Security Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
Showing results for 
Search instead for 
Do you mean 

A Hale and Hearty Network

by skathuria on ‎07-15-2014 11:48 AM

                                                       

As I was reading this article describing examples of certain healthcare practitioners using data mining and analytics of patients’ lifestyles (e.g. foods they eat, activity levels, where they live, etc.) to help predict their risk factor for ailments, I started to draw a parallel to the state of the network. I was thinking about how security analytics of a network may help predict the onset of a data breach. The common goal in both cases, human and network, is to maintain a certain level of health – call it an “equilibrium” state, one that doesn’t require immediate intervention or repair.

 

Inspired by the table shared in the article describing what certain collected data about a patient could indicate about his/her health habits, I came up with a table containing types of network state related which could be indicators for a potential data exploit/breach.

 

State of Network

Analysis

Weak password for an online account

This could allow a hacker to uncover the password (by using automated tools), gain access to user data (name, address, phone #, bank account/credit card data) and perform unauthorized transaction (e.g., purchase of product/service or withdrawal of money from bank account) on the user’s behalf.

Multiple unsuccessful attempts to search for usernames and passwords via Web browser exploitation techniques

This could result in a data breach.

Improper isolation of HR records, financial, medical, credit/debit card, or other PII data within Enterprise data center/private cloud network

This could inadvertently allow an insider (e.g. employee) access to the network for obtaining and selling data on black market for profit.

Excessive communication requests to a Web server or other resource, slowing it down considerably or rendering it unavailable

This could indicate someone is trying to gain access to the server for malicious intent.

No application layer protection at Enterprise edge

This could allow a hacker to launch an application-layer attack and access data for further exploitation.

 

Enterprise and service providers would benefit greatly from self-monitoring and constantly improving the health of networks, to minimize the possibility of a data breach.

 

One of the ways to do this is via technology, including application-aware, next generation firewalls, and strong SIEM solutions and network security management solutions (for firewall management), which provide visibility, analyze network security posture, and alert administrators about unusual network activity.

 

In addition, humans themselves should be held accountable for security. For one, it is imperative that the IT security team is proactively monitoring the network security posture, carefully balancing access to certain network resources, applications and data with control over the same. In addition, trust plays a big role in maintaining security and privacy, so it is ultimately the responsibility of individuals (business owners and employees) to not exploit data for personal gain.

Read more...

Managing Enterprise Security

by skathuria on ‎10-28-2013 10:08 AM

                           

 

 

Security management in today’s enterprise is like navigating the open ocean. You’re on an extended journey and any given day can bring smooth sailing, stormy seas or a rogue wave big enough to sink your entire network.

 

Managing network security requires vigilance and a strong infrastructure. It also requires a sound security strategy.

 

For one, the advent of SIEM (security information and event management) solutions has relieved security teams from the burdensome task of manually combing through massive amounts of security logs. It also relieves them of the duty of aggregating event data and deriving meaning from it – basically, performing security analysis. And, thanks to offerings from a number of technology vendors (including Juniper’s Secure Analytics), that heavy lifting can now be automated.

 

Another important aspect of security management for distributed Enterprises is being able to centrally view and manage policy across multiple firewall deployments. Manually configuring and updating policies for each firewall in each location isn’t feasible. The best solution? Utilize a centralized security management tool.

 

Read more about these two aspects of Security Management for Enterprises in this article. With the right network security tools in place, organizations can better anticipate security concerns and keep moving full steam ahead, safely and securely.

Read more...

About Security Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon


Our Bloggers

Jennifer Blatnik
Vice President
Enterprise Portfolio Marketing

Profile | Subscribe

Ritesh Agrawal
Director
Software Engineering

Profile | Subscribe

Scott Emo
Director
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Announcements

Juniper Innovators Circle
Labels