NAC security learning guide
This mini learning guide is a part of SearchSecurity.com’s multi-page series, NAC security guide: How to achieve secure network access in the enterprise
Ensuring your network architecture is secure is an essential component of a solid network security strategy.
This mini learning guide will cover best practices for achieving and maintaining a secure network architecture, discussing several aspects of DMZ security and VLAN security, including outlining VLAN attacks and how to prevent them.
to compartmentalize Wi-Fi traffic with a VLAN
Configuring virtual LANs (VLANs) to tag Wi-Fi traffic can create be an effective way to increase greater security for an enterprise wireless network. Learn the difference between wired LAN and wireless network traffic and how to use these VLAN capabilities, found in both wired and wireless devices, to tag and compartmentalize Wi-Fi traffic, supporting your company's security and traffic management policies.
Configuring three or more switches to support a VLAN and partition a network is a fairly simple and straightforward process. However, ensuring a VLAN can withstand an attack is a different story! In order to secure a VLAN, you need to know what to protect it from. Here are a few of the most popular attacks against VLANs, ways you can fight them, and in some cases, minimize their effect.
More advice on DMZ and VLAN security
In this tip from SearchServerVirtualization.com, learn how virtualization affects DMZ design.
In this excerpt from, How to Cheat at Managing Information Security, author Mark Osborne examines how remote access DMZs can mitigate risks of unsecured remote access endpoints.
LAN to isolate malware
Is it possible – or beneficial – to isolate a worm or virus by segmenting a network LAN?
In this Q&A thread, which originally appeared on the IT Knowledge Exchange, learn about the disadvantages and risks associated with segmenting a LAN to isolate malware and Trojans, as well as best practices and the related alternatives for keeping malware off your corporate network.
to set up a site-to-site VPN to coexist with a DMZ
Looking to set up a site-to-site virtual private network (VPN) within a demilitarized zone (DMZ)? In this Q&A, network security expert Anand Sastry, a SearchSecurity.com featured security expert, explains best practices for deploying a site-to-site VPN endpoint in a DMZ-type architecture.
to set up SFTP automation for FTP/DMZ transfer
In this expert response, contributor Anand Sastry discusses DMZ security and explains how to create SFTP automation for locking down internal FTP/DMZ transfers and how to leverage public key authentication in order to do so.
This was first published in March 2012