How to maintain your network security

Posted: August 17, 2012 in Network Security

Securing the network is only the first step in an organization’s security policy. Once done, creating a safe baseline is the next essential step. A network scanner, however, can help automate this task, allowing your IT administrators to concentrate on other tasks.

So how can a network scanner help you maintain a secure network?

What is important is that you continuously monitoring your network. Just because you have no vulnerabilities today, it does not follow that you will have no vulnerabilities tomorrow – even if nothing on your network changes in between. Every day, new vulnerabilities are found in software, hardware and configurations previously thought to be perfectly safe.

So what should we be looking for with our network scanner in order to keep our network secure?

Missing Patches:

As a start we need to make sure that all of our software, whether it’s our operating system or a third party application, is fully updated with the latest security patches that are issued by its respective vendors. Un-patched software is a weakness in our network’s armor that can be exploited by attackers from within or outside the organization.

New vulnerabilities:

Not all discovered vulnerabilities are patched immediately. This is especially true of 0-day vulnerabilities, as these would not yet have been analyzed by the vendor, had a fix designed, developed, and distributed. This process can take weeks, even months.. During that period, malware developers will use this vulnerability as an attack vector, continuing to do so for at least a few months after a fix is made available. Knowing such vulnerabilities exist will help your system administrator to take remedial action where possible. This will ensure that the vulnerability will not be easily exploitable by attackers; even if that means banning the use of such software until a fix is available.

Changes to The network:

You also need to monitor on a continuous basis every change that is made to the network or its configuration – even if it’s just adding a printer. You should also be monitoring your computers, looking at changes like the installation of new software, the creation of new users, or even new open shares. Changes can cause numerous problems, making it harder to properly test patches prior to their deployment. Also, the change itself can increase the vulnerability of your network. Even a network printer can become a liability if attackers manage to connect to it using default credentials, thereby obtaining access to the last X number of documents that were printed from that printer.

The level of network security will greatly improve if you use a network scanner to monitor these areas discussed above. Automating the process not only makes it easier but gives network administrators more time for other equally important tasks. IF the network scanner detects any changes, the network administrators can investigate to see if the situation warrants any action. A robust network scanner is an essential tool to use if you are keen on securing your network on a daily basis.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Discover what other benefits a network security scanner can offer your organization.

All product and company names herein may be trademarks of their respective owners.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s