Ask the Experts
Ask the Experts
Enterprise network security
-
How do a DMZ and VPN work together?
In this SearchSecurity.com Q&A, network security expert Mike Chapple explains the three distinct network zones in a typical firewall scenario and reveals how the DMZ and VPN, in particular, co-exist. Continue Reading
-
How to ensure that an SSL connection protects sensitive Web data
In this expert Q&A, application security pro Michael Cobb explains how to secure sensitive Web site data that is sent across the Internet. Continue Reading
-
What are the risks of placing enterprise users in a DMZ?
A demilitarized zone protects systems from an affected server, but enterprise users themselves should have no place in the DMZ. In this expert Q&A, Mike Chapple explains where they belong. Continue Reading
-
What are the benefits of a tunnelless VPN?
In this SearchSecurity.com Q&A, network security expert Mike Chapple reviews two common tunnelless VPNs: Secure Sockets Layer (SSL) and Group Encrypted Transport (GET). Continue Reading
-
Can a TCP connection be made without an open port?
A company may claim it has an "application" that allows computers to communicate without opening any ports, but network security expert Mike Chapple reveals whether you should believe the hype or not. Read more in this SearchSecurity.com Q&A. Continue Reading
-
Interpretting firewall security alert messages
If you can't decipher the security alert messages from your firewall, information security threats expert Ed Skoudis can help with some of the interpretation. In this SearchSecurity.com Q&A, Ed Skoudis uses a sample alert message to explain whether ... Continue Reading
-
How should security and networking groups manage the firewall?
When it comes to firewalls, the networking group often handles the installation, while the information security department writes the rules. Should these responsibilities be split? In this expert Q&A, security management pro Shon Harris reveals how ... Continue Reading
-
Can single sign-on (SSO) provide authentication for remote logons?
If you're accessing multiple applications through a remote Citrix server, you have two options. Identity management and access control expert Joel Dubin explains both in this SearchSecurity.com Q&A. Continue Reading
-
What are a call center's authentication options when seeking FFIEC compliance?
There are many ways for a call center to employ two-factor authentication and meet FFIEC standards. In this expert Q&A, Joel Dubin reviews SSL VPNs and other options for compliance-seeking call centers. Continue Reading
-
What is WiPhishing?
In this expert Q&A, information security threats expert Ed Skoudis addresses WiPhishing and the reasons you shouldn't trust every wireless access point. Continue Reading
-
Which Internet protocol is more secure: FTPS or SCP?
In this expert Q&A, Michael Cobb reviews the strengths and weaknesses of various Internet protocols. Learn the pros and cons of FTPS, SCP and SFTP. Continue Reading
-
What is the risk estimation model for SSL VPN implementation?
Risk assessment is a common way to evaluate new technologies. In our SearchSecurity.com Q&A, network security expert, Mike Chapple, explains how to determine if SSL VPN implementation is right for your organization. Continue Reading
-
What is the cause of a wireless LAN's unsecured connection?
In our expert Q & A, network security expert, Mike Chapple, reveals the reason behind your wireless LAN's "unsecured connection." Continue Reading
-
If email attachments are sent via SSL will they be encrypted?
This application security Ask the Expert Q&A explains what happens to traffic that travels over an SSL connection and details how to keep email messages and attachments secure as they travel to and from email clients and SMTP servers. Continue Reading
-
How do L2TP and PPTP differ from IPsec?
There are different protocol options when setting up a VPN tunnel. SearchSecurity.com expert Mike Chapple reviews the choices and reveals the one that is most secure. Continue Reading
-
How to configure and implement a DMZ
Learn how to design and configure a DMZ in this network security Ask the Expert Q&A. Continue Reading
-
How do circuit-level gateways and application-level gateways differ?
Learn how circuit-level gateways and application-level gateways differ in this network security Q&A. Continue Reading
-
How do proxy servers and proxy firewalls differ?
In this network security Ask the Expert Q&A, SearchSecurity's resident expert Mike Chapple examines how proxy servers and proxy firewalls differ and explains how they work together. Continue Reading
-
How to protect the network from DoS attacks
In this Ask the Expert Q&A, our security threat expert, Ed Skoudis, discusses how a new type of DoS attack operates and what you can do to protect your network. Continue Reading
-
How to create and enforce employee termination procedures
In this Ask the Expert Q&A, Shon Harris, our security management expert, reviews how the the security group, HR and management should work together to define and enforce employee termination policies, and reviews what should be done during each ... Continue Reading
-
How can I open a closed port so my application can access the Internet?
