Enterprise network security
Network security hardening is a critical aspect of enterprise cyber-defense. Here you'll find network security hardening information for several areas such as network architecture, software and policies, VPNs, device management, network prevention and intrusion detection and wireless security.
Top Stories
-
Feature
16 May 2023
12 common network protocols and their functions explained
Networking makes the internet work, but neither can succeed without protocols. Common network protocols and their functions are key for communication and connection across the internet. Continue Reading
-
Answer
19 Apr 2023
How to defend against TCP port 445 and other SMB exploits
Keeping TCP port 445 and other SMB ports open is necessary for resource sharing, yet this can create an easy target for attackers without the proper protections in place. Continue Reading
-
Answer
25 Nov 2019
The network security tools to combat modern threats
Incorporating new network security tools and methods into your enterprise's infosec program may mean the difference between staying safe or falling victim to an attack. Continue Reading
-
Tip
19 Nov 2019
Boost network security visibility with these 4 technologies
The network is where it's at if you want to stop malicious actors. But first you need to up your network visibility. Learn about four technologies that can help. Continue Reading
-
Tip
19 Nov 2019
Network visibility and monitoring tools now amp up security
Three technology trends are currently making network visibility even more central to security tools. Learn more about the impact of big data, AI and APIs. Continue Reading
-
Tip
19 Nov 2019
Why Secure Access Service Edge is the future of SD-WAN
Secure Access Service Edge -- or SASE -- architecture transitions from network designs that revolve around the data center to a model based on identity and user context. Continue Reading
-
Tip
18 Nov 2019
Use network traffic analysis to detect next-gen threats
Network traffic analysis, network detection and response -- whichever term you prefer, the technology is critical to detecting new breeds of low-and-slow threats. Continue Reading
-
Tip
08 Nov 2019
After a data breach occurs, follow this network security checklist
Before a network breach occurs, you should already have a response plan in place. To make sure you're taking a proactive approach, follow this network security checklist. Continue Reading
-
Answer
06 Nov 2019
Network security vs. application security: What's the difference?
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger security plan. Continue Reading
-
Opinion
01 Nov 2019
When cyberthreats are nebulous, how can you plan?
Security planning is tough when you're short-staffed and hackers have smart tech too. You'll need solid skills and, most of all, a willingness to use your imagination. Continue Reading
- E-Zine 01 Nov 2019
-
Tip
01 Nov 2019
Increase security visibility with network automation tasks
IT teams can set up automation tasks that generate security reports about network traffic data. These read-only dashboards are useful for executives that ask for system updates. Continue Reading
-
News
22 Oct 2019
Forcepoint Web Security offering reaches for the edge
Forcepoint has delivered a web-based security tool leveraging elastic cloud gateway technology that allows admins to access content from any remote location. Continue Reading
-
Tip
15 Oct 2019
5 steps to follow in a network security audit checklist
Planning, execution, analysis, reporting and follow-up are the basic elements of a network security audit checklist. But coordination among IT teams is also important. Continue Reading
-
News
11 Oct 2019
Cybersecurity threats on the rise, prey on human nature
Cybersecurity attacks continue to rise, taking advantage of network vulnerabilities -- and human ones. First National Technology Solutions' CISO offers advice. Continue Reading
-
Tip
09 Oct 2019
How to develop and implement a network security plan
When formulating a focused network security plan, you'll need to address specific questions about outbound traffic, user logins and government regulations. Continue Reading
-
Tip
07 Oct 2019
Data center transformation drives the ADC security use case
Application delivery controllers play many roles, but the ADC security use case might be most important. Learn about ADC features and how they boost data center security. Continue Reading
-
Tip
04 Oct 2019
Virtual network security measures to thwart access threats
Virtual networks add a layer of complexity to the real networks below them. Follow these three virtual network security measures to prevent complexity from creating issues. Continue Reading
-
Tip
01 Oct 2019
Top enterprise 5G security concerns and how to address them
