Security Dealer & Integrator

NOV 2013

Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.

Issue link: http://sdi.epubxp.com/i/209760

Contents of this Issue

Navigation

Page 58 of 69

Next-gen firewalls also use deep packet inspection techniques to examine traffic for anomalies and known malware. Newer features, such as data leakage prevention, can further help organizations protect themselves from within. Often, even trusted employees can send sensitive data into untrusted zones, either intentionally or by accident. Nextgen firewalls combat this by using sophisticated pattern matching techniques and user identity to detect and prevent unauthorized communication of sensitive information and files through the network perimeter. traffic it in a safe, cloud-based virtual environment to observe the behavior of malicious malware. Through these a subscription services, updates are automatically generated and distributed to installed firewalls for global protection against the newly discovered malware. ❚ Ronen Isaac is vice president of Continental Computers, a networking and video surveillance products reseller and integrator/VAR based out of El Segundo, Calif. He is also vice president of WLANmall.com. IDS and IPS Intrusion detection systems (IDS) passively monitor network traffic, looking for malicious patterns, such as repeated attempts to log on to an account or server. When these devices notice a pattern, they send alerts to administrators and sometimes modify firewall rules to restrict access. Intrusion prevention systems (IPS) work in conjunction with nextgeneration firewalls to identify and stop suspicious traffic. IPS are complex, and are designed to minimize false positives. IPS vendors include SourceFire, Palo Alto Networks and Tipping Point. Zero-Day Attack Mitigation A zero-day attack or threat exploits a previously unknown vulnerability in a computer application, meaning that the attack occurs on "day zero" of awareness of the vulnerability; thus, developers have had zero days to address and patch it. Zero-day exploits — the software and/or strategies to carry out a successful attack — are used or shared by attackers. Solutions such as Palo Alto Networks' WildFire are typically an adjunct subscription to existing firewalls. They actively analyze network Request information: www.securityinfowatch.com/10214166 www.SecurityInfoWatch.com | SD&I; | November 2013 57

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Dealer & Integrator - NOV 2013