Network security related business enterprises-stop gap measure to help you protect your network

Translate Request has too much data
Parameter name: request
Translate Request has too much data
Parameter name: request

Today's business networks consist of numerous remote access connections from employees and outsourcing firms. Too often, the inherent security risks arising from these connections outside the network are overlooked. Continuous improvements have been made that can enhance security in today's network infrastructure; taking particular focus on the users accessing the network externally and monitoring access end- points are critical for businesses to protect their digital assets.

Installing the correct software for the specific needs of your IT infrastructure is essential to having the best security protection possible. Many companies install "off the shelf" security software and assume they are protected. Unfortunately, that is not the case due to the nature of today's network threats. Threats are diverse in nature, including the usual spam, spyware, viruses, trojans, worms, and the occasional possibility that a hacker has targeted your servers.

The proper security solution for your organization will neutralize virtually all of these threats to your network. Too often, with only a software package installed, network administrators spend a lot of their time at the perimeter of the network defending its integrity by manually fending off attacks and then manually patching the security breach.

Paying network administrators to defend the integrity of your network is an expensive proposition - much more so than installing the proper security solution that your network requires. Network administrators have many other responsibilities that need their attention. Part of their job is to make your business operate more efficiently - they can't focus on this if they have to manually defend the network infrastructure all the time.

Another threat that must be considered is the threat occurring from within the perimeter, in other words, an employee. Sensitive proprietary information is most often stolen by someone on the payroll. A proper network security solution must guard against these kinds of attacks also. Network administrators definitely have their role in this area by creating security policies and strictly enforcing them.

A smart strategy to give your network the protection it needs against the various security threats is a layered security approach. Layered security is a customized approach to your network's specific requirements utilizing both hardware and software solutions. Once the hardware and software is working simultaneously to protect your company, both are able to instantaneously update their capabilities to handle the latest in security threats.

Security software can be configured to update multiple times a day if the need be; hardware updates usually consist of firmware upgrades and an update wizard much like that present within the software application.

All-in-one Security Suites A multi-pronged strategy should be implemented to combat the multiple sources of security threats in today's corporate networks. Too often, the sources of these threats are overlapping with Trojans arriving in spam or spyware hidden within a software installation. Combating these threats requires the use of firewalls, anti-spyware, malware and anti-spam protection.

Recently, the trend in the software industry has been to combine these previously separate security applications into an all-encompassing security suite. Security applications standard on corporate networks are integrating into security suites that focus on a common goal. These security suites contain antivirus, anti-spyware, anti-spam, and firewall protection all packaged together in one application. Searching out the best stand-alone applications in each security risk category is still an option, but no longer a necessity.

The all-in-one security suite will save a company money in reduced software purchasing costs and time with the ease of integrated management of the various threat sources.

Trusted Platform Module (TPM) A TPM is a standard developed by the Trusted Computing Group defining hardware specifications that generate encryption keys. TPM chips not only guard against intrusion attempts and software attacks but also physical theft of the device containing the chip. TPM chips work as a compliment to user authentication to enhance the authentication process.

Authentication describes all processes involved in determining whether a user granted access to the corporate network is, in fact, who that user claims to be. Authentication is most often granted through use of a password, but other techniques involve biometrics that uniquely identify a user by identifying a unique trait no other person has such as a fingerprint or characteristics of the eye cornea.

Today, TPM chips are often integrated into standard desktop and laptop motherboards. Intel began integrating TPM chips into its motherboards in 2003, as did other motherboard manufactures. Whether or not a motherboard has this chip will be contained within the specifications of that motherboard.

These chips encrypt data on the local level, providing enhanced security at a remote location such as the WiFi hotspot full of innocent looking computer-users who may be bored hackers with malicious intent. Microsoft's Ultimate and Enterprise versions of the Vista Operating System utilize this technology within the BitLocker Drive Encryption feature.

While Vista does provide support for TPM technology, the chips are not dependent upon any platform to function.

TPM has the same functionality on Linux as it does within the Windows operating system. There are even specifications from Trusted Computing Group for mobile devices such as PDAs and cell phones.

To use TPM enhanced security, network users only need to download the security policy to their desktop machine and run a setup wizard that will create a set of encryption keys for that computer. Following these simple steps significantly improves security for the remote computer user.

Admission Based on User Identity Establishing a user's identity depends upon successfully passing the authentication processes. As previously mentioned user authentication can involve much more than a user name and password. Besides the emerging biometrics technology for user authentication, smart cards and security tokens are another method that enhances the user name/password authentication process.

The use of smart cards or security tokens adds a hardware layer requirement to the authentication process. This creates a two-tier security requirement, one a secret password and the other a hardware requirement that the secure system must recognize before granting access.

Tokens and smart cards operate in essentially the same fashion but have a different appearance. Tokens take on the appearance of a flash drive and connection through a USB port while smart cards require special hardware, a smart card reader, that connects to the desktop or laptop computer. Smart cards often take on the appearance of an identification badge and may contain a photo of the employee.

However authentication is verified, once this happens a user should be granted access through a secure virtual network (VLAN) connection. A VLAN establishes connections to the remote user as if that person was a part of the internal network and allows for all VLAN users to be grouped together within distinct security policies.

Remote users connecting through a VLAN should only have access to essential network resources and how those resources can be copied or modified should be carefully monitored.

Specifications established by the Institute of Electrical and Electronics Engineers (IEEE) have resulted in what is known as the secure VLAN (S-VLAN) architecture. Also commonly referred to as tag-based VLAN, the standard is known as 802.1q. It enhances VLAN security by adding an extra tag within media access control (MAC) addresses that identify network adapter hardware within a network. This method will prevent unidentified MAC addresses from accessing the network.