The benefits of 5G are aplenty, but the next-generation LTE technology also presents a number of risks. Learn how to securely deploy 5G in your enterprise. Continue Reading
-
Tip
19 Sep 2019
Cybersecurity frameworks hold key to solid security strategy
Cybersecurity frameworks take work, but they help organizations clarify their security strategies. If you don't have one, here's what to consider, even for emerging perimeterless security options. Continue Reading
-
News
10 Sep 2019
Gigamon launches platform to improve application visibility
Application Metadata Intelligence identifies network performance, application performance, operational technology communications and security and threat detection. Continue Reading
-
News
06 Sep 2019
Trustwave security platform provides visibility, control
Trustwave Fusion is a cloud-based cybersecurity platform designed with the goal of giving users better insight into how security resources are provided and monitored. Continue Reading
-
News
05 Sep 2019
Hackers earn nearly $2M in HackerOne's hacking event
One hundred hackers and 75 hackers in training gathered in Las Vegas for HackerOne's hacking event to find security flaws in organizations, including Verizon Media and GitHub. Continue Reading
-
Feature
28 Aug 2019
VMware's internal Service-defined Firewall reimagines firewalling
VMware's internal firewall uses a global view of known-good behavior at the network and host level to minimize the attack surface for on-premises and cloud environments. Continue Reading
-
Feature
16 Aug 2019
Bibb County School District cybersecurity efforts use AI
Using AI-driven cybersecurity from ManagedMethods, a Georgia school district blocks external threats and identifies potentially harmful language in student documents. Continue Reading
-
News
12 Aug 2019
Black Hat 2019 brings out new security, protection offerings
The 22nd Black Hat conference in Las Vegas brought together a slew of vendors in network and data security with a variety of security offerings to pitch. Continue Reading
-
News
05 Aug 2019
New features added to Juniper Networks security platform
New features include containerized firewalls and the incorporation of SecIntel into MX Series routers as part of Juniper Networks' effort to provide security throughout a network. Continue Reading
-
Infographic
01 Aug 2019
IoT cybersecurity: Do third parties leave you exposed?
IoT's vast vendor landscape drives innovation, but working with so many third parties also comes with baggage in the form of third-party cybersecurity issues. Continue Reading
-
News
31 Jul 2019
Qualys IOC 2.0 update improves threat detection and response
Qualys IOC 2.0 comes with increased threat detection and response capabilities designed to more accurately detect indicators of compromise and potential cyberattacks. Continue Reading
-
Feature
17 Jul 2019
The 5 network security basics you need to know
In this compilation, learn what network security is, as well as how it differs from cybersecurity, common -- and potentially confusing -- technologies, threats and more. Continue Reading
-
Feature
10 Jul 2019
Identity management strategy starts with people, not technology
Organizations have the tough job of creating an overarching view of identity inside and out of the company. One thing they should remember? Focus on people rather than technology. Continue Reading
-
Feature
02 Jul 2019
A glossary of 10 essential network security terms
This network security glossary covers both old and new key terms -- such as zero trust networks and microsegmentation -- that can bolster anyone's security vocabulary. Continue Reading
-
Tip
28 Jun 2019
How to prevent cybersecurity attacks using this 4-part strategy
It can be daunting to defend an enterprise against cyberattacks, but these four defensive moves can help fortify and repel whatever comes your way. Continue Reading
-
Feature
28 Jun 2019
Comparing EDR tools: Cybereason vs. CrowdStrike vs. Carbon Black
Learn how tools from leading EDR vendors Cybereason, CrowdStrike and Carbon Black compare when it comes to helping security teams fight endpoint threats and respond to incidents. Continue Reading
-
Tip
28 Jun 2019
How to retool incident response best practices for the digital age
As companies become more cloud- and mobile-centric, they need to reassess their incident response best practices and automate as much as possible. Continue Reading
-
Feature
26 Jun 2019
Build a proactive cybersecurity approach that delivers
Whether it's zero-trust, adaptive security or just plain common sense, IT leaders must embrace an approach to IT security that's proactive, not reactive. Continue Reading
-
Feature
19 Jun 2019
AI network security tool autonomously does microsegmentation
To ensure network security, a U.S. law firm has turned to automated network microsegmentation vendor Edgewise. The startup uses machine learning to deploy microsegmentation. Continue Reading
-
News
