
	Home > Ask the Security Experts > Network Security Questions & Answers > The top LAN security issues in a client-server network environment

Ask The Security Expert: Questions & Answers

EMAIL THIS

The top LAN security issues in a client-server network environment

EXPERT RESPONSE FROM: Mike Chapple, featured expert

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 15 June 2008
When it comes to a client/server network environment, what are the top LAN security issues?

BROWSE BY TAG

Network Security, Network Security: Tools, Products, Software, Network Firewalls, Routers and Switches, Enterprise Network Security, NAC and Endpoint Security Management, Network Access Control Basics, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Network Security
	Should enterprises be running multiple firewalls?
	What are best practices for fiber optic cable security?
	What are the disadvantages of proxy-based firewalls?
	What is the difference between a VPN and remote control?
	What are the best practices for IPS implementation?
	How to prevent DDoS attacks on websites
	How to configure firewall ports for webmail system implementation
	How should service providers address VoIP security issues and threats?
	Can S/MIME, XML and IPsec operate in one protocol layer?
	How to set up a corporate cell phone management strategy

Network Firewalls, Routers and Switches

Firewall rule management best practices

Should enterprises be running multiple firewalls?

What are the disadvantages of proxy-based firewalls?

IT pros find corporate firewall rules tough to navigate

PCI compliance requirement 1: Firewalls

Comparing an application proxy firewall and a gateway server firewall

Microsoft Threat Management Gateway has some drawbacks

Rising Profile

Front-end/back-end firewalls vs. chassis-based firewalls

How to configure a firewall to communicate with an upstream router

Network Access Control Basics

Symantec offers endpoint protection management, monitoring services

Configuring access control lists

What is the difference between a VPN and remote control?

Quiz: Endpoint security on a budget

Opinion: Gartner gets NAC wrong, again

What security software should be installed on Internet café computers?

What are the best network security books?

Should the government reduce its external Internet connections?

Trustwave acquires NAC appliance vendor Mirage Networks

Product Review: Rohati TNS 100

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

bastion host (SearchSecurity.com)

firewall (SearchSecurity.com)

Firewall Builder (SearchSecurity.com)

screened subnet (SearchSecurity.com)

virus (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Thank you for the opportunity to get on a soapbox and preach about what I perceive to be the biggest threats to network security. Let's take a look at my top four issues:

Failure to properly configure firewalls. Firewalls are a staple of the network security diet. In a good network design, an enterprise should protect its systems with both network and host firewalls. However, all too often those firewalls are not properly configured and may even be disabled for "temporary" testing that never seems to be finished. Failing to properly configure firewalls creates a foothold for the exploitation of other vulnerabilities.

Failure to authenticate network users. Are you really sure who is on your network? It's a good idea to use some form of authentication technology, such as 802.1x, to ensure that devices connecting to your network are associated with an authorized user.

Use of weak (or no) wireless encryption. Believe it or not, many enterprises still use WEP encryption to "protect" their networks. As I mentioned in an earlier article, WEP encryption is fundamentally flawed and should never be relied upon to secure a wireless network. Use WPA encryption instead.

Failure to patch. Everyone knows that it's important to apply vendor security patches to systems and applications. But not everyone does. In fact, a recent study showed that many Oracle administrators have never applied patches to their systems. This is a bad idea, as hackers keep a close eye on security bulletins, looking for exploitable flaws.

More information:

Contributor David Davis walks you through PIX firewall configuration from scratch.

Ed Skoudis explains how to develop a patch management policy for third-party applications.

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business
Targeted Security Channel Tips for Resellers, Integrators and Consultants

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy