Cisco Threat Defense System Guide

Contributed by Cisco Systems, Inc.

The network today is a critical business asset. It not only allows the smooth running of business applications, it also enables the easy delivery of data, voice, and video. As a result, companies are increasingly concerned with keeping their network running andapplications online while protecting one of their most critical assets — their information. In order to protect your business, you need to protect your network.  In recent years, not only has the number of network and computer attacks been on the rise, but also the level of complexity and sophistication with which they strike. The most commonplace and perhaps most damaging of these attacks are called “worms.”

Building a Self-Defending Network

Contributed by Cisco Systems, Inc.

Increasingly, mission-critical business applications and services are deployed on open networks with substantial connections to the public Internet. Without appropriate security policies, processes, and products, Internet connectivity can compromise the very gains in productivity that help make today’s companies more profitable and that enable them to serve a larger and more diverse customer base.

  Security enables enterprises to confidently extend the network to customers, partners, and remote/mobile employees, thus increasing revenues sources, efficiency of business processes and employee productivity.

In some industries, data privacy and the threat of litigation has become a government mandate. U.S. healthcare providers must comply with the Health Insurance Portability and Accountability Act (HIPAA), U.S. financial services providers are governed by the Gramm-Leach-Bliley Act, and U.K. companies must adhere to the Turnbull Report on Internal Control for public companies, as well as the Data Protection Act of 1995.

Technology Best Practices for Endpoint Security

Contributed by Cisco Systems, Inc.

As technologies such as high-speed networks, switching, and end-to-end encryption are more widely adopted, providing desired security at the network level becomes a major challenge. One important place to enforce security is at the endpoint, where data resides and the potential for damage is greatest. Today, businesses are confronted with the availability of several point products, each attempting to solve a part of the endpoint security problem. These include distributed personal firewalls for protection against network-borne threats, antivirus scanners for detection of file-based threats, and audit or integrity products for detection of malicious configuration activity. These technologies do not address new attacks that are carried over existing protocols to attack applications, or new content-based attacks that attack systems before vendors are able to release and distribute signatures and other responses. This document outlines the technology best practices for endpoint security solutions, to help organizations make informed decisions when choosing endpoint security products.

Network Admission Control

Contributed by Cisco Systems, Inc.

Network Admission Control (NAC), an industry initiative sponsored by Cisco Systems, uses the network infrastructure to enforce security policy compliance on all devices seeking to access network computing resources, thereby limiting damage from viruses and worms.

Using NAC, organizations can provide network access to endpoint devices such as PCs, PDAs, and servers that are verified to be fully compliant with established security policy. NAC can also identify noncompliant devices and deny them access, place them in a quarantined area, or give them restricted access to computing resources.

NAC is part of the Cisco Self-Defending Network. Its goal is to create greater intelligence in the network to automatically identify, prevent, and adapt to security threats.

Intrusion Protection for Remote Corporate Users

Contributed by Cisco Systems, Inc.

Increasingly, employees are working remotely from corporate offices. Some of these users are mobile workers accessing corporate applications like e-mail from hotel rooms, airports, or customer offices. Others are tele-workers working from home. Often, these users access the corporate network through the Internet instead of using a dialup modem. All of these users are exposed to probes or attacks from the Internet, and none are protected by the central corporate firewall. Remote users whose computers are compromised provide attackers with a point of entry into the corporate network.

A Security Blueprint for Enterprise Networks

Contributed by Cisco Systems, Inc.

The SAFE Blueprint from Cisco Systems® is a secure blueprint for enterprise networks. Its principle goal is to provide best practices information on designing and implementing secure networks. SAFE takes a defense-in-depth approach to network security design, serving as a guide to network designers considering the security requirements of their networks. This type of design focuses on expected threats and their methods of mitigation, resulting in a layered approach to security where the failure of one security system is not likely to lead to the compromise of the rest of the network. Although this white paper is a product-agnostic document, the SAFE proof-of-concept lab is based on products from Cisco and its partners.

This document begins with an overview of the blueprint’s architecture, and then details the specific modules that make up the actual network design. When discussing each module, the first three sections describe the traffic flows, primary devices, and expected threats, with basic mitigation diagrams. Detailed technical analysis of the design follows, along with more detailed threat mitigation techniques and migration strategies.

Search Our Site

Search the ENTIRE Business Forum site. Search includes the Business
Forum Library, The Business Forum Journal and the Calendar Pages.