Search form

Upcoming Webinars

Eradicate service outages and performance issues from your network with OpManager
April 30, 2024
Master Class: Optimizing CX through 4 Pillars of Internet Resilience
May 01, 2024

On-Demand Webinars

Avoid Observability Failure: Hybrid Enterprises Must Complement APM with Internet Performance Monitoring
Observability Trends: Key Considerations for Modern Observability
Navigating Today's I&O Landscape: Leveraging Cloud, Hyper-Convergence and Observability
Master Class: Monitoring from Your Users' Perspective
2024 Tech Trends: 10 Predictions for Tomorrow's IT Evolution
The SRE Report 2024: What the Charts Don't Tell You
2024 Security Trends: How Generative AI Is Changing the Threat Landscape
Getting the Most Out of Elastic Observability & New Features
Tales from the trenches: Security leaders share insights on protecting higher education
The Impact of AIOps and GAI on Modern Observability
Countering Internet Complexity with AI-Powered Internet Performance Monitoring
Maximizing Customer Lifetime Value: Transforming Ecommerce with AI-Powered Search
AI Meets Search: Powering a New Generation of Insights
Behind the Scenes: Rocket Lawyer's Secret Sauce for Uninterrupted Digital Legal Services
3 Tips to Supercharge Your Application Tracing
What's New at Catchpoint! Fall 2023 Product Launch Event
Demo of Internet Sonar: From Disruption to Instant Detection
Harnessing the Power of Generative AI in Retail
Expert Insights: Navigating Outages Like a Pro
What's New in Application Monitoring: Maximizing Operational Efficiency with Enhanced Performance Insights
Preventing Outages: Implement an Internet Performance Monitoring Plan
Don't Get Lost in the Cloud
SOLD IN 6 SECONDS: Formulas to Fast & Friction-Free E-commerce
Supercharge Your IT Resources
Automate and Save Time
Maximize Shareholder Value with Internet Resilience
Building & Monitoring Lighting Fast, Cloud Native Payment Experiences
Getting the Most Out of Elastic Observability & New Features
Preventing Outages: Map Your Internet Stack
May 2023 Product Launch: Learn about Catchpoint's New Capabilities

All Webinars...

Analyst Reports

Modern Enterprises Must Boost Observability with Internet Performance Monitoring
GigaOm CxO Decision Brief: Internet Resilience, May 2023
2023 Gartner Critical Capabilities for APM and Observability
Forrester Opportunity Snapshot: Increase Revenue with Internet Performance Monitoring

All Analyst Reports...

White Papers

Website monitoring in Applications Manager
Synthetic monitoring 101: A comprehensive guide to synthetic monitoring
Beyond deployment: The ongoing challenges in application performance monitoring implementation
How Is IPAM Simplifying Modern Networking?
The Elastic Generative AI Report
The 2024 Observability Landscape — a survey of observability decision-makers
Database Monitoring for Beginners: 6 Steps to Get You Started
6 Best Practices for Application Performance Monitoring
Visibility, Scalability, Security: Why IPAM Is the Cornerstone of Robust Data Centers
The SRE Report 2024
Real-Time Server Traffic Monitoring: Benefits, Best Practices and NetFlow Analyzer
Key Considerations When Choosing the Right Application Performance Monitoring Tool for Your Business
Apache Cassandra Monitoring: Challenges and Solutions
2024 State of IT Operations Report: Journey to Agility
Streamlining Configuration Management: Unleashing the Power of OpManager's Module
OpenShift Monitoring: Five Crucial Elements to Look Out for
Apache Tomcat Monitoring Made Easy with Applications Manager
End-User Experience Monitoring: Its Meaning, Importance, and Best Practices
5 Steps to Improve Website Performance
Learn the Importance of Network Backup Tool
IT Budgeting Amid a Challenging Macroeconomic Climate
Network Configuration Manager as an Add-On to OpManager
State of ITOM in 2023
The 2023 State of IT Operations Report
Going Beyond Plain Virtualization Monitoring
Preventing Outages in 2023: What We Learned from Recent Failures
Integrated Performance Management for Physical, Virtual & Cloud Infrastructure
Hybrid Cloud Monitoring: Fundamental Driver of Efficiency in Hybrid Clouds
Best Ways to Map Impact of Application Performance Issues on Business Goals
Application Management Solutions for Enterprises

All White Papers...

5 Tips for Network Protection
October 22, 2012

Pete Goldin
APMdigest

Share this

In recognition of National Cyber Security Awareness Month (NCSAM), Lancope offered 5 tips for improving enterprise network protection.

“With the rising prevalence of Advanced Persistent Threat (APT) and insider attacks, organizations must move beyond locking down the perimeter and arm their security professionals with the tools they need to hunt for attackers lurking inside the network,” said Tom Cross, director of security research at Lancope. “Government and enterprise IT organizations can no longer just sit back and hope that their security tools will block attacks while they sleep.”

While this month marks the 9th annual NCSAM, cyber security is perhaps more important now than ever before. Lancope’s Tom Cross offers the following tips for effectively securing enterprise networks:

1. Develop a 0-day defense strategy

The sophisticated, targeted attacks that networks are facing today cannot be resolved simply by mitigating known vulnerabilities with technical controls like antivirus and IDS/IPS. Recent research by Symantec identified attacks involving 0-day vulnerabilities that proceeded for as long as 30 months before signature-based protections became available. If organizations want to detect these types of attacks, they must complement their signature-based systems with behavioral-based technology that can detect attacks when signatures are not available.

2. Focus on people and not just technology

The indicators that lead to the detection of sophisticated attacks can be subtle. If security professionals want to stay ahead of attackers, they must play a more active role, leveraging security tools and network event data to investigate incidents and gather intelligence. They should not completely rely on the tools to do all of the work of detecting and blocking attacks automatically.

3. Think beyond the perimeter

While external controls at the network edge are valuable for detecting some types of attacks, today’s reality dictates a need for visibility into the internal network. Many of today’s threats do not even come into the network via the perimeter. Instead, they originate from insiders or are carried through the front door on a USB drive or mobile device. It is prudent to assume that these days, some threats will bypass the perimeter, and the only way to detect and combat them is to obtain in-depth, internal network visibility.

4. Educate your users

2012 has been a banner year for password theft. Chances are high that at least a few of your employees have had their passwords to various web sites compromised in recent months. Some may be using those same, stolen passwords to access your network. End users are also targets of attacks like drive-by downloads and spear phishing. Educating users on top security risks and the appropriate ways to avoid them can make a difference. Users who are on the lookout for suspicious emails may be the first to alert your security staff to sophisticated spear phishing campaigns that have evaded perimeter defenses.

5. Plan to protect an evolving infrastructure

As technologists continue to innovate, security unfortunately often takes a hit. This year, we have seen an explosion in trends including virtualization, cloud computing, BYOD (bring-your-own-device) and IPv6, which can all complicate network infrastructure (at least temporarily). As organizations embrace these technologies, they should also be asking themselves how they will impact their risk posture. IT administrators need to determine if their current tools can protect against threats that could emerge from these innovations, and if not, quickly invest in tools that can.

Related Links:

www.lancope.com

Pete Goldin is Editor and Publisher of APMdigest
Share this

Hot Topics

Cybersecurity