Ask the Experts

Ask the Experts

Network device security: Appliances, firewalls and switches

• Is security improved when the number of Internet gateways is reduced?

  A single entry point has often been thought easier to defend than multiple entry points. There are some caveats to reducing the number of Internet gateways, though, as expert Michael Cobb explains.  Continue Reading

• Which is a more secure data access technology: SPAN or TAP?

  When monitoring traffic on a network, which is the best tool to use? Network security expert Mike Chapple gives advice.  Continue Reading

• What to consider before opening a port

  Recently, a reader asked network expert Mike Chapple, "What would be the security implications of opening six ports through a firewall?" Chapple reviews what questions need to be addressed before an organization exposes any network ports.  Continue Reading

• For a small office, what are the best, least expensive office servers with secure access?

  Which secure access servers are best for small offices when price is an issue?  Continue Reading

• How to prevent hackers from accessing your router security password

  In this Q&A, Joel Dubin unveils the best practices for protecting a router security password from compromise.  Continue Reading

• Comparing proxy servers and packet-filtering firewalls

  In the world of security, judging proxy servers and packet-filtering firewalls together is like comparing apples and oranges. But that won't stop network security expert Mike Chapple from giving such comparisons a try.  Continue Reading

• Why does Skype connect to so many servers?

  Skype is a peer-to-peer service that uses a distributed network of "supernodes" to facilitate communication throughout the world. But is it safe to have so many "volunteer" connections? Mike Chapple explains.  Continue Reading

• Will iptables screen UDP traffic?

  UDP is a connectionless protocol that can't be screened using strict stateful inspection. However, most modern firewalls, including iptables, treat UDP in the same manner as a connection-oriented protocol. Mike Chapple explains the process in this ...  Continue Reading

• Can Snort be configured with a FreeBSD router?

  Just because you can use Snort, it doesn't necessarily mean that you always should. In this expert Q&A, Mike Chapple explains which network configuration scenarios call for the intrusion defense tool and which ones don't.  Continue Reading

• Should a router be placed between the firewall and DMZ?

  Modern firewalls have the ability to serve as a router, negating the need of another device on a network. There are exceptions to this router rule, however. Network security expert Mike Chapple explains.  Continue Reading

• What evaluation criteria should be used when buying a firewall?

  Choosing a firewall for the enterprise isn't always easy. In this expert Q&A, Mike Chapple provides three important points to consider before deciding on a product.  Continue Reading

• Do P2P networks share the same risks as traditional ones?

  Although P2P networks have their benefits, organizations still need to be careful with the peer-to-peer technology. In this SearchSecurity.com Q&A, network pro Mike Chapple explains how to protect a P2P network's many nodes.  Continue Reading

• Interpretting firewall security alert messages

  If you can't decipher the security alert messages from your firewall, information security threats expert Ed Skoudis can help with some of the interpretation. In this SearchSecurity.com Q&A, Ed Skoudis uses a sample alert message to explain whether ...  Continue Reading

• How should security and networking groups manage the firewall?

  When it comes to firewalls, the networking group often handles the installation, while the information security department writes the rules. Should these responsibilities be split? In this expert Q&A, security management pro Shon Harris reveals how ...  Continue Reading

• How should a desktop firewall policy manage open ports?

  Having a standard desktop firewall policy is an important security measure. In this expert Q&A, network security pro Mike Chapple reviews where to begin when enacting these restrictions.  Continue Reading