
	Home > Ask the Security Experts > Network Security Questions & Answers > The top LAN security issues in a client-server network environment

Ask The Security Expert: Questions & Answers

EMAIL THIS

The top LAN security issues in a client-server network environment

EXPERT RESPONSE FROM: Mike Chapple, featured expert

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 15 June 2008
When it comes to a client/server network environment, what are the top LAN security issues?

BROWSE BY TAG

Network Security, Network Security: Tools, Products, Software, Network Firewalls, Routers and Switches, Enterprise Network Security, NAC and Endpoint Security Management, Network Access Control Basics, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Network Security
	How to set up a split-tunnel VPN in Windows Vista
	What is the difference between static and dynamic network validation?
	Port scan attack prevention best practices
	Securing the intranet with remote access VPN security
	How to prevent network sniffing and eavesdropping
	How to implement virtual firewalls in a complex network infrastructure
	How to manage network bandwidth with distributed ISP bandwidth
	How to edit group policy objects to give a user local admin rights
	How to prevent operating system cloning with AES 256-bit encryption
	How to securely connect a LAN POS to a remote point-of-sale device

Network Firewalls, Routers and Switches

How to prepare for a secure network hardware upgrade

Best Network Firewall Products

What is the difference between static and dynamic network validation?

Screencast: Smoothwall offers firewall defense in lean times

New Cisco IOS bugs pose tempting targets, says Black Hat researcher

How to implement virtual firewalls in a complex network infrastructure

How to manage network bandwidth with distributed ISP bandwidth

Firewall rule management best practices

Should enterprises be running multiple firewalls?

What are the disadvantages of proxy-based firewalls?

Network Access Control Basics

Security vendors can learn from ConSentry Networks demise

Best Network Access Control Products

Perimeter defense in the era of the perimeterless network

Network access control technology: Over-hyped or underused?

Symantec offers endpoint protection management, monitoring services

Configuring access control lists

What is the difference between a VPN and remote control?

Quiz: Endpoint security on a budget

Opinion: Gartner gets NAC wrong, again

What security software should be installed on Internet café computers?

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

bastion host (SearchSecurity.com)

firewall (SearchSecurity.com)

Firewall Builder (SearchSecurity.com)

screened subnet (SearchSecurity.com)

virus (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Thank you for the opportunity to get on a soapbox and preach about what I perceive to be the biggest threats to network security. Let's take a look at my top four issues:

Failure to properly configure firewalls. Firewalls are a staple of the network security diet. In a good network design, an enterprise should protect its systems with both network and host firewalls. However, all too often those firewalls are not properly configured and may even be disabled for "temporary" testing that never seems to be finished. Failing to properly configure firewalls creates a foothold for the exploitation of other vulnerabilities.

Failure to authenticate network users. Are you really sure who is on your network? It's a good idea to use some form of authentication technology, such as 802.1x, to ensure that devices connecting to your network are associated with an authorized user.

Use of weak (or no) wireless encryption. Believe it or not, many enterprises still use WEP encryption to "protect" their networks. As I mentioned in an earlier article, WEP encryption is fundamentally flawed and should never be relied upon to secure a wireless network. Use WPA encryption instead.

Failure to patch. Everyone knows that it's important to apply vendor security patches to systems and applications. But not everyone does. In fact, a recent study showed that many Oracle administrators have never applied patches to their systems. This is a bad idea, as hackers keep a close eye on security bulletins, looking for exploitable flaws.

More information:

Contributor David Davis walks you through PIX firewall configuration from scratch.

Ed Skoudis explains how to develop a patch management policy for third-party applications.

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy