Several network management applications and tools are currently in use to tackle exploits, threats, and non-compliance. These security applications have been created to deploy and manage security at their respective networks, but they may also have more practical application that are serving as the application point of entry for attackers to compromise networks. The installation of these applications are only one component to a system’s overall security strategy. Other security mechanisms must be put in place to protect information, processes, and systems. Each network management application is best suited for a specific network security strategy, using tools as a VPN or a Cloud Access Control you can find in sites such as https://www.fortinet.com/products/cloud-access-security-broker. Figure 1 is a graphical representation of what is required for secure network management. Figure 1: Network Management Applications and Tools
Windows Vista: Windows Vista Enterprise, Windows Vista Ultimate, Windows Server 2008: Control Flow Guard (CFG), Active Directory Domain Services, Active Directory Sites and Services (AD DS), Remote Access, Remote Assistance
Windows XP: Windows XP Professional, Windows Server 2003: Exchange, Kerberos, S/MIME, System Center 2003 R2 Domain Awareness (DAC) and Exchange ActiveSync
Windows 2000: Windows 2000 Professional, Windows Server 2003: Active Directory, DNS
The application software infrastructure around the network contains systems, containers, and user processes that carry out specific tasks for applications, processes, or networks. While all these components are called application technologies, they can also be categorized under the following categories:
The network management technology itself is relatively simple, and, in most cases, can be deployed on existing infrastructure. The technology can be installed on a conventional or virtualized computer network. However, the networks that will most frequently be utilized by network administrators and IT staff are internet-connected networks with redundant connections, redundant firewalls, and the ability to receive traffic from the internet at multiple locations. The technology must be deployed using normal, everyday methods, such as computer-to-computer, or cloud-to-cloud.
The security architecture around the technology itself requires close scrutiny of each and every security vulnerability that can be exploited, to assure that the technology itself is secure. Various network security applications and techniques should be in place to counter specific threats, threats of different types, and even threats against applications that are not among the most common security threats.
Different communication methods must be employed. It is the responsibility of the network administrator or security consultant to manage security protocols that are in place to ensure that protocols are properly configured, properly enforced, and properly monitored to ensure that the network environment can be used effectively and efficiently by end users and applications.
Configuration of the security configuration of the network should be monitored by security administrators to ensure that the proper services are working correctly and that it is being maintained. This monitoring should include continual information about configuration changes and suspicious activity. Security settings that must be maintained include:
Require user authorization prior to outgoing ports
Require “yes” or “no” port configuration before making any network connections
Automatic port mapping
Standard operating procedures (SOX, SSL, Kerberos)
Systems running at higher privilege levels must be privileged.