Why VLANs May Not Be Providing the Security You Need

vlans

vlansYou’re in no doubt familiar with Virtual Local Area Network (VLAN) technology and its ability to segment traffic within your network. It’s one of those decades-old technologies that businesses have come to rely on to reduce costs, minimize network broadcast domains, and protect certain systems from others. It sounds good on paper but it’s rare to see a VLAN environment that’s truly configured in the right way in order to realize its intended benefits.

Read more on Why VLANs May Not Be Providing the Security You Need…

Network Security Tip of the Week

tip-of-the-week1

tip-of-the-week1Continuing our recent focus on network segmentation, this week's network security tip comes from Charles Riordan, Managing Consultant at Check Point:

“Build and deploy “for-purpose” specific security gateways based on a security zones approach, taking in zones’ access of greater trust the deeper one gets into the architecture. Look for and implement monitoring of these gateways from a security/compliance posture (status) in a 24×7 paradigm with alerting and reporting capabilities. Only deploy specific functional protections – thus eliminating over-use of resources, etc…”

Read more on Network Security Tip of the Week…

Is My Datacenter Agile? Tips to Help Simplify the Datacenter Security Policy Migration Process

Moving Data Center

Moving Data CenterWhen working with some of the largest organizations in the world, many are now asking me just how agile is my data center? How easy would it be to migrate it to a cloud-based platform?

Read more on Is My Datacenter Agile? Tips to Help Simplify the Datacenter Security Policy Migration Process…

Avoid the Traps: What You Need to Know About PCI Requirement 1 (Part 3)

bskyb_image_203586_v1_153496548_1_400x240

bskyb_image_203586_v1_153496548_1_400x240So we’ve made it to the last part of our blog series on PCI 3.0 Requirement 1. The first two posts covered Requirement 1.1 (appropriate firewall and router configurations) and 1.2 (restrict connections between untrusted networks and any system components in the cardholder data environment) and in this final post we’ll discuss key requirements of Requirements 1.3 -1.5 and I’ll again give you my insight to help you understand the implications of these requirements and how to comply with them.

Read more on Avoid the Traps: What You Need to Know About PCI Requirement 1 (Part 3)…

Avoid the Traps: What You Need to Know about PCI Requirement 1 (Part 2)

restricted-area-authorized-personnel-only-image

restricted-area-authorized-personnel-only-imageWe’ve now reached part two of our three part series on PCI Requirement 1. In our previous blog post we reviewed the 1.1 sub-requirement which covers firewall and router configurations. In this post move on and take a detailed look at PCI Sub-requirement 1.2: Build firewall and router configurations that restrict connections between untrusted networks and any system components in the cardholder data environment.  

Read more on Avoid the Traps: What You Need to Know about PCI Requirement 1 (Part 2)…