Assess and Audit the Network
A network assessment: an objective review of network in terms of current functionality and security capabilities.
be Documented , as a baseline for future audits
Complete audits must be scheduled on a regular basis
Leverage Established Industry Frameworks
Improve the quality of IT organization: ITIL(Information Technology Infrastructure Library), MOF(Microsoft Operations Framework)
ensure regulatory compliance for specific industries or data types: PCI(payment card industry regulation), SOX(Sarbanes-Oxley Act)
Health Insurance Portability and Accountability Act(HIPAA)
Utilize Layered Security
multiple networks, DMZ(demilitarized Zone)
Setting up a DMZ: place a hardware firewall between the external network and the DMZ, and to both control access (access lists) and protect against attacks using that device.
Access Lists
review the audit logs to understand the successes and failures of all requests against the established access lists.
Tools: Intrusion detection systems, Intrusion prevention system
Attacks: DDoS, PoD, Flood
Network Security: Best Practices
Assess and Audit the Network A network assessment: an objective review of network in terms of current functionality and security capabilities. be Documented , as a baseline for future audits Complete audits must be scheduled on a regular basis
Leverage Established Industry Frameworks Improve the quality of IT organization: ITIL(Information Technology Infrastructure Library), MOF(Microsoft Operations Framework) ensure regulatory compliance for specific industries or data types: PCI(payment card industry regulation), SOX(Sarbanes-Oxley Act) Health Insurance Portability and Accountability Act(HIPAA)
Utilize Layered Security multiple networks, DMZ(demilitarized Zone) Setting up a DMZ: place a hardware firewall between the external network and the DMZ, and to both control access (access lists) and protect against attacks using that device. Access Lists review the audit logs to understand the successes and failures of all requests against the established access lists. Tools: Intrusion detection systems, Intrusion prevention system Attacks: DDoS, PoD, Flood
Utilize a Third Party to Audit the Network
"Harden" Host and Guest Computers