In this network security Ask the Expert Q&A, Mike Chapple, our resident expert, reveals what should be done if you need to re-open a closed port to allow an application to work. Continue Reading
-
How VPNs interact with instant-messaging applications
In this Ask the Expert, application security expert Michael Cobb reviews how an enterprise-wide VPN works and whether it encyrpts and protect instant-messaging communications. Continue Reading
-
The pros and cons of proxy firewalls
In this Ask the Expert Q&A, our application security expert reviews the pros and cons of proxy firewalls. Continue Reading
-
How to detect rogue DHCP servers, routers and NICs on a network
In this Ask the Expert Q&A, our identity and access management expert identifiies techniques and tools that help detect rogue DHCP servers, routers and network interface cards on a network. Continue Reading
-
The pros and cons of FTP over SSL
Compare and contrast the pros and cons of having hosts send PGP-encrypted files to an existing FTP site against building an ad hoc FTP server using SSL, in this Ask the Expert Q&A Continue Reading
-
How to prevent application attacks and reduce network vulnerabilities
In this Ask the Expert Q&A, our application security guru discusses how hackers exploit network vulnerabilities to attack your applications and what you can do to mitigate this risk. Continue Reading
-
How Kerberos, PKI and IPsec interoperate
In this Ask the Expert Q&A, our identity and access management expert explains how these three unrelated systems interoperate to authenticate and manage digital certificates. Continue Reading
-
How IPsec and SSL/TLS use symmetric and asymmetric encryption
In this Ask the Expert Q&A, our identity and access management expert explains how IPsec and SSL/TLS use these two authentication methods to establish secure Web sessions. Continue Reading
-
The future of Telnet and FTP
In this Ask the Expert Q&A, our application security expert discusses what he believes what will happen to the Telnet and FTP application layer protocols as the industry prepares for the future. Continue Reading
-
The pros and cons of application firewalls
In this Ask the Expert Q&A, our application security expert discusses the pros and cons of application firewalls. He also explains how they differ from packet filter and stateful inspection firewalls, and why they are not the preferred among some ... Continue Reading
-
Designing an architecture for FTP file transfer
-
How to configure an FTP server with SSL
In this expert response, security expert Michael Cobb explains how to securely configure an FTP server with Secure Socket Layering (SSL). Continue Reading
-
Firewall responsibilities and firewall timeout features
-
Where does Citrix fit into the SSL VPN landscape?
-
Setting a policy for laptop screensaver timeouts
-
Should I setup a VPN from inside our network to an outside server?
-
The risks of putting the email server in the DMZ
Currently our internal email server is located on a computer behind the firewall like everything else. Our database administrator has asked that I move our email server to the DMZ so that the database can link with the email system. Apparently, the ... Continue Reading
-
Placing your servers outside the DMZ
-
Learning the difference between PGP and SSL
-
The difference between TFTP and FTP
-
Firewall blocking network connection
-
Preventing the broadcast of an IP address
-
The detection and prevention of split tunneling
-
Best practices for securing remote-access solutions
-
VPNs and split tunneling
-
Disabling split tunneling for secure remote access
-
The difference between a two-tier and a three-tier firewall
-
Whether to put Exchange server in DMZ or internal network
-
The difference between SSL and IPSec
-
Blocking remote access Web sites
-
Resources for learning how IPSec works
-
Safety of Internet banking on a company LAN
-
Detecting viruses in encrypted files
-
Relying on an ISP's firewall to protect your organization
-
Various ways to open and close ports without a firewall
-
Using a routable IP address behind a firewall or DMZ
-
How does antivirus software work?
-
Blocking music and streaming video with Check Point firewall
-
PGP vs. SSL for files sent to FTP site.
-
Best cross-firewall client/server application design
-
How to secure a wireless LAN
-
Using NAT rules to map to DMZ
-
Role and placement of a DMZ on a network
-
Dedicated vs. host-based firewalls
-
Firewall protection for remote users
-
Hardware requirements for implementing a firewall
-
Frame relay vs. VPNs
-
Turning off port 1080
-
Evolution of the firewall
-
The difference between a VPN box and Firewall VPN
-
Implementing SSH
-
The risks of deploying distributed firewalls
-
Firewall configuration
-
The difference between IPSEC and PPTP
-
Split tunneling in a VPN environment & the security of 3DES encryption
-
Mainframe vs. client server
-
Where to terminate a VPN