Besides all the technology we talked about in the last two blogs that examined the network and application layers of the LAN, this next section is arguably the most important. Giving your users a proper security education can limit any of these technologies having to be used in the first place. If they’re not going to bring in the threats and are equipped with the knowledge to protect themselves, it’s a big win for everyone.
I came across some discussions regarding Network Address Translation (NAT) and its impact on security and the network. Specifically the premise that "NAT does not add any real security to a network while it breaks almost any good concepts of a structured network design" is what I'd like to address.
This week's network security tip is all about keeping it simple. As Bruce Schneier has said, "Complexity is the enemy of security." How complex are today's security environments? In a survey we conducted last year on Complexity in Network Security Environments:
Your data center(s) and the cloud. There a lot of reasons, including financial and operational benefits, that the cloud has to offer. At the same time making the move to the cloud is no easy project – there is also a lot to consider in terms of ensuring the availability of your business applications and in terms of ensuring security.
Now that we have the LAN locked down at the network layer, let’s try and get the application layer tied up a little bit. This is going to include apps that allow for tighter control over the workstations within our LAN. These apps can be both software installed on the users workstation or applications that are in use between the workstations and the internet that allow for additional protection.
This week's network security tip focuses on controlling access… after all firewalls either allow you to enable connectivity or block network traffic flows. Vasilis, a security engineer out of the US suggests the following to limit access in the following way…