Q

Which security practices can lower exposure to zero-day attacks?

It's never possible to completely prevent zero-day attacks, but in this SearchSecurity.com Q&A, network security expert Mike Chapple reveals which tools can provide significant protection from such threats.

I'm attempting to proactively thwart zero-day attacks on my network. Can I prevent zero-day attacks with a combination of good security practices, VLAN network segmentation and an NAC system?
As you probably know, it's never possible to completely prevent zero-day attacks. However, the controls you mention are a good start toward dramatically reducing the risks. Let's expand a bit on "good security practices" and look at some of the particular management practices that can lower your exposure to zero-day exploits:

  • Firewalls play a vital role in preventing zero-day attacks. Use them to protect the perimeter of your network from unsolicited traffic. You should also use host-based firewalls (such as Windows Firewall) to limit the inbound connections allowed to each system on your network. Ideally, most systems (e.g. workstations) will not allow any inbound connections.
  • Patch management is also critical. Many zero-day attacks are simply novel exploits of a previously known vulnerability. If you keep your operating systems and applications patched, you'll be immune from the vast majority of zero-day exploits.
  • Antivirus software and intrusion detection systems may not help with true zero-day attacks, but they play a valuable role in protecting your network from known issues. Don't neglect them when planning your security infrastructure.
  • I hope this helps you plan and implement your network security controls. Good luck in your battle to secure your enterprise information assets!

    More information:

  • Learn about ten emerging malware trends that you should be aware of.
  • See how zero-day attacks may lead to poor patch testing.
  • This was first published in February 2007

    Dig deeper on Emerging Information Security Threats

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close