18 Jun 2019
ReliaQuest's cybersecurity platform integrates technologies
ReliaQuest's security analytics platform, GreyMatter, claims to improve threat detection by up to four times and reduce system downtime by 98% by integrating AI and human analysis. Continue Reading
-
News
05 Jun 2019
Another 7.7M affected by American Medical Collection Agency breach
Roughly 7.7 million LabCorp customers may have been affected by an American Medical Collection Agency data breach. It's the same incident that affected Quest Diagnostics. Continue Reading
-
Feature
01 May 2019
Huawei ban highlights 5G security issues CISOs must tackle
Why worry over Huawei? A U.S. ban of this Chinese company's products should remind CISOs that now is the time to consider security issues related to the rollout of the 5G network. Continue Reading
-
Tip
23 Apr 2019
How to build a strong cloud network security strategy
Building a secure network in the cloud is different from securing a traditional network. Learn what the main differences are and how to establish cloud networking security. Continue Reading
-
Tip
17 Apr 2019
AI, machine learning in cybersecurity focused on behavior
Artificial intelligence, and machine learning in particular, is being fruitfully employed in IT security tools. Learn where this advanced technology works best now. Continue Reading
-
Answer
18 Mar 2019
What does a zero-trust model mean for network security?
A zero-trust model limits access and permissions according to a defined set of parameters that enterprises specify for each application. Learn what this means for network security. Continue Reading
-
News
06 Mar 2019
Cisco: Network security strategy requires IT, OT to play nice
Cisco told RSA attendees the need for network security on the factory floor is growing. Cisco says cooperation between IT and operations is key to protecting equipment. Continue Reading
-
News
05 Mar 2019
Container security tools turn heads with expansion to hosts
Vendors that sell container security tools now face off against traditional security tool providers, as both vie for the attention of IT pros who look to fortify their cloud-native infrastructure. Continue Reading
-
News
21 Feb 2019
CrowdStrike report says breakout time for threat actors is increasing
CrowdStrike's annual global threat report highlights why speed is critical for cybersecurity defenders. Experts sound off on key findings, including the rise of 'big game hunting.' Continue Reading
-
Tip
20 Feb 2019
Key steps to put your zero-trust security plan into action
There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one that's best for your company. Continue Reading
-
Answer
20 Feb 2019
What new technique does the Osiris banking Trojan use?
A new Kronos banking Trojan variant was found to use process impersonation to bypass defenses. Learn what this evasion technique is and the threat it poses with Nick Lewis. Continue Reading
-
News
19 Feb 2019
Palo Alto Networks to acquire SOAR vendor Demisto
Palo Alto Networks announced its plan of acquiring SOAR vendor Demisto for $560 million to accelerate its Application Framework strategy and beef up security operations automation. Continue Reading
-
News
15 Feb 2019
Astaroth Trojan returns, abuses antivirus software
Cybereason's Nocturnus Research team has discovered a new strain of the Astaroth Trojan that attacks antivirus software to steal credentials. Continue Reading
-
Answer
15 Feb 2019
How do trusted app stores release and disclose patches?
A flaw was found in the Android installer for Fortnite and was patched within 24 hours. Learn how such a quick turnaround affects mobile app security with expert Nick Lewis. Continue Reading
-
Answer
11 Feb 2019
What are the pros and cons of machine learning in network security?
The predictive nature of machine learning can benefit network security strategies. But it can also benefit those looking to break through secure network barriers. Continue Reading
-
News
08 Feb 2019
'SpeakUp' backdoor Trojan could spell further trouble for Linux servers
Check Point Research explains why SpeakUp, the new Trojan targeting Linux servers, has the potential to unleash more harm and offers pointers on how to defend against such malware. Continue Reading
-
Feature
01 Feb 2019
CISO tackles banking cybersecurity and changing roles
Over the course of his career in security, Thomas Hill has held varied positions that inform his views on both technological specifics and strategic roles in modern corporations. Continue Reading
-
News
17 Dec 2018
A recap of notable 2018 networking trends and news
Before the final days of 2018 fade into history like so last-generation 4G, spend some time reviewing the news and trends that graced the networking industry this year. Continue Reading
-
Answer
04 Dec 2018
What are the differences between network security vs. cybersecurity?
