IT Security

pts.
Tags:
Access
Access control
Application security
backdoors
Biometrics
Browsers
Certifications
Compliance
configuration
CRM
Current threats
Database
Desktops
Digital certificates
Disaster Recovery
E-business
Encryption
filtering
Firewalls
Forensics
Hacking
human factors
Identity & Access Management
Incident response
Instant Messaging
Intrusion management
Management
Microsoft Exchange
Microsoft Office
Microsoft Windows
Network security
Networking
OS
patching
PEN testing
Platform Security
Policies
provisioning
Risk management
Secure Coding
Security
Security Program Management
Security tokens
Servers
Single sign-on
Spyware
SQL Server
SSL/TLS
Trojans
Viruses
VPN
vulnerability management
Web security
Wireless
worms
Hi all, Thanks to all those who answered to my question"FTP sites" Can anyone of you let me know about the available products that we can use for our organisations IT security..Also let me know what products are available to find out vulnerabilities in a network. Appreciate your response. Thanks Tarang

Answer Wiki

Thanks. We'll let you know when a new response is added.

Your question is too general for specific answers. Are we referring to physical security, network security.

How secure do you want your network to be? Keeping in mind that more security means less accessiblity and ease of use..

The weakest link in any computer/network is the user.. do you for instance, only allow a user to logon from a machine with a specific MAC address during a specific time period.. and only has access to a restricted range of programs installed locally.. ensuring that no removable storage is available and USB/Firewire is disabled in the hardware to prevent someone from simply walking in to a screensaver passworded system and inserting a USB thumbdrive and disabling the screensaver?

How physically secure is your site.. do you allow wireless at all on your site and do you monitor for rogue access points being installed on the network??

Do you keep all machines patched with the latest security updates to prevent 0 day exploits? There is a multitude of software that accomplishes this task.

So many questions, so little answers..