Network Segmentation This concept, working hand-in-hand with VLAN connections, determines what resources a user can access remotely using policy enforcement points (PEPs) to enforce the security policy throughout the network segments. Furthermore, the VLAN, or S-VLAN, can be treated as a separate segment with its own PEP requirements.

PEP works with a user's authentication to enforce the network security policy. All users connecting to the network must be guaranteed by the PEP that they meet the security policy requirements contained within the PEP. The PEP determines what network resources a user can access, and how these resources can be modified.

The PEP for VLAN connections should be enhanced from what the same user can do with the resources internally. This can be accomplished through network segmentation simply be defining the VLAN connections as a separate segment and enforcing a uniform security policy across that segment. Defining a policy in this manner can also define what internal network segments the client can access from a remote location.

Keeping VLAN connections as a separate segment also isolates security breaches to that segment if one were to occur. This keeps the security breach from spreading throughout the corporate network. Enhancing network security even further, a VLAN segment could be handled by it's own virtualized environment, thus isolating all remote connections within the corporate network.

Centralized Security Policy Management Technology hardware and software targeting the different facets of security threats create multiple software platforms that all must be separately managed. If done incorrectly, this can create a daunting task for network administration and can increase staffing costs due to the increased time requirements to manage the technologies (whether they be hardware and/or software).

Integrated security software suites centralize the security policy by combining all security threat attacks into one application, thus requiring only one management console for administration purposes.

Depending on the type of business you're in a security policy should be used corporate-wide that is all-encompassing for the entire network. Administrators and management can define the security policy separately, but one overriding definition of the policy needs to be maintained so that it is uniform across the corporate network. This ensures there are no other security procedures working against the centralized policy and limiting what the policy was defined to implement.

Not only does a centralized security policy become easier to manage, but it also reduces strain on network resources. Multiple security policies defined by different applications focusing on one security threat can aggregately hog much more bandwidth than a centralized security policy contained within an all-encompassing security suite. With all the threats coming from the Web, ease of management and application is essential to maintaining any corporate security policy.

Frequently asked Questions:

1. I trust my employees. Why should I enhance network security?

Even the most trusted employees can pose a risk of a network security breach. It is important that employees follow established company security standards. Enhancing security will guard against lapsing employees and the occasional disgruntled employee seeking to cause damage to the network.

2. Do these innovations really create a secure environment for remote access?

Yes they do. These enhancements not only greatly enhance a secure VLAN connection but they also use widely accepted standards that are often integrated into common hardware and software. It's there, your company only needs to start using the technology.

3. My company is happy with using separate software, that way each application can focus on a separate security threat. Why should I consider an all-in-one security suite?

Many of the popular software applications commonly used by businesses have expanded their focus to identify all security threats. This includes solutions from both software and hardware appliance technology manufacturers. Many of these firms saw the need to consolidate security early on and purchased smaller software firms to gain that knowledge their firm was lacking. A security suite at the application level, will make management much easier and your IT staff will thank you for it.

4. Do I need to add a hardware requirement to the authentication process?

Requiring the use of security tokens or smart cards should be considered for employees accessing the company network from a remote site. Particularly if that employee needs to access sensitive company information while on the road, a simple flash drive secure token prevents a thief from accessing that sensitive data on a stolen laptop.

5. With all this concern about WiFi hotspots should employees be required not to use these locations to connect to the company network?

WiFi hotspots have sprung up nationwide and present the easiest method for your remote employees to access the Internet. Unfortunately, hotspots can also be full of bored, unemployed hackers who have nothing better to do than find a way to intercept a busy employee's transmissions at the next table. That's not to say employees on the road should avoid hotspots. That would severely limit them from accessing the network at all. With technologies like S-VLAN and secure authentication in place, a business can implement technologies to reduce threats both now and in the future.

Implementing the latest network security technologies is a high priority for IT Management. In today's network environment with many users accessing your digital assets remotely, it's critical to get your network security correct during the planning phase of the integration process.

Obviously, it should be noted that most large companies have multiple operating systems running (Windows, Mac O/S, etc) and that for many of these companies all-in-one security suites face certain challenges in a mixed operating system environment.

That is why I stress that you consider having layered security (both hardware and software) and don't simply rely on software applications to protect your digital assets. As technology changes so do the opportunities for security breaches.

As these security threats become more sophisticated, hardware and software developers will continue to innovate and it's essential businesses keep up with, and implement these technologies.

Read More......

ISO network management Model

Error in deserializing body of reply message for operation 'Translate'. The maximum string content length quota (8192) has been exceeded while reading XML data. This quota may be increased by changing the MaxStringContentLength property on the XmlDictionaryReaderQuotas object used when creating the XML reader. Line 1, position 9499.
Error in deserializing body of reply message for operation 'Translate'. The maximum string content length quota (8192) has been exceeded while reading XML data. This quota may be increased by changing the MaxStringContentLength property on the XmlDictionaryReaderQuotas object used when creating the XML reader. Line 2, position 12583.

The rumor on how Disney uses Network Management. When the temperature rises on the park grounds at Disneyland all the prices of the beverage vending machines automatically goes up by 10% to fully capitalize on consumer demand. I believe that is an old Information Technology rumor to explain how network management works... at least I hope it is a rumor.

Why Network Management is important.

More and more organizations depend on their networks. Business' the depend heavily on the status of their networks must have network management tools as they grow. If a network dependent business such as ebay, Google, Yahoo and many others go down for even a few minutes, they can loose literally hundreds of thousands of dollars in sales and even a small piece of their customer's confidence which could in turn affect the value of their stock. When every second of network time counts the system must be monitored continuously. The most cