Security Management Strategies for the CIO
Email Alerts
-
Enterprise network security visibility: Beyond traditional defenses
Organizations have implemented various network security technologies to gain better visibility into their networks. However, these security technologies place an increased demand on the network. This TechGuide explores how to improve network security... E-Handbook
-
With SSL VPNs on the offense, will IPSec VPNs eventually be benched?
In month’s Information Security magazine, SSL VPNs are providing their customers cheaper secure remote log ons, but will they take it to the next level with IPsec? Also inside this issue, get a behind-the-scenes look at Microsoft’s Patch Tuesday and ... E-Zine
-
Address IPv6 security before your time runs out
Most networks have partial deployment of IPv6 often without IT realizing it. It’s time to take stock of the security implications before attackers do. Feature
-
Network Security Technologies
This section of our Eye On IT Security Series examines the latest in network security appliances, including the latest features finding their way into intrusion prevention and intrusion detection systems, unified threat management, and network monito... partOfGuideSeries
-
IPv6 tutorial: Understanding IPv6 security issues, threats, defenses
You may not know it, but IPv6 may be the Internet's next superhighway for zero-day attacks. This new guide offers tactics for proactive IPv6 security. Tutorial
-
Secure VoIP tutorial: Understanding VoIP security best practices
More organizations are choosing to implement VoIP telephony in the enterprise for its cost savings. However, securing the technology comes with its own price tag. This secure VoIP tutorial is a compilation of resources that review VoIP security best ... Learning Guide
-
Voice over IP Security: VoIP Threat Taxonomy
In an excerpt from Voice over IP Security, author Patrick Park reviews VoIP threats, including spam, phishing and other threats against social context. Book Chapter
-
Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures
In an excerpt from the book Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures, authors Peter Thermos and Ari Takanen discuss the strengths and weaknesses of SRTP. Book Chapter
-
Man-in-the-middle attacks
This excerpt from Chapter 2 of "Securing Storage: A Practical Guide to SAN and NAS Security" examines how man-in-the-middle attacks affect Fibre Channel security and examines how to determine if your organization is at risk. Book Chapter
-
Understanding VoIP protocols
SearchSecurity Technical
-
VoIP protocols: A technical guide
This guide reviews the two main protocols that power VoIP -- Session Initiation Protocol (SIP) and H.323 -- and their known vulnerabilities, as well as how functional protocol testing ("fuzzing") can help defeat such problems. SearchSecurity Technical
-
VoIP protocol insecurity
SearchSecurity Technical
- See more Essential Knowledge on Network Protocols and Security
-
VMware unveils next-gen NSX, teams up with security players
At VMworld 2013, VMware unveiled its next-gen network virtualization platform, NSX, and an ecosystem partnership with the security industry. News | 26 Aug 2013
-
Neohapsis: IPv4 plus IPv6 enables man-in-the-middle attacks
Neohapsis' Scott Behrens explains how having both IPv4 and IPv6 Internet protocols enabled can lead to man-in-the-middle attacks. News | 09 Aug 2013
-
The body count is new, but UPnP security issues are embarrassingly old
HD Moore unveiled research showing wide-scale UPnP security issues last week, but some of the problems have been known for years. News | 06 Feb 2013
-
Go Daddy responding to malicious DNS entries
Weak passwords may be enabling attackers to hack the DNS records of some Go Daddy hosted websites to spread ransomware. News | 26 Nov 2012
-
RSA 2012 talk to offer help understanding IPv6 security issues
Understanding IPv6 security issues can be a challenge, but the protocol's co-inventor says enterprises can no longer afford to ignore IPv6 security concerns. News | 22 Feb 2012
-
Tools, services emerge for enterprise DNSSEC adoption
Tools, services and support are available, but experts believe a watershed moment is what is needed to push enterprises into DNSSEC adoption. News | 12 Jan 2012
-
ISC issues temporary patch for zero-day BIND 9 DNS server flaw
A temporary patch has been released for BIND 9 DNS servers, mitigating a zero-day vulnerability causing server crashes. It's unclear if exploits are in the wild. News | 17 Nov 2011
-
IBM researchers push for secure open wireless networks
IBM’s Secure Open Wireless method could secure public Wi-Fi networks automatically and prevent attackers from snooping and stealing users’ data. News | 19 Aug 2011
-
Black Hat 2011: Dan Kaminsky reveals network security research topics
Noted researcher Dan Kaminsky presented his latest network security research topics, including vulnerabilities in P2P networks, UPNP and home routers. News | 03 Aug 2011
-
WAN managers share their IPv6 migration strategies on World IPv6 Day
SearchEnterpriseWAN.com asked WAN managers about where they stand today with their IPv6 migration strategies as well as their thoughts on World IPv6 Day. News | 08 Jun 2011
- See more News on Network Protocols and Security
-
How key MDM features affect mobile security policy management
As MDM features become more robust, enterprises must not only look for mature products, but also evolve mobile security policies accordingly. Tip
-
Using network flow analysis to improve network security visibility
To overcome network security issues from advanced attackers and BYOD, security professionals are turning to network flow analysis to gain improved network security visibility. Tip
-
Gauging UPnP security risks: Is UPnP secure enough for enterprise use?
Is UPnP secure enough for enterprise use? Network security expert Brad Casey assesses UPnP security risks and offers advice for mitigating the threat. Tip
-
Targeted attack protection: Step-by-step preparation and mitigation
Targeted attacks can be stopped with a defense-in-depth strategy. Michael Cobb explains how to implement a targeted attack prevention plan. Tip
-
Low-cost methods for secure, large file transfer
Transferring large files safely can be a costly process. Matt Pascucci offers low-cost options for secure, large file transfers in the enterprise. Tip
-
How to avoid security issues with VPN leaks on dual-stack networks
The ongoing transition to IPv6 has revealed security issues with VPN leaks on dual-stack networks. Fernando Gont explains and offers mitigations. Tip
-
Software-defined networking: Exploring SDN security pros and cons
Matthew Pascucci offers an intro to software-defined networking and explains why SDN security relies on securing the SDN controller at all costs. Tip
-
Remote Desktop Protocol security: How to secure RDP network endpoints
What is RDP and why does it pose a security threat? Expert Matt Pascucci explains why it’s needed and how best to secure RDP it in the enterprise. Tip
-
Free or paid antivirus: Effective enterprise antivirus at no cost?
When looking for effective enterprise antivirus software, does it matter whether it is free or paid antivirus? Yes it does, says expert Michael Cobb. Tip
-
Analysis: Vast IPv6 address space actually enables IPv6 attacks
For World IPv6 Launch Day 2012, Fernando Gont covers why common ways of generating IPv6 addresses actually make an attacker’s job easier. Tip
- See more Tips on Network Protocols and Security
-
Lessons learned from Juniper vulnerability in Junos OS
Expert Brad Casey says the recent Junos OS flaws demonstrates why enterprises must diligently update networking router software to stay secure. Answer
-
OpenFlow security: Does OpenFlow secure software-defined networks?
Expert Brad Casey answers a question on OpenFlow security implications: Can the OpenFlow protocol foster software-defined networking (SDN) security? Answer
-
Does automatic IP addressing carry any security implications?
Is automatic IP addressing a suitable option, or should network and security teams still manually assign IP addresses? Expert Brad Casey discusses. Answer
-
What will the HSTS protocol mean for Web security?
Matthew Pascucci discusses what effect the new HSTS protocol could have on Web security and on preventing man-in-the-middle attacks. Answer
-
How to implement firewall policy management with a 5-tuple firewall
Matt Pascucci explains how to implement firewall policy management for 5-tuple firewalls when ports must be kept open for business reasons. Answer
-
How enterprises should address the latest Skype security concerns
A Web-based tool has exposed some serious Skype security concerns. Expert Michael Cobb discusses the options for organizations that rely on Skype. Answer
-
The switch to HTTPS: Understanding the benefits and limitations
Expert Mike Cobb explains the value and limitations of HTTPS, and why making the switch to HTTPS may be easier than it seems. Answer
-
Use Telnet alternative SSH to thwart Telnet security risks
The inherently insecure Telnet protocol shouldn’t be used on modern networks. Learn why and what to use in its place. Answer
-
BIOS management best practices: BIOS patches and BIOS updates
Amid growing concern over BIOS threats, expert Mike Cobb discusses how organizations should manage BIOS patches and BIOS updates. Answer
-
Does Morto worm prove inherent flaws in Windows RDP security?
