Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News
SYS-CON.TV

2008 West
DIAMOND SPONSOR:
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
GOLD SPONSORS:
Appsense
User Environment Management – The Third Layer of the Desktop
Cordys
Cloud Computing for Business Agility
EMC
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Intel
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Sensedia
Return on Assests: Bringing Visibility to your SOA Strategy
Symantec
Managing Hybrid Endpoint Environments
VMWare
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
PLATINUM SPONSORS:
Appcelerator
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
GOLD SPONSORS:
ICEsoft
How Can AJAX Improve Homeland Security?
Isomorphic
Beyond Widgets: What a RIA Platform Should Offer
Oracle
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
A Secure Cloud Network | @CloudExpo #IoT #Security #Microservices
It’s obvious there is a need to keep network security best practices front and center

Do’s and Don’ts to Achieve a Secure Network

Naturally, new and exciting technologies and trends like software defined networking, the Internet of Things and the cloud tend to get the lion's share of attention these days, including when it comes to security. However, it's important to never forget that at the center of it all is still the enterprise network.

And as evidenced by the ever-expanding landslide of data breaches that could have been prevented or at least their impact lessened by better practicing network security basics, it's obvious there is a need to keep network security best practices front and center. Thus, what follows is a recap of the basic, but critically important do's and don'ts of achieving a truly secure network.

DO: Standardize Your Network Infrastructure
Non-standardized network infrastructure can significantly increase the complexity of monitoring and managing it, especially when it comes to security. Typically, IT departments use templates to deploy configurations. Thus, they often start somewhat standardized, but entropy quickly does its work and configuration drift rapidly makes it hard to see the original template. Also, new initiatives and policies aren't always deployed consistently, especially in heterogeneous environments where vendors implement functionality in different ways. Standardizing makes it much easier to have efficient processes to quickly and easily update the infrastructure and ensure that all devices are in policy. This helps minimize the risk of being breached by a simple attack with known defense strategies, but could nonetheless be successful due to poor ability to ensure everything is configured correctly because of a lack of standardization.

DO: Have a Clear Change Control Process
A clearly defined change control process, including simple checks and balances to detect when changes don't follow the process and how to react in those scenarios, is of utmost importance. This will help administrators ensure that changes are being made under the supervision of a change approval. It also enables real-time tracking of changes that are not authorized. This is all critical because such changes have an effect on the network as a whole in terms of security, capacity planning, forecasting cost, business risk assessments and much more.

DO: Implement Compliance Awareness
Compliance is not just for the healthcare and finance industries. Yes, those industries are the most well-known for having external compliance regulations, but compliance shouldn't just be thought of as an external requirement. Even if a company operates without any external regulations, it is still a wise practice to develop internal policies to help clarify what's important and make sure all the right things are being done to secure them. In other words, being intentional about security versus ad-hoc. This should be an ongoing process and adjusted as new implementations and policies arise.

DON'T: Operate Under an "If it Ain't Broke, Don't Fix it" Mindset
The old adage "if it ain't broke, don't fix it" should never apply when it comes to network security. Operating with such a mindset has caused plenty of vulnerabilities to come to light after a breach. Instead, administrators should regularly take inventory of their networks, which will reveal vulnerabilities in time to resolve them before a breach. As part of this process, it's important to not overlook inventorying network devices with past or approaching end-of-life and end-of-support deadlines.

DON'T: Use Outdated Technology
This may seem obvious, but using outdated security technology, insecure protocols or outdated device firmware are all too common. For example, Telnet is still regularly used on corporate networks, but it's also tremendously outdated. Neglecting to keep security technology and device firmware updated and/or upgraded is a sure way to open the door to attack.

DON'T: Ignore BYOD
BYOD is no longer considered a perk - end users in virtually all organizations regardless of size or industry expect to be able to connect personal devices to corporate networks. With the addition of these new devices connecting to networks, network security concerns at least double. To address this, engineers need to track and manage IP addresses as well as monitor the resources these devices are accessing. This will ensure organizations' applications are performing properly while being on the lookout for potential anomalies that could be signs of a data breach or attack.

It's important to not overlook these basics of securing corporate networks, making an occasional refresher of the simple do's and don'ts imperative. By following the simple do's and don'ts outlined here, network administrators can have higher confidence that their networks are secure.

About Mav Turner
Mav Turner is the director of SolarWinds’ security portfolio. He has worked in IT management for over 14 years, including roles in both network and systems management prior joining SolarWinds in 2009.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Latest AJAXWorld RIA Stories
"We work around really protecting the confidentiality of information, and by doing so we've developed implementations of encryption through a patented process that is known as superencipherment," explained Richard Blech, CEO of Secure Channels Inc., in this SYS-CON.tv interview a...
"Our strategy is to focus on the hyperscale providers - AWS, Azure, and Google. Over the last year we saw that a lot of developers need to learn how to do their job in the cloud and we see this DevOps movement that we are catering to with our content," stated Alessandro Fasan, He...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around qualit...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with extensive global expertise as a strategist, technologist, innovator, marketer, and communicator. For over 30 years across five continents, he has built success with Fortune 500 corp...
DXWorldEXPO LLC announced today that the upcoming DXWorldEXPO | CloudEXPO New York event will feature 10 companies from Poland to participate at the "Poland Digital Transformation Pavilion" on November 12-13, 2018.
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021


SYS-CON Featured Whitepapers
ADS BY GOOGLE