IT groups need to consider varying layers of security. For instance, the similarities and differences between cybersecurity and network security are closely entwined. Continue Reading
-
Answer
18 Oct 2018
How does the resurgent VPNFilter botnet target victims?
After a comeback of the Russian-built VPNFilter botnet, home network devices are at risk. Learn how this malware targets victims with expert Nick Lewis. Continue Reading
-
E-Zine
01 Jun 2018
CISOs face the IoT security risks of stranger things
The internet of things, by its very design, extends enterprise technology infrastructure further and further out, computerizing devices whose functions, if corrupted, could have catastrophic results. The sheer scope of internet-connected devices is compounding IoT security risks: CISOs now must worry not only about compromised or stolen data but the potential for bad actors to hijack vehicles, heavy machinery and medical equipment.
"People talk about IoT being the new hot thing, but it has been there almost 20 years in medical care," said Taylor Lehmann, CISO for both Wellforce and its academic hospital, Tufts Medical Center based in Boston. "What has changed is the number of these devices and how many of these devices are vulnerable."
Strategies to manage IoT security risks outside of healthcare and a few other industries remain in the early stages. Many connected devices can't be patched or updated, nor do they have security features such as basic encryption and two-factor authentication. The skills to secure IoT, which require knowledge of software and hardware, are challenging to find.
Even so, experts say cybersecurity in the internet of things era draws on the same technologies and practices that have proven effective over the years, thereby giving CISOs and their organizations a roadmap for extending security as the number of devices multiplies. In this issue of Information Security magazine, we talk to CISOs and other information security experts about IoT security risks and strategies for managing them.
Continue Reading -
Feature
01 Jun 2018
Stranger things: IoT security concerns extend CISOs' reach
The internet of things has drastically expanded the scope of what enterprises need to protect, adding challenges big and small to CISOs' responsibilities. Continue Reading
- 29 May 2018
-
Tip
17 May 2018
How security operations centers work to benefit enterprises
One key support system for enterprises is security operations centers. Expert Ernie Hayden reviews the basic SOC framework and the purposes they can serve. Continue Reading
-
Tip
09 May 2018
Protecting the DNS protocol: How DNSSEC can help
Securing the DNS protocol is no joke. Learn what the DNS Security Extensions are and the efforts the United States government is taking to push DNSSEC adoption. Continue Reading
-
Tip
09 May 2018
Ways to solve DNS security issues in your organization
Get up to speed fast on means and methods for reducing or eliminating security-related issues in DNS, an integral service upon which the internet depends. Continue Reading
-
Tip
06 Apr 2018
Zero-trust model promises increased security, decreased risk
The zero-trust model takes focused and sustained effort, but promises to improve most companies' risk posture. Learn what it takes to get the most out of zero trust. Continue Reading
-
Tip
08 Feb 2018
Mobile security issues require a unified approach
Security gaps in mobile devices can be many and varied, but they must be addressed immediately. Unified endpoint management is the next-gen way to close the gaps. Continue Reading
-
Tip
08 Feb 2018
Counter mobile device security threats with unified tools
Attacks on enterprise mobile endpoints are more lethal than ever. To help infosec pros fight back, enterprise mobile management has unified to fortify defenses. Continue Reading
-
Tip
05 Feb 2018
Fight a targeted cyberattack with network segmentation, monitoring
It takes a variety of tactics, including network segmenting and monitoring, to safeguard the network. Learn the latest defenses to keep your network safe. Continue Reading
-
Tip
22 Jan 2018
Spectre, Meltdown vulnerabilities put SDS, HCI at risk
Spectre and Meltdown patches should be applied to hyper-converged and other software-defined storage products that run on hosts with user installed application processes. Continue Reading
