This presentation by security expert Dave Shackleford examines the latest approaches to beefing up your network security architecture. As Shackleford explains, traditional signature-based threat detection is getting increasingly less effective. Now is the time to get up to date on the latest tools and techniques.
In this webcast, Shackleford explores important new methods, like segmentation and behavioral monitoring and analysis. Too many networks are "flat," he claims, and the most of the major security breaches you read about occur in flat networks. This allows attackers, once they get a foothold in a system, to move laterally and locate more weaknesses to exploit. Major security breaches take time, says Shackleford. Don't make it easy for them by letting your network remain flat.
Also see our Beyond the Page special feature on advanced network security architectures featuring expert Dave Shackleford.
Instead, think about zoning and network isolation. The new isolation and segmentation tools Shackleford discusses in his presentation include software-defined networking (SDN) and next-generation firewalls (NGFW). SDN and NGFW may a few years ago just been buzz words, but that's changed; they're important means to heighten network security architectures. Another major development that might sound like a fad is behavior monitoring, but behavioral analysis is becoming one of the best ways to identify advanced attacks.Also worth your investigation: threat intelligence services. If you've got up-to-the-minute access to the bad actors cruising the Internet, you'll be ahead of most in terms of understanding where the worst threats are coming from.
Besides fancy new tools and techniques, Shackleford explains more "common sense" ideas, such as keeping your focus on your most sensitive data and high-risk zones. In this area, for instance, SSL should be one of your key focuses.
None of this is easy, Shackleford admits, but the effort is well worth it.