015
The POODLE vulnerability and its effect on SSL/TLS security
The POODLE vulnerability was patched in October, yet new vulnerabilities are causing concern. Expert Michael Cobb discusses how to maintain SSL/TLS security in the enterprise. Continue Reading
-
Tip
09 Jan 2015
What is endpoint security? What benefits does it offer?
The increased number of smartphones, laptops and other endpoints in the enterprise is a major security concern. Learn what endpoint security is and how it can help combat your enterprise security woes. Continue Reading
-
Tip
07 Jan 2015
Detecting backdoors: The Apple backdoor that never was?
The debate over the purported Apple backdoor leaves enterprises asking, "When is a backdoor not a backdoor?" Application security expert Michael Cobb explains the difference. Continue Reading
-
Tip
02 Dec 2014
Understanding security flaws in IPv6 addressing schemes
Expert Fernando Gont explains why underlying characteristics of IPv6 address-generation schemes may enable nodes to be targeted in IPv6 address-scanning attacks. Continue Reading
-
Answer
17 Oct 2014
SHA-2 algorithm: The how and why of the transition
Is it time to make the move to the SHA-2 algorithm? Application security expert Michael Cobb discusses and offers tips to ease the transition. Continue Reading
-
Tip
05 Sep 2014
Evaluating next-gen firewall vendors: Top 11 must-ask questions
Evaluating potential firewall vendors and choosing the one that best aligns with your enterprise's needs can be a tricky task. This tip offers 11 questions any organization should ask vendors prior to making a firewall purchase. Continue Reading
-
Quiz
29 Aug 2014
Security School: Distributed denial-of-service attack defense
Check you're up to speed and ready to protect your organization from the threat of denial of service attacks. Continue Reading
-
Feature
06 Jun 2014
Product review: Juniper Networks SRX Series UTM appliances
The market-leading Juniper Networks SRX Series of UTM boxes are feature-rich products that may cause implementation headaches. Continue Reading
-
Feature
01 Apr 2014
How Cisco's 'Application Centric Infrastructure' differs from SDN
As Cisco rolls out a hardware-based alternative to software-defined networking approaches, what does it all mean for security? Continue Reading
-
Answer
21 Nov 2013
Use John the Ripper to test network devices against brute forcing
Enterprise IT security organizations should test network devices using John the Ripper to ensure they are not susceptible to brute-force attacks. Continue Reading
-
News
20 Sep 2013
HP introduces 'self-healing' BIOS protection with SureStart
HP's new SureStart feature detects and 'heals' corrupted BIOS code. Continue Reading
-
Quiz
20 Jun 2013
Next-generation firewalls: Quiz on must-have NGFW features
Test your knowledge of Joel Snyder's course on evaluating, deploying and managing next-generation firewalls in this five-question quiz. Continue Reading
-
Tip
23 Apr 2013
How to configure a VLAN to achieve the benefits of VLAN security
Expert Brad Casey explains how to configure a VLAN in order to achieve the benefits of VLAN security, including protection against insider attacks. Continue Reading
-
Feature
25 Feb 2013
Outsourcing security services in the enterprise: Where to begin
Outsourcing security services doesn’t have to mean moving to the cloud. Enterprises have many options for outsourcing security services, including managed and hosted services. Continue Reading
-
Quiz
22 Feb 2013
Quiz: Managing BYOD endpoint security
In this six question quiz, test your knowledge of our Security School lesson on managing BYOD endpoint security. Continue Reading
-
Tip
10 Jan 2013
BYOD security: How to remotely wipe iPhone and Android devices
Remote data wipe is key to any BYOD security policy, but each OS handles it differently. Lisa Phifer covers how to use it with other controls to protect data. Continue Reading
-
Tip
07 May 2012
Examining Kindle Fire security, Silk browser security in the enterprise
Do Kindle Fire security issues, combined with weak Silk browser security, make the red-hot consumer device too risky for enterprises? Michael Cobb explains. Continue Reading
-
Answer
20 Mar 2012
Is it possible to prevent DDoS attacks?
A distributed denial-of-service (DDoS) attack can consume all your network bandwidth. Learn how to prevent a DDoS attack in this expert response. Continue Reading
-
Answer
30 Aug 2011
How MAC and HMAC use hash function encryption for authentication
Hash function encryption is the key for MAC and HMAC message authentication. See how this differs from other message authentication tools from expert Michael Cobb. Continue Reading
-
Answer
24 Aug 2011
IEEE 802.11: Handling the standard's wireless network vulnerabilities
IEEE 802.11 has several known vulnerabilities, so what's the best way for enterprises to handle them? Expert Anand Sastry explains. Continue Reading
-
Definition
03 Nov 2010
wildcard certificate
A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains. Continue Reading
-
Answer
02 Jun 2010
Secure DMZ Web server setup advice
Network security expert Anand Sastry describes how to ensure a secure DMZ Web server setup involving network attached storage (NAS). Continue Reading
-
Feature
24 Jul 2009
How to prevent wireless DoS attacks
Despite recent 802.11 security advances, WLANs remain very vulnerable to Denial of Service attacks. While you may not be able to prevent DoS attacks, a WIDS can help you detect when DoS attacks occur and where they come from, so that you can track the intruder down and bring him to justice -- or at least scare him away. This tip offers practical advice on how to recognize and respond to DoS attacks launched against your WLAN. Continue Reading
-
Feature
26 Jun 2009
How to compartmentalize WiFi traffic with a VLAN
Virtual LANs have long been used within enterprise networks to create logical workgroups, independent of physical location or LAN topology. This tip describes how to use these same VLAN capabilities, found in both wired and wireless devices, to tag and compartmentalize Wi-Fi traffic, supporting your company's security and traffic management policies. Continue Reading
-
Answer
22 Jun 2009
Should enterprises be running multiple firewalls?
