WebProWorld IT Forum |
Broadband USB modem to wireless router
Grateful for assistance, easiest way is to describe the symptoms. I had 1 computer(a) connected to the internet via a speedtouch USB broadband modem on wanadoo. Two other computers (b) and (c) networked to this one.
Bought linksys wireless router, removed speedtouch modem, replaced with router...
Installation Monitor
Does anyone know of any software that can tell you what files have been changed/added or registry keys changed/added when you install a new program?
Home network priority
I have 2 PCs and 1 laptop connected through a Linksys router. Both PCs are wired, and the laptop is wireless. One of the PCs is my work (home office) PC, so I would like it to have the priority to connect to the internet. The other two are used by the kids, which is fine, but they don't need to go so fast just for their games .
|
|
03.02.06
The Top Five LAN Security Issues Facing IT Managers Today
By Joseph Tardo
IT managers face many difficult LAN security issues today, but are confronted with a huge array of established and emerging security technologies that promise to deal with these issues.
A quick look at the top five security problems shows there is are tools to solve each one. But the one problem/one tool approach does not solve the full range of security problems and can be difficult to manage. This approach also begs the question, "Is there a better way to handle LAN security?"
Porous Perimeters
The conventional approach to enterprise security has been to apply security at the perimeter of the network. Today, however, perimeter defenses are no longer sufficient. Increasingly, sites no longer consist just of predictable managed desktops but include a mix of unmanaged mobile devices, such as laptops and PDAs. Sometimes these devices belong to employees, but often businesses must allow guests such as contractors, partners, and others with unmanaged mobile devices to directly connect to the internal network. These devices may be infected with malware and thus could inject a worm, bot, trojan, or other malware directly into the access port of the corporate network, bypassing perimeter defenses.
To cope with the threat posed by unmanaged mobile devices, client-side security measures are becoming essential. Network access control, a broad category that includes endpoint integrity compliance verification for up-to-date security patches and anti-virus signature files; user authentication for network access; and identity-based policies to control network use can mitigate these threats. However, these solutions only are effective if they are applied close to or at the point of entry to the network.
Increasingly Sophisticated Attacks
Perimeter-based security strategies are also no match for the increasing sophistication of attacks on the network. The hacker profile has begun to shift from adolescents crashing systems for fun to professional criminals bent on taking over systems for profit.
New strains of malware appear to have the goal of remotely controlling the victim's computer. Nothing prevents a remote-access trojan on an internal corporate network from being used as a perfect corporate spy. A number of infected machines can be formed into a botnet and used to extract ransom with the threat of a DoS attack.
Spyware has become a commonplace element of both freeware and commercial downloads, and is often installed without the informed consent of the user. Spyware not only extracts personal information for potential sale, using, for example, keystroke loggers, but can also deliver sensitive corporate information such as user passwords. Since spyware runs on clients, it can avoid detection by disabling anti-virus and other client-side software security controls.
Some form of in-network security device that can apply a combination of behavioral anomaly detection and traditional misuse detection can be used to effectively detect and identify infected end systems. Enterprises need not only to detect infected end systems but also to swiftly isolate and, ideally, clean, remediate, and return them to productivity.
Unauditable Networks
Many enterprises built LANs with the assumption that internal users are trustworthy. Little thought was given to understanding exactly what devices are connected to the network, where these devices are located, and what users are doing with them. As a result, enterprises are finding themselves ill-equipped to deal with problems introduced by mobile end systems and end users.
Furthermore, the increasing number of regulations on data protection and compliance verification, including privacy, financial, health records, state information processing laws, and even anti-terrorism acts, has raised the importance of auditing network activity.
Enterprises need visualization and audit tools that associate different network identifiers and locations. Such tools could, for example, find the user, access port, and MAC address when given an IP address. The tools should also be able to display the location from which the user has accessed the network in a form that can IT can quickly understand.
Uncooperative Employees
Even with security awareness programs and employee censure for lax security practices, users still view security as something that gets in the way of doing their job. Users will often abort full disk scans, or even disable anti-virus or anti-spyware applications, if they believe they measurably slow down the computer.
Network access control mechanisms that perform periodic integrity re-assessments and policy compliance verification, and that have the ability to isolate an endpoint that fails, can mitigate the potential damage done by uncooperative employees.
Read the rest of the article.
About
the Author:
Joseph Tardo, Senior Principal Scientist, Nevis Networks
Joe Tardo brings over 25 years of experience in all aspects of computer and network security. He is responsible for the development of the Nevis Security Architecture, product feature set and deployments. Prior to Nevis Networks, he was a Senior Principal Scientist in the Security Line of Business at Broadcom Corporation , where he designed software interface and functionality for SSL and IPsec acceleration ASICs, and architected IPsec and SSL reference platforms using network processors and Broadcom's security ASICs.
|
|
