This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
5. - Your questions answered: Read more in this section
- Mike Chapple, Enterprise Compliance
- Joseph Granneman, Security Management
Explore other sections in this guide:
Mike Chapple, Ph. D., CISA, CISSP, is an IT security manager with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Chapple is a frequent contributor to SearchSecurity.com, and serves as its resident expert on enterprise compliance, frameworks and standards for its Ask the Experts panel. He previously served as site expert on network security, is a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.
See below for Mike's archive of advice on both compliance and network security. To submit a question for Mike, click on the "Ask a Question" tab above.
Do you have a question for our experts?
Contributions from Mike Chapple, Enterprise Compliance
- Should enterprises implement a mandatory iPhone VPN?
- Employee-owned handhelds: Security and network policy c
- Which is a more secure data access technology: SPAN or TAP?
- Should a domain controller be placed within the DMZ?
- Worst practices: Encryption conniptions
- If one server in a DMZ network gets attacked from outside, will the other servers be corrupted?
- Phased NAC deployment for compliance and policy enforce
- How to secure an FTP connection
- DMVPN configuration: Should a firewall be between router and Internet?
- Is centralized logging worth all the effort?
- What are the pros and cons of shaping P2P packets?
- Should an ISP keep corrupted machines off of a network?
- What is the best possible IDS deployment for an Enterprise Resource Planning (ERP) system?
- Should an intrusion detection system (IDS) be written using Java?
- Can Trojans and other malware exploit split-tunnel VPNs?
- How helpful is the centralized logging of network flow data?
- Can a firewall alone effectively block port-scanning activity?
- What to consider before opening a port
- The road from network administrator to information security professional
- Open source vs. commercial network access control (NAC) products