The recent Morto worm had unusual success spreading via Windows Remote Desktop Protocol. Does that mean RDP is security too weak? Nick Lewis explains. Answer
- See more Expert Advice on Network Protocols and Security
-
IPv6 address
An IPv6 address is a 128-bit alphanumeric string that identifies an endpoint device in the Internet Protocol Version 6 (IPv6) addressing scheme. The new IP address format was created to enable the trillions of new IP addresses required to connect no... Definition
-
smurfing
A smurf attack is an exploitation of the Internet Protocol (IP) broadcast addressing to create a denial of service. Definition
-
IP spoofing (IP address forgery or a host file hijack)
IP spoofing, also known as IP address forgery, is a hijacking technique in which the attacker masquerades as a trusted host to conceal his identity, hijack browsers, or gain access to a network. The hijacker obtains the IP address of a legitimate ho... Definition
-
IGP (Interior Gateway Protocol)
An IGP (Interior Gateway Protocol) is a protocol for exchanging routing information between gateways (hosts with routers) within an autonomous network (for example, a system of corporate local area networks). Definition
-
5 terms you need to know before you employ VoIP
Learn five important terms every organization should understand before deploying Voice over IP (VoIP) telephony. Definition
-
digest authentication
Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller... (Continued) Definition
-
Secure Sockets Layer (SSL)
SSL (Secure Sockets Layer) is a commonly-used protocol for managing the security of a message transmission on the Internet; it uses a program layer located between the Internet's HTTP and TCP program layers. Definition
-
Transport Layer Security (TLS)
Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. Definition
-
IPv6 implementation security advice from Check Point's Robert Hinden
IPv6 co-inventor Robert Hinden outlines IPv6 implementation security risks and a critical IPv6 security tip for working with network security vendors. Video
-
IPv6 security risks: How a teenager can hack IPv6 security
Video: Wolfgang Kandek discusses key IPv6 security risks, as well as how his teenage son was able to inadvertently hack IPv6 on his home network. Video
-
The critical risks surrounding smart grid security: RSA 2013
Video: Robert Hinden of Check Point discusses the state of smart grid security and why it's so important to keep the critical infrastructure running. Video
-
How to utilize NDPMon for better IPv6 monitoring, network visibility
Video: Keith Barker of CBT Nuggets demonstrates NDPMon, a free, open source security tool that can improve IPv6 monitoring and network visibility. Screencast
-
Gartner's Greg Young on enterprise IPv6 security issues
Video: Gartner Research VP Greg Young discusses enterprise IPv6 security issues, including why IPv6 transitions introduce new risks. Video
-
Black Hat 2011: SSL implementations are broken, says noted security researcher
Configuration issues and other errors mire the SSL implementations of thousands of legitimate websites, according to research conducted by SSL Labs, a research arm of Qualys Inc. Video
-
VeriSign CSO on new IPv6 threats, Internet stability and security
VeriSign CSO Danny McPherson talks about the new threats posed by the move from IPv4 to IPv6 and the issues hindering the the adoption of the next Internet protocol. Video
-
Incident response team best practices
Do you know how to maximize your incident response management? Expert Lenny Zeltser discuses incident response best practices for policies, maturity and teams in this interivew. Video
-
VeriSign on DNSSEC support
Joe Waldron, a product manager in VeriSign's Naming (DNS) Group, said engineers are testing and upgrading systems to support security extensions for DNS (DNSSEC). Video
-
PCI compliance requirement 4: Encrypt transmissions
Diana Kelley and Ed Moyle of Security Curve review PCI compliance requirement 4: "Encrypt transmission of cardholder data across open, public networks." Video
- See more Multimedia on Network Protocols and Security
-
IPv6 address
An IPv6 address is a 128-bit alphanumeric string that identifies an endpoint device in the Internet Protocol Version 6 (IPv6) addressing scheme. The new IP address format was created to enable the trillions of new IP addresses required to connect no... Definition
-
VMware unveils next-gen NSX, teams up with security players
At VMworld 2013, VMware unveiled its next-gen network virtualization platform, NSX, and an ecosystem partnership with the security industry. News
-
Lessons learned from Juniper vulnerability in Junos OS
Expert Brad Casey says the recent Junos OS flaws demonstrates why enterprises must diligently update networking router software to stay secure. Answer
-
OpenFlow security: Does OpenFlow secure software-defined networks?
Expert Brad Casey answers a question on OpenFlow security implications: Can the OpenFlow protocol foster software-defined networking (SDN) security? Answer
-
Neohapsis: IPv4 plus IPv6 enables man-in-the-middle attacks
Neohapsis' Scott Behrens explains how having both IPv4 and IPv6 Internet protocols enabled can lead to man-in-the-middle attacks. News
-
How key MDM features affect mobile security policy management
As MDM features become more robust, enterprises must not only look for mature products, but also evolve mobile security policies accordingly. Tip
-
Enterprise network security visibility: Beyond traditional defenses
Organizations have implemented various network security technologies to gain better visibility into their networks. However, these security technologies place an increased demand on the network. This TechGuide explores how to improve network security... E-Handbook
-
Using network flow analysis to improve network security visibility
To overcome network security issues from advanced attackers and BYOD, security professionals are turning to network flow analysis to gain improved network security visibility. Tip
-
IPv6 implementation security advice from Check Point's Robert Hinden
IPv6 co-inventor Robert Hinden outlines IPv6 implementation security risks and a critical IPv6 security tip for working with network security vendors. Video
-
Does automatic IP addressing carry any security implications?
Is automatic IP addressing a suitable option, or should network and security teams still manually assign IP addresses? Expert Brad Casey discusses. Answer
- See more All on Network Protocols and Security
About Network Protocols and Security
Get advice on best practices for network protocols -- VoIP, TCP/IP, FTP. Learn how to protect data and secure communication to prevent hacker attacks.