Integration of Networking and Security School

In our special Integration of Networking and Security School, SearchSecurity.com -- in cooperation with SearchNetworking.com -- offers an in-depth look at how the integration of security-related and networking-related team, products and processes is affecting enterprise network security.

SearchSecurity.com is always looking for ideas for future lessons in our Integration of Networking and Security School. Contact us if you have feedback on this school or ideas for future content.

Table of contents:

Securing DNS

In this Security School lesson, learn the myriad threats to DNS security including cache poisoning and denial of service attacks, IP spoofing, footprinting and redirection attacks.



About the author: Char Sample has close to 20 years of experience in Internet security, and she has been involved with integrating various security technologies in both the public and private sectors.

Security event log analysis

Learn valuable techniques for sifting through logs to find legitimate security events you need to analyze and respond to before they negatively affect your organization’s bottom line.

John Burke is a Principal Research Analyst with Nemertes Research, where he conducts primary research, develops cost models, delivers strategic seminars, advises clients, and writes thought-leadership pieces across a wide variety of topics. John's main focus of research are cloud computing, virtualization, application delivery networking, SOA, and SaaS. His other areas of expertise are information stewardship (including information protection, information lifecycle management, business continuity planning, compliance, and data quality management) and storage technologies.

Strengthening policies for endpoint control

In this Security School lesson, expert Lisa Phifer explores new strategies, policies, practices and tools that can be used to rein in unruly endpoints.

Lisa Phifer owns Core Competence Inc., a consulting firm specializing in network security and management technology.

How IDS-IPS enables business objectives

While network security professional need to be familiar with firewall rulesets, IPS/IDS and NBADs how do these technologies align with an enteprise’s business needs? This SearchSecurity School will explain key network security practices and technologies and how they can be mapped to business needs. Specifically our expert will explain how to make a pitch for enhancing network security in business terms, how to help network security teams prioritize time/effort/budget as well as the most effective network security technologies that can prevent network intrusions and make sense to the C-suite.

About the author:
Jennifer Jabbusch is CISO with Carolina Advanced Digital Inc.

Application log management program planning

In this lesson, learn how to organize an application log management program for the tasks in a multi-regulation environment while avoiding duplication of effort.

About the author:
Diana Kelley is Diana Kelley is a partner with consulting firm SecurityCurve.

Securing the application layer

In this lesson, learn what the main threats are to the application layer, and how to leverage existing tools to help protect against these threats.

About the author:
Cory Scott is the regional director for consulting services at Matasano Security.

Back to basics: Endpoint security on a budget

Evolving threats -- like new malware and untracked sensitive data -- coupled with a difficult economy make protecting the endpoint more important than ever. In this lesson, learn strategies to create a strong endpoint security program on a shoestring budget.

SIM product, tool and system deployment

SIM products are useful enterprise security tools, but all too often, users end up with more log files than they know what to do with. Learn how to get only the essential and relevant data from your security information management systems. This lesson reviews the best tools and explains how focused SIM data can help with compliance, access control, and much more.

About the author:
Adrian Lane is a senior security strategist with independent consulting firm, Securosis, LLC.

Fixing endpoint problems with NAC

Contaminated network endpoints are a top concern within 75% of organizations, according to a recent SearchSecurity.com survey of nearly 900 IT professionals. It's a problem that is increasingly becoming one that networking and security teams must solve together.

In this lesson, network security luminary Joel Snyder outlines the latest endpoint security options, the elements essential to every endpoint security strategy and advice for when it's time to select a new endpoint security product.

Using NAC policies and tools

Whether you're considering NAC for the first time or are deep into a company-wide deployment, this lesson will show you how to use NAC policies and tools to develop a endpoint protection security strategy and complaince.

About the author:
Mike Chapple, CISSP, is an IT security pro with the University of Notre Dame.
Also featuring special guest instructor Joel Snyder of Opus One.

SIMs: Security and network management integration

A recent TechTarget survey of nearly 1,000 IT pros shows that network/security integration is a top priority for most organizations. One of the most important steps toward integration is the effort to correlate and analyze data outputs from SIMs, network performance management and anomaly detection tools. The goal is to understand and react to bandwidth and application performance issues but also sound the alarm when data flows show anomalous behavior.

In this Integration of Networking and Security School lesson, we'll discuss how this can be done, the benefits and the potential pitfalls to this approach.

Securing your remote office for less than $10,000

Over 80% of corporate network traffic is generated from remote offices, according to research firm Gartner. Here, noted network security expert David Strom will focus on securing the remote data and remote network devices in locations beyond the corporate headquarters.

In this lesson, Strom will provide an overview of the remote office security management landscape, step-by-step advice for setting up a managed unified threat management remote firewall/ VPN and real-world advice from security practitioners on remote office security.

Security at the application level

According to a recent SearchSecurity.com survey of nearly 900 IT professionals, 80% of networking and security pros are concerned about application layer gateways.

In this lesson, application security expert Michael Cobb offers an overview of how the network can be used to secure the application layer, information on the latest Layer 7 firewalls and switches and advice on the balancing act of appropriately securing the network versus instilling sound application development practices.

UC: Securing the converged infrastructure

To cut costs and increase efficiency, many enterprises are combining disparate communications systems, including email, IM, video conferencing, desk and mobile telephony and voice messaging. In this lesson, learn how to properly secure this new and evolving enterprise commuications environment.

Using SIM for threat monitoring

Hutchison
From a security perspective, it is challenging to keep ahead of the constantly evolving enterprise threat landscape. Security information and event management (SIEM) systems, however, can be a vital component of an enterprise’s threat mitigation arsenal, providing comprehensive data on what threat an enterprise actually faces. In particular SIEM systems and technology enable more dynamic detection than some of the more traditional defenses. This lesson helps enterprises learn how to catalog the types of threats that they confront, and goes on to identify those which could be addressed through the expedient use of a SIEM approach.

About the author:
Andrew Hutchison is an information security specialist with T-Systems International and an adjunct professor of computer science at the University of Cape Town in South Africa.

Next-generation firewalls

Burke
This SearchSecurity School cuts through the marketing jargon to help you understand what a next-generation firewall can provide and determine which next-generation firewall features best suit your needs. Since this is a rapidly evolving area, there’s no clear feature set established as a baseline—this school will help you build your rubric for evaluating and comparing current offerings.

Improving security management processes with SIEM

New Security information management systems are the hub of your network security infrastructure, with each spoke from firewalls, intrusion detection, network anomaly behavior systems and more feeding reams of information to these sophisticated collectors. The biggest challenge for the security analyst is to obtain useful information about threats and vulnerabilities from the data collected and correlated by a SIM.

This Security School will explain the best means for an organization to effectively analyze SIM data, how to improve SIM collection, set reasonable goals for these tools and how to get the best data in order to improve incident response, change management processes and security policies overall.

About the author: Mike Rothman is president and principal analyst of Securosis, an independent information security research firm.

Back to top