Oct 17 2007 2:45PM GMT
Posted by: Tony Bradley
Networking,
Cisco,
Ethernet,
Networkingchannel
The network is the lifeblood of the organization. Email, VoIP communications, files, and other data zip back and forth throughout the network infrastructure. Of course, over time equipment gets worn out or becomes obsolete and changes have to be made to the network. If you were dealing with your own lifeblood- replacing your heart or rerouting some damaged arteries- you can bet that you would want to have an extensive plan for how to execute the change, as well as some idea of how to abort the mission or fix things if the operation doesn’t go according to plan. You need to put the same diligence into planning a change to the corporate lifeblood. This article from SearchNetworking addresses the considerations you should take into account before embarking on a change to the network infrastructure, as well as how to test to ensure everything is operational, and how to develop a backout plan should anything go wrong.
Oct 11 2007 4:55PM GMT
Posted by: Tony Bradley
antimalware,
Unified threat management,
UTM,
IP communications,
Networking,
Security,
VoIP
It seems that the world of information technology and information security is pursuing a path to harmony and cooperation. The current buzz word is “unity”. We have unified communications- converging IP networking, email, voicemail, voice communications, and instant messaging to provide an integrated communications framework. Another area of unity is in threat management. Traditionally, organizations have a variety of separate security devices and applications. They may have a firewall appliance at the perimeter, with some sort of IDS or IPS appliance between the firewall and the network. They may have an antimalware appliance, or have some antimalware software installed on email gateway servers. Perhaps, they even have an antispam appliance or application. Continued »
Oct 11 2007 4:09PM GMT
Posted by: Tony Bradley
Security,
SOX Anton Chuvakin,
Fisma,
HIPAA,
PCI DSS,
Compliance
Intrusion detection, despite being declared dead by a Gartner analyst in 2003, remains alive and kicking in 2007…almost 2008. Actually, not only is it still around and being used in various forms by many organizations, it is actually mandated by some security regulations and standards. In this Computerworld article, Dr. Anton Chuvakin takes a look at the state of intrusion detection as it relates to security compliance. Exploring FISMA, HIPAA, and PCI DSS, Chuvakin spells out the intrusion detection requirements of each. Where things get tricky, or sticky, for some organizations is where the standards and regulations meet. Organizations that fall under HIPAA, and SOX, and PCI DSS, etc. have to compare and contrast the requirements to make sure the security they implement meets all requirements simultaneously and that there are no overt conflicts. Check out Intrusion Detection in the Age of Compliance for more information.
Oct 4 2007 12:41PM GMT
Posted by: Tony Bradley
IP,
Networking,
Cisco,
Security,
ACL
One of the main components of networking is the router. Without the “router”, the traffic would not be “routed” to its intended destination (duh!). That also means that the router is in a prime position to act as a gatekeeper to help protect the network. By defining and implementing Access Controls Lists (ACL’s), you can manage what IP addresses are allowed to communicate in or out of the network, and on what ports the communication is allowed. Using ACL’s, you can control Continued »