-
Tip
11 Jan 2018
Security compliance standards as a guide in endpoint plans
Consider security compliance regulations for your industry as a starting point and a guide for planning your specific approach to enterprise endpoint protection. Continue Reading
-
Tip
11 Jan 2018
The endpoint security controls you should consider now
With the perimeter wall gone, securing enterprise endpoints is even more essential. Learn how automation and other developments can up endpoint protection now. Continue Reading
-
Feature
21 Dec 2017
Get the best botnet protection with the right array of tools
Enterprise anti-botnet defenses, to be effective, must be added in multiple layers. No single security product will do the trick, but the right combo of tools can. Continue Reading
-
Feature
15 Dec 2017
Three reasons to implement an NAC system
The growth in devices on the network has heightened the need for network access control products. This article presents scenarios where an enterprise might need an NAC system. Continue Reading
-
Tip
08 Nov 2017
Learn how to identify and prevent access control attacks
Once an attacker has gained entry to a network, the consequences can be severe. Find out how the right access control tools can help prevent that from happening. Continue Reading
-
Tip
02 Oct 2017
Securing endpoints with supplementary tools protects data
Learn how network access control (NAC), data loss prevention (DLP) and robust data destruction tools secure the data in your corporate endpoints against data loss. Continue Reading
-
Answer
07 Sep 2017
How do network management systems simplify security?
Network security teams can find themselves overwhelmed with protecting an enterprise network. Expert Matthew Pascucci explains how network management systems can help with that. Continue Reading
-
Tip
31 Aug 2017
How NotPetya ransomware used legitimate tools to move laterally
WannaCry and NotPetya ransomware woke enterprises up to an expanded threat landscape. Expert Michael Cobb explains these threats and what enterprises can do to stop them. Continue Reading
-
E-Zine
10 Jul 2017
The best endpoint security practices are evolving and essential
Ever since the first mobile device hit the enterprise network, best endpoint security practices have been a major IT concern. What's happened since then has been a staggering proliferation of the number and types of devices on the network, complicated by increasing numbers of mobile and remote corporate employees, all of which have essentially ended the traditional idea of a corporate network security perimeter. Firewalls and other more traditional security appliances may still be in use, and rightly so, but endpoint security management is more critical than ever in keeping enterprise systems and data safe from malicious actors.
The summer Insider Edition, our Information Security magazine quarterly e-zine, looks at what's new in endpoint security management, from the best endpoint security tools to consider now, and what other efforts beyond tools infosec pros can employ to best secure all those pesky mobile endpoints wandering in and out of corporate corridors.
This Insider Edition offers expert assessments on the endpoint security technology vendors have developed to combat mutating ransomware like WannaCry -- from machine learning to multivendor partnerships to behavior analytics. Also included is an exploration of mobile endpoint security tools like application containers and app wrapping. CISOs must focus now on how the threats, and the technological advances to fight them, are changing and factor these considerations into any endpoint security strategy.
Readers will come away with a deeper understanding of the best endpoint security tools and techniques available and be able to consider the most advanced approaches available to locking down the company data and systems that endpoints can access.
Continue Reading -
Feature
10 Jul 2017
Advanced endpoint protection takes on the latest exploits
Advanced endpoint protection is arriving from all quarters -- machine learning, crafty sandboxes, behavior analytics. Learn how tech advances are being applied to endpoints. Continue Reading
-
Opinion
10 Jul 2017
Do thoughts of your least secure endpoint keep you up at night?
