That's a great question. Let's see if we can boil down the top ways to protect the security of your enterprise...
network into a five-point list:
- Perform security vulnerability scanning on a regular basis. I've sung this refrain before and I'll continue to tout the virtues of a strong enterprise vulnerability scanning program. Proactive scanning tools allow security pros to detect network security flaws before they're exploited.
- Manage the firewall rulebase through solid auditing practices. Don't underestimate the importance of auditing firewall activity. It's easy for rulebases to become overpopulated with orphaned rules, leading to firewall misconfigurations that severely undermine the security of a network.
- Deploy network intrusion prevention and detection systems (IPS/IDS). A properly tuned IPS can limit malicious traffic's ability to enter the network; search out a best-of-breed IPS/IDS and deploy it on your network. Don't be thwarted by cost; there are several solid open source product options available.
- Use network access control to ensure endpoint security. (Link to this month's tip) NAC products offer the ability to scan endpoints to make sure they are compliant with an organization's security policies before the endpoints can ever gain network access. Every security problem you prevent is one less issue that needs mitigation.
- Content filtering protects your organization from liability. Check with any large corporation's legal department and you'll probably hear at least one litigation story related to the viewing of inappropriate materials in the workplace. Use content filtering tools to limit the organization's liability in this space.
That's a brief rundown of my top five network security practices. Deploying these in your organization should keep you busy for a while!
For more information:
- Looking to transition to a career in information security? Get some expert advice.
- Use the open source tool Nessus for vulnerability scanning in the enterprise.
Dig Deeper on Security Event Management
Related Q&A from Mike Chapple
The OWASP Top Ten list is not a compliance standard but a set of best practices for enterprises looking to boost Web app security. Here's how to get ...continue reading
A data breach notification policy is important to have, but deciding how to alert customers can be tough. Expert Mike Chapple explains some best ...continue reading
Tokenization technology can be confusing. Expert Mike Chapple explains what the difference is between two types of tokens and how tokenization can ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.