Discuss This Question: 6  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Perk32725
    Basically, you need to have firewalls on your network, and you need to set up firewalls on the individual machines. Firewalls stop unauthorized connections to the machines on your network. You also need to have antivirus software, along with anti-spyware software, to keep your machines clean. A good backup system is also needed in case of data loss. Finally, your company and employees need to follow a set of "best practices" rules. A good consultant can get you pointed in the right direction for all these things, along with recommendations for products and services.
    0 pointsBadges:
    report
  • PaulieEddie
    There are a variety of tools to check for all sorts of vulnerabities. HFNETCHK (http://www.hfnetchk.com/default.html) This one checks primarily windows systems for vulnerabilities, security patch levels, etc. Works pretty well. GFI Network Security Scanner (http://www.gfi.com/) Is another tool for checking systems. It does a bit more in that it will check on Linux systems and network nodes. There are a host of other port scanners and such that will review systems or entire subnets for vulnerabilities. You can also find product specific tools, like Microsoft's IIS Lockdown tool that will secure web services. It really depends on what you are looking for. If you are really looking at getting security going at you site you will need to become more familiar with it or hire a consultant to do a formal audit (especially if you are looking at any type of gonvernment compliance or standards compliance for business). Security often involves physical security, employee procedures, and employee education. Here are a couple of decent books on the subject: http://www.amazon.com/exec/obidos/tg/detail/-/059600611X/qid=1124985804/sr=8-6/ref=pd_bbs_6/102-3654224-0637718?v=glance&s=books&n=507846 http://www.amazon.com/exec/obidos/tg/detail/-/0072229578/qid=1124985804/sr=8-4/ref=pd_bbs_4/102-3654224-0637718?v=glance&s=books&n=507846 Paul
    0 pointsBadges:
    report
  • Sonyfreek
    I'd run the open source program Nessus (www.nessus.org) to look for any vulnerable programs/services on the network. Nessus runs on a linux platform but has a Windows Front end, for those that swing that way. Make sure you download all plugins before running it and keep them updaed. Make certain that you get authorization to run a vulnerability scan/network penetration test prior to doing any work, otherwise you are risking your employment. Get the CEO or upper level management to essentially waive your liability for conducting the test in case you crash something or cause a loss of revenue or worse. It's best to work with a team for different perspectives, but you can do it yourself. They might already know an avenue to exploit/test that you didn't think of before (a forgotten dial-up modem pool or Joe over there with his personnal WAP connected to your network!). You can run it in a safe mode that doesn't try to crash services or allow those to run. It's best to run it in safe mode first, investigate and fix anything that you find and then schedule a comprehensive test that may crash services on the network. Test outside first to ensure that your boundries are safe, then take it to your DMZ and inside networks later on. No matter what, make sure you test inside as well as outside because you are more vulnerable inside than you should be from the Internet. For a more extensive test, schedule a penetration test by either outside vendors or see if you get volunteers inside if you don't have the budget for an independant review. Also make sure the independent review is by a reputable company whom isn't going to leave some important information out of the report and later exploit to get inside. Nessus is pretty good and the price is great. There are others, but it's like paying for something that someone else is giving out for free. Nessus beats some of the commercial products, so there really is no need to look further unless you have deep pockets or want a support contact. I think that Nessus will let you pay them for a support contract too, if that's your cup o'tea. Hope this helps, SF
    0 pointsBadges:
    report
  • Poppaman2
    At the risk of duplicating some (very good) answers already given: 1. Run a firewall; you pays your money and you takes your choice, so to speak. There are many good software and hardware (appliance type) firewalls out there to choose from, some better than others, some more (or less) expensive than others. I am partial to Symantec products (Yes, I realize that there are as many people who swear AT Symantec than swear BY them, so please keep the derisive laughter to a minimum.....), and the firewall products (the enterprise class ones at least) are based upon the old Axxent Raptor product - one of the better choices out there. Also, you need to decide whether to run the firewall as a Bastion Host (a single firewall - keep the good guys protected and the bad guys out), as a DMZ (basically a single computer/appliance with three networck cards - LAN on one, the "DMZ" - your publicly accessible servers (webserver, commerce server, whatever) on another, and the third connected to your web internet access, or run two firewalls with the DMZ in between. 2. Run desktop firewalls on each client machine connected to your network. I am partial to Sygate (recently purchased by Symantec, but my experience with Sygate goes back a few years...), but there are many good low cost/no cost options available (Sygate, Black Ice, Tiny, Norton, McAfee for the Windows platform to name just a few; there are others for Macintosh and Linux). 3. Run an antivirus program on EVERY computer you've got; server, workstation, standalone, whatever... This is one area where although I use the Symantec product, I readily admit that there are better solutions out there. Look at Panda, Sophos, Kapersky, Symantec and McAfee, as well as GriSoft. There are others as well. 4. Run Snort as an IDS/IPS solution. It comes either as a free program, or as supported software: the free version is about 5 days behind the supported version (www.sourcefire.org) in signature updates. 5. Run Nessus as a system/network integrity checker: many commercial products are based upon the Nessus engine (Snort as well!), so again there ar both freebie and supported versions. 6. Invest some time/energy/money in END USER TRAINING. If your users know what to do (or NOT do) you'll be well on your way to a more secure enterprise. The list above is by no means comprehensive, but it should give you a good starting point...
    0 pointsBadges:
    report
  • Neilhaslam90
    My name is Neil my e mail id is neil_haslam@dell.com , Anyone having a virus or anything to do with a virus should try www.soloantivirus.com try the trial version and you will see for your self, I have been in the IT industry for very long try this ANTI VIRUS, and don?t forget to thank me or drop me a line letting me know the affect Thanks Neil Terrance Haslam
    0 pointsBadges:
    report
  • HatcherBob
    I fully agree with "ve3ofa". The security business is BIG business anymore. You need to work in steps on this. Either present more specifics to this question or hire a security expert to analyze your site. How big is your site?
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following