While there may be scenarios where a single firewall is an appropriate architecture for an organization, it's equally true that many environments may benefit from the use of more than one network device Continue Reading
-
Answer
26 May 2009
Comparing an application proxy firewall and a gateway server firewall
There are many types of firewalls in use in today's enterprises, so it's easy to get confused about the functions of each. In this expert response, learn the difference between a proxy server firewall and a gateway server firewall. Continue Reading
-
Tip
01 May 2009
Five steps to eliminate rogue wireless access
Unauthorized wireless access points aren't always malicious. Learn how to distinguish between them and mitigate threats posed by rogue APs. Continue Reading
-
Tip
27 Jan 2009
How to perform a network device audit
From unauthorized applications to rogue devices like data-slurping USB sticks, enterprise networks face a growing number of security risks. For financial-services firms, the data loss or network intrusions that can result from unauthorized network devices can be devastating. Network device audits are critical to ensure devices such as routers and firewalls are configured properly. In this tip, Judith Myerson explains how to prepare and initiate a network device audit Continue Reading
-
Answer
11 Dec 2008
What OSI Layer 4 protocol does FTP use to guarantee data delivery?
What OSI Layer 4 protocol does FTP use to guarantee data delivery? Continue Reading
-
Answer
04 Dec 2008
What firewall features will best protect a LAN from Internet hack attacks and malware?
In the case of a small network, the necessary firewall doesn't need to be anything complicated. Network security expert Mike Chapple reviews the key features of the network device. Continue Reading
-
Tip
21 Oct 2008
Recovering stolen laptops one step at a time
When a student's laptop was stolen last year on a university campus, police and IT investigators went to work, recovering it within a matter of weeks. Neil Spellman, one of the investigators on the case, offers some best practices on what to do if a laptop is taken, and how to prevent theft in the first place. Continue Reading
-
Answer
16 Apr 2008
Should iPhone email be sent without SSL encryption?
SSL encrypts all of the communication between your iPhone and your mail server. Network security expert Mike Chapple explains how important that feature really is. Continue Reading
-
Answer
04 Apr 2008
Should a domain controller be placed within the DMZ?
When creating an Active Directory network, is it necessary to place domain controllers in the DMZ? Network security expert Mike Chapple explains. Continue Reading
-
Answer
13 Mar 2008
How to secure an FTP connection
Network security expert Mike Chapple offers three tips that enable an FTP connection without opening up an enterprise to security risks. Continue Reading
-
Answer
18 Feb 2008
What are the dangers of using radio frequency identification (RFID) tags?
In this expert response, Joel Dubin discusses the dangers associated with radio frequency identification (RFID) tags, and how users can protect themselves. Continue Reading
-
Tip
17 Jan 2008
Firewall redundancy: Deployment scenarios and benefits
There are, however, several good reasons to deploy multiple firewalls in your organization. Let's take a look at a few scenarios. Continue Reading
-
Answer
04 Jan 2008
Does Teredo present security risks to the enterprise?
Teredo allows internal networks to transition to IPv6, interconnecting them through their NAT devices and across the IPv4 Internet. Ed Skoudis explains why this function isn't as innocent as it seems. Continue Reading
-
Answer
27 Nov 2007
Will FTP ever be a secure way to transfer files?
A SearchSecurity.com member asks our network security expert Mike Chapple: Is the File Transfer Protocol a secure way to transfer files? As one of his many monthly responses to readers, Chapple reveals a better alternative to FTP. Continue Reading
-
Answer
21 Aug 2007
Should a router be placed between the firewall and DMZ?
Modern firewalls have the ability to serve as a router, negating the need of another device on a network. There are exceptions to this router rule, however. Network security expert Mike Chapple explains. Continue Reading
-
Answer
31 Jul 2007
How does SSL 'sit' between the network layer and application layer?
SSL is neither a network layer protocol nor an application layer protocol. In this SearchSecurity.com Q&A, Michael Cobb explains how SSL "sits" between both layers. Continue Reading
-
Answer
22 Apr 2007
How do a DMZ and VPN work together?
In this SearchSecurity.com Q&A, network security expert Mike Chapple explains the three distinct network zones in a typical firewall scenario and reveals how the DMZ and VPN, in particular, co-exist. Continue Reading
-
Answer
27 Mar 2007
What's the harm in removing the RFID chip in credit cards?
If you're concerned that a credit card's RFID chip is putting your personal data at risk, why not just drill the darn thing out? Not so fast, says Joel Dubin. In this SearchSecurity.com Q&A, the identity management and access control expert explains some other options. Continue Reading
-
Answer
19 Feb 2007
Can a TCP connection be made without an open port?
A company may claim it has an "application" that allows computers to communicate without opening any ports, but network security expert Mike Chapple reveals whether you should believe the hype or not. Read more in this SearchSecurity.com Q&A. Continue Reading
-
Answer
12 Feb 2007
How should security and networking groups manage the firewall?
When it comes to firewalls, the networking group often handles the installation, while the information security department writes the rules. Should these responsibilities be split? In this expert Q&A, security management pro Shon Harris reveals how each group should contribute to the firewall management process. Continue Reading
- Quiz 17 Nov 2005
- Answer 06 Feb 2003