Use of Taps and Span Ports in Cyber Intelligence Applications
SPAN stands for Switched Port Analyzer, a dedicated port on a switch that takes a mirrored copy of network traffic from within the switch and sends it to, typically, a monitoring device, or other tool for troubleshooting or traffic analysis. More ...
Network Security Model - Defining an Enterprise Security Strategy
These are the five primary security groups that should be considered with any enterprise security model. These include security policy, perimeter, network, transaction and monitoring security. These are all part of any effective company security strategy. More ...
How to Secure Your Small Business Network
Automated scanning techniques and botnets don't care whether your company is big or small, they're only looking for holes in your network security to exploit. Here are 10 of the most critical steps you can take to keep your data secure, and none of them take much time or effort to accomplish. More ...
How a Firewall Provides Network Security
A firewall provides security by controlling access between a network and an untrusted network. A firewall can be a hardware device, software, or combination of hardware and software. More ...
Multi-Layered Approach to Cyber Security
A multi-layered approach can be tailored to different levels of security. Not every asset needs to be completely secure; instead, only the most business critical assets, such as proprietary and confidential information, need be protected by the most restricted settings. More ...
Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
"Most organizations use both IDS and an IPS. The IPS automatically blocks attacks where it is accurate, while the IDS logs and notifies network administrators of suspicious activity so they can use their judgment as to what countermeasures to take. More ...
Difference Between Network Firewall and Web Application Firewall
A Network Firewall acts as a security barrier between a trusted network, such as the local network (LAN), and an untrusted network, such as the Internet. A >Web Application Firewall (WAF) monitors and allows or blocks data packets as they travel to and from a Web application. More ...
Nessus Network Vulnerability Scanner
Nessus is a network vulnerability scanning program that scans network hosts for vulnerabilities and generates reports on its findings. More ...
Understanding the Dangers Your Systems Face
It's one thing to know generally that your systems are under fire from hackers around the world and malicious users around the office; it's another to understand specific attacks against your systems. This section discusses some well-known attacks but is by no means a comprehensive listing. More ...
How Snort's Stealth TCP Port Scanning Works
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching and matching, and can be used to detect a variety of attacks and probes. More ...
Detecting Network Sniffers
A packet sniffer is a program or device that eavesdrops on network traffic and gathers data from packets. Malicious intruders may install packet sniffers in order to retrieve usernames and passwords. More ...
What is Network AAA (Authentication, Authorization, and Accounting)?
The acronym AAA stands for three network procedures and processes that help to make a network more secure and reliable. The A's stand for Authentication, Authorization, and Accounting. The difference between authentication, authorization, and accounting is described here. More ...
Overview of IPsec with IKEv1
VPN (Virtual Private Network) technologies such as IPsec (IP Security) with IKE (Internet Key Exchange) offer the ability to transmit over broadband securely. More ...
