fbpx
 

SANS 20 Critical IT Security Controls #5: Boundary Defense

Internet accessing client systems and network devices are always a potential source of threats from hackers. Hackers constantly probe internet facing systems for configuration and architectural vulnerabilities, which they can use as initial entry points to your IT infrastructure. Once they gain this access, it’s easier to burrow into the system to get a hold of the really critical systems that store sensitive information. Hackers also use these initial entry points to exploit vulnerable systems that are part of an extranet linking business partner networks.

If you’re merely relying on old fashioned firewalls for networks, you’ll be surprised to find out how easy it is to bypass the network protection by hackers who bypass those boundary protection systems. The most important security measure to prevent the exploitation of the boundary defense vulnerabilities is to efficiently segment your networks and strengthening the segmented networks by using proxies and firewalls. You must clearly demarcate internal systems from the demilitarized systems and the extranet systems. Thus, an intrusion into a segment of your network will be limited to just that segment, instead of providing easy access to the entire enterprise network.

Effective defenses against boundary intrusions include multilayered firewalls and proxies, demilitarized perimeter networks and the latest versions of intrusion prevention and detection systems. Companies can use both white lists and black lists to control network communications. You must also deploy intrusion detections systems on both the internet and extranet demilitarized systems to spot attacks. You must also design and implement network perimeters so all outgoing traffic passes through a minimum of one proxy on a demilitarized network. You must also track and monitor all your remote login access by controlling the system configuration and installed software, as well as the patching levels. Your system administrators must also scan the network for connections such as unauthorized VPN connections that may be bypassing the demilitarized zone. You may also want to limit network traffic to just those services that are needed for performing business services.

Leave a Comment

Your email address will not be published. Required fields are marked *

*
*

Contact Us

If you have an urgent question regarding your software licensing or a software audit, please contact Miro right away.

Phone:
(732)738–8511 x1208
Email:
Webchat:
Use the chat box on the right
Meeting:

About Us

Miro is a leading global provider of software asset management services, specializing in license management, audit advisory, negotiation tactics, support management, and cloud services. We help our clients maximize ROI on their software license investments, stay in compliance, and minimize the impact of audits. Miro's performance guarantee promises that our long-tenured, diverse, and passionate team of expert analysts provides insightful and actionable advice to help our clients achieve the best possible outcomes.

Performance Guarantee

Miro’s no risk Performance Guarantee is that the amount of cost savings that we uncover will be more than our fees.

Managed Services for Oracle Licensing

Miro’s Managed Services for Oracle licensing is a best practice approach for an organization to optimize and outsource the practice of Software Asset Management to specialized external experts to ensure the organization’s compliance with vendor rules and policies.

Learn More