Some days, 'secure endpoint' feels like an oxymoron, but that soon may change. From smart sandboxes to advanced behavior analytics, learn what's new in endpoint security technologies. Continue Reading
-
Feature
23 May 2017
Learn what breach detection system is best for your network
Breach detection systems are essential in these days of machine learning and artificial intellingence. Learn how to identify the features and functions your network needs. Continue Reading
-
Opinion
03 Apr 2017
Outsourcing security services rises as MSSPs focus on industries
Despite increasing levels of specialization, managed security service providers often don't understand the business you're in. That may be changing. Continue Reading
- 30 Mar 2017
-
Feature
15 Mar 2017
Pulse Connect Secure offers a variety of authentication options
Expert Karen Scarfone takes a look at the Pulse Connect Secure series of SSL VPNs for securing the connection between clients and networks through encrypted tunnels. Continue Reading
-
Feature
15 Mar 2017
SonicWALL SSL VPN provides security for organizations of any size
The SonicWALL SSL VPN protects remote client devices by creating a secure connection to enterprise networks, with many options for customized security features. Continue Reading
-
Feature
20 Feb 2017
Ransomware prevention tools to win the fight
Fighting malware today means battling ransomware. Learn what ransomware prevention tools you need to acquire and how to perfect using the tools your company already owns. Continue Reading
-
News
16 Feb 2017
Connected medical devices spark debate at RSA Conference session
An RSA Conference session on a new attack on connected medical devices led to a spirited debate on vulnerability disclosure and manufacturer responsibility. Continue Reading
-
News
14 Feb 2017
RSA President Rohit Ghai details new cybersecurity platform at RSAC 2017
Michael Dell introduces RSA's newly appointed president, Rohit Ghai, who is set to lead the cybersecurity firm as it implements its new Business Driven Security platform. Continue Reading
-
Feature
30 Dec 2016
Industrial Network Security
In this excerpt from chapter 3 of Industrial Network Security, authors Eric D. Knapp and Joel Langill discuss the history and trends of industrial cybersecurity. Continue Reading
-
Buyer's Guide
21 Sep 2016
Wireless intrusion prevention systems: A buyer's guide
In this SearchSecurity buyer's guide, learn why it's important to have a wireless intrusion prevention system to protect your Wi-Fi networks and how to pick the right WIPS product. Continue Reading
-
Feature
15 Sep 2016
RSA NetWitness Logs and Packets: Security analytics product overview
Expert Dan Sullivan examines RSA's NetWitness Logs and Packets, security analytics tools that collect and review logs, packets and behavior to detect enterprise threats. Continue Reading
-
Feature
01 Apr 2016
Securing VoIP: Keeping Your VoIP Networks Safe
In this excerpt of Securing VoIP: Keeping your VoIP Network Safe, author Regis (Bud) Bates outlines different approaches to VoIP security and offers best practices to ensure infrastructure security is intact. Continue Reading
-
Feature
17 Sep 2015
The best SSL VPN products in the market
SSL VPNs are essential for securing network connections and communications. Here's a look at the best SSL VPN products in the industry. Continue Reading
-
Tip
01 Sep 2015
Pervasive sensing: How it affects enterprise and IoT security
Pervasive sensing is a relatively new concept, but its security risks are well-developed. Expert Ernie Hayden explains this new trend and its associated security implications. Continue Reading
-
Feature
04 Aug 2015
Comparing the top wireless intrusion prevention systems
Expert Karen Scarfone examines the top wireless intrusion prevention systems (WIPS) to help readers determine which may be best for them. Continue Reading
-
Feature
26 May 2015
Six criteria for procuring security analytics software
Security analytics software can be beneficial to enterprises. Expert Dan Sullivan explains how to select the right product to fit your organization's needs. Continue Reading
-
Feature
28 Apr 2015
Comparing the top SSL VPN products
Expert Karen Scarfone examines the top SSL VPN products available today to help enterprises determine which option is the best fit for them. Continue Reading
-
Feature
22 Apr 2015
The three enterprise benefits of SSL VPN products
Expert Karen Scarfone outlines the ways SSL VPN products can secure network connections and communications for organizations. Continue Reading
-
Feature
23 Mar 2015
Introduction to security analytics tools in the enterprise
Expert Dan Sullivan explains how security analysis and analytics tools work, and how they provide enterprises with valuable information about impending attacks or threats. Continue Reading
-
Answer
02 Jun 2010
Secure DMZ Web server setup advice
Network security expert Anand Sastry describes how to ensure a secure DMZ Web server setup involving network attached storage (NAS). Continue Reading
-
Answer
04 Apr 2008
Should a domain controller be placed within the DMZ?
When creating an Active Directory network, is it necessary to place domain controllers in the DMZ? Network security expert Mike Chapple explains. Continue Reading