Analysing Some Of The Appliances For Network Security

Analysing Some Of The Appliances For Network Security

 

Today there is no single security appliance or piece of technology that will solve all network security needs. Because there is a variety of security appliances and tools that need to be implemented, it is important that they all work together. Security appliances are most effective when they are part of a system.

 

Security appliances can be stand-alone devices, like a router or firewall, a card that can be installed into a network device, or a module with its own processor and cached memory. Security appliances can also be software tools that are run on a network device. Security appliances fall into these general categories:

 

appliances for network security

Routers

Cisco Integrated Services Router (ISR) routers, shown in Figure 1, have many firewall capabilities besides just routing functions, including traffic filtering, the ability to run an Intrusion Prevention System (IPS), encryption, and VPN capabilities for secure encrypted tunnelling.

 

YOU CAN ALSO READ  6 Potential Losses Due To Security Attacks

 

Firewalls

 Cisco Next-Generation Firewalls have all the capabilities of an ISR router, as well as, advanced network management and analytics. Cisco Adaptive Security Appliance (ASA) with firewall capabilities.

 

IPS

Cisco Next-Generation IPS devices, shown in Figure 3, are dedicated to intrusion prevention.

 

VPN

 Cisco security appliances are equipped with a Virtual Private Network (VPN) server and client technologies. It is designed for secure encrypted tunnelling.

 

Malware/Antivirus

Cisco Advanced Malware Protection (AMP) comes in next-generation Cisco routers, firewalls, IPS devices, Web and Email Security Appliances and can also be installed as software in host computers.

Other Security Devices

This category includes web and email security appliances, decryption devices, client access control servers, and security management systems.

 

 

 

Detecting Attacks in Real-Time

Software is not perfect. When a hacker exploits a flaw in a piece of software before the creator can fix it, it is known as a zero-day attack. Due to the sophistication and enormity of zero-day attacks found today, it is becoming common that network attacks will succeed and that a successful defence is now measured in how quickly a network can respond to an attack.

 

YOU CAN ALSO READ  Why You Should Create Strong Passwords

The ability to detect attacks as they happen in real-time, as well as stopping the attacks immediately, or within minutes of occurring, is the ideal goal. Unfortunately, many companies and organizations today are unable to detect attacks until days or even months after they have occurred.

 

 

Real-Time Scanning from Edge to Endpoint

Detecting attacks in real-time requires actively scanning for attacks using a firewall and IDS/IPS network devices. Next-generation client/server malware detection with connections to online global threat centres must also be used. Today, active scanning devices and software must detect network anomalies using context-based analysis and behaviour detection.

 

DDoS Attacks and Real-Time Response  

DDoS is one of the biggest attack threats requiring real-time response and detection. DDoS attacks are extremely difficult to defend against because the attacks originate from hundreds or thousands of zombie hosts, and the attacks appear as legitimate traffic, as shown in the figure. For many companies and organizations, regularly occurring DDoS attacks cripple Internet servers and network availability. The ability to detect and respond to DDoS attacks in real-time is crucial.

 

YOU CAN ALSO READ  3 Social Media Security Issues Online Considered

Now your take on this argument.

We would also like to hear what you feel about the topic we discussed today. Your feedback is very important to us. Feel free to drop your comments and recommendations. If you have a contrary opinion, you can drop that too.

You can also join our Facebook Page CRMNigeria for more updates. You can do that by clicking on the link or searching for our page on Facebook.

 

You can also join our WhatsApp Group Here.

 

Enter your email address to get updates when we post our next article. you have to click on the link in the email sent to you to confirm your subscription. If you have been receiving our email updates and it is no longer active, please subscribe again.:

Delivered by FeedBurner

 143 total views,  1 views today

Adeniyi Salau

Adeniyi Salau Scrum Master Certified , CCNA R&S , BeingCert and Scrum Certified Digital Marketing Professional, CEP, MOS, MCP, CSCU (Project 2016), Microsoft Certified Security and Networking Associate is a Google and Beingcert Certified Digital Marketer, Project Manager and SEO Expert of repute with about a decade of Blogging and online marketing experience. He is always ready to share his experience with others.

Write a Comment

Your email address will not be published. Required fields are marked *

CommentLuv badge
%d bloggers like this: