Security Management Strategies for the CIOSecurity Schools:Integration of Networking and Security School
Integration of Networking and Security School
SearchSecurity.com is always looking for ideas for future lessons in our Integration of Networking and Security School. Contact us if you have feedback on this school or ideas for future content.
-
Application log management program planning
In this lesson, learn how to organize an application log management program for the tasks in a multi-regulation environment while avoiding duplication of effort.About the author:
Diana Kelley is Diana Kelley is a partner with consulting firm SecurityCurve. -
Back to basics: Endpoint security on a budget
Evolving threats -- like new malware and untracked sensitive data -- coupled with a difficult economy make protecting the endpoint more important than ever. In this lesson, learn strategies to create a strong endpoint security program on a shoestring budget.
-
Endpoint security management: Fixing endpoint problems with NAC
Contaminated network endpoints are a top concern within 75% of organizations, according to a recent SearchSecurity.com survey of nearly 900 IT professionals. It's a problem that is increasingly becoming one that networking and security teams must solve together.
In this lesson, network security luminary Joel Snyder outlines the latest endpoint security options, the elements essential to every endpoint security strategy and advice for when it's time to select a new endpoint security product.Learn more: Endpoint security management: Fixing endpoint problems with NAC
-
How IDS-IPS enables business objectives
About the author:
In this lesson, learn how key network security practices and technologies can be mapped to business needs.
Jennifer Jabbusch is CISO with Carolina Advanced Digital Inc. -
Integrating network fabric and security
A recent survey showed 49.1% of security pros believe that within three years, most IT security functions will be handled by core networking gear. This lesson will help you evaluate which security functions can be handled by the network and how to go about the process safely.
-
SIM product, tool and system deployment
SIM products are useful enterprise security tools, but all too often, users end up with more log files than they know what to do with. Learn how to get only the essential and relevant data from your security information management systems. This lesson reviews the best tools and explains how focused SIM data can help with compliance, access control, and much more.
About the author:
Adrian Lane is a senior security strategist with independent consulting firm, Securosis, LLC. -
SIMs: Security and network management integration
A recent TechTarget survey of nearly 1,000 IT pros shows that network/security integration is a top priority for most organizations. One of the most important steps toward integration is the effort to correlate and analyze data outputs from SIMs, network performance management and anomaly detection tools. The goal is to understand and react to bandwidth and application performance issues but also sound the alarm when data flows show anomalous behavior.
In this Integration of Networking and Security School lesson, we'll discuss how this can be done, the benefits and the potential pitfalls to this approach.
Learn more: SIMs: Security and network management integration
-
Securing the application layer
In this lesson, learn what the main threats are to the application layer, and how to leverage existing tools to help protect against these threats. About the author:
Cory Scott is the regional director for consulting services at Matasano Security. -
Securing your first remote office: Solutions for less than $10,000
In this lesson, Strom will provide an overview of the remote office security management landscape, step-by-step advice for setting up a managed unified threat management remote firewall/VPN and real-world advice from security practitioners on remote office security.Learn more: Securing your first remote office: Solutions for less than $10,000
-
Security at the application level: Securing application layer gateways
In this lesson, application security expert Michael Cobb offers an overview of how the network can be used to secure the application layer, information on the latest Layer 7 firewalls and switches and advice on the balancing act of appropriately securing the network versus instilling sound application development practices.Learn more: Security at the application level: Securing application layer gateways
-
Unified communications: Securing the converged infrastructure
To cut costs and increase efficiency, many enterprises are combining disparate communications systems, including email, IM, video conferencing, desk and mobile telephony and voice messaging. In this lesson, learn how to properly secure this new and evolving enterprise commuications environment.
Learn more: Unified communications: Securing the converged infrastructure
-
Using NAC policies and tools for endpoint protection and compliance
Whether you're considering NAC for the first time or are deep into a company-wide deployment, this lesson will show you how to use NAC policies and tools to develop a endpoint protection security strategy and complaince.
About the author:
Mike Chapple, CISSP, is an IT security pro with the University of Notre Dame.
Also featuring special guest instructor Joel Snyder of Opus One.Learn more: Using NAC policies and tools for endpoint protection and compliance
-
Wireless security threat and attack defense
Wireless LAN technology has matured, moving from conference room Internet access to mainstream corporate LAN access. Despite their acceptance, wireless networks still have a reputation for being insecure.
In this lesson, noted wireless security expert Lisa Phifer discusses how to effectively mitigate wireless-specific threats while efficiently leveraging existing network security policies and infrastructure investments. She outlines how to use VLANs to control wireless traffic and examines how wireless voice will impact your network.
-
Strengthening policies for endpoint control
In this Security School lesson, expert Lisa Phifer explores new strategies, policies, practices and tools that can be used to rein in unruly endpoints.
Lisa Phifer owns Core Competence Inc., a consulting firm specializing in network security and management technology. -
Security event log analysis
Learn valuable techniques for sifting through logs to find legitimate security events you need to analyze and respond to before they negatively affect your organization’s bottom line.
John Burke is principal research analyst with Nemertes Research. -
Securing DNS infrastructure
In this Security School lesson, learn the myriad threats to DNS security including cache poisoning and denial of service attacks, IP spoofing, footprinting and redirection attacks.
About the author: Char Sample has close to 20 years of experience in Internet security, and she has been involved with integrating various security technologies in both the public and private sectors.