Analysing Some Of The Appliances For Network Security
Today there is no single security appliance or piece of technology that will solve all network security needs. Because there is a variety of security appliances and tools that need to be implemented, it is important that they all work together. Security appliances are most effective when they are part of a system.
Security appliances can be stand-alone devices, like a router or firewall, a card that can be installed into a network device, or a module with its own processor and cached memory. Security appliances can also be software tools that are run on a network device. Security appliances fall into these general categories:
Routers
Cisco Integrated Services Router (ISR) routers, shown in Figure 1, have many firewall capabilities besides just routing functions, including traffic filtering, the ability to run an Intrusion Prevention System (IPS), encryption, and VPN capabilities for secure encrypted tunnelling.
Firewalls
Cisco Next-Generation Firewalls have all the capabilities of an ISR router, as well as, advanced network management and analytics. Cisco Adaptive Security Appliance (ASA) with firewall capabilities.
IPS
Cisco Next-Generation IPS devices, shown in Figure 3, are dedicated to intrusion prevention.
VPN
Cisco security appliances are equipped with a Virtual Private Network (VPN) server and client technologies. It is designed for secure encrypted tunnelling.
Malware/Antivirus
Cisco Advanced Malware Protection (AMP) comes in next-generation Cisco routers, firewalls, IPS devices, Web and Email Security Appliances and can also be installed as software in host computers.
Other Security Devices
This category includes web and email security appliances, decryption devices, client access control servers, and security management systems.
Detecting Attacks in Real-Time
Software is not perfect. When a hacker exploits a flaw in a piece of software before the creator can fix it, it is known as a zero-day attack. Due to the sophistication and enormity of zero-day attacks found today, it is becoming common that network attacks will succeed and that a successful defence is now measured in how quickly a network can respond to an attack.
The ability to detect attacks as they happen in real-time, as well as stopping the attacks immediately, or within minutes of occurring, is the ideal goal. Unfortunately, many companies and organizations today are unable to detect attacks until days or even months after they have occurred.
Real-Time Scanning from Edge to Endpoint
Detecting attacks in real-time requires actively scanning for attacks using a firewall and IDS/IPS network devices. Next-generation client/server malware detection with connections to online global threat centres must also be used. Today, active scanning devices and software must detect network anomalies using context-based analysis and behaviour detection.
DDoS Attacks and Real-Time Response
DDoS is one of the biggest attack threats requiring real-time response and detection. DDoS attacks are extremely difficult to defend against because the attacks originate from hundreds or thousands of zombie hosts, and the attacks appear as legitimate traffic, as shown in the figure. For many companies and organizations, regularly occurring DDoS attacks cripple Internet servers and network availability. The ability to detect and respond to DDoS attacks in real-time is crucial.
Now your take on this argument.
We would also like to hear what you feel about the topic we discussed today. Your feedback is very important to us. Feel free to drop your comments and recommendations. If you have a contrary opinion, you can drop that too.
You can also join our Facebook Page CRMNigeria for more updates. You can do that by clicking on the link or searching for our page on Facebook.
You can also join our WhatsApp Group Here.
Enter your email address to get updates when we post our next article. you have to click on the link in the email sent to you to confirm your subscription. If you have been receiving our email updates and it is no longer active, please subscribe again.:
Delivered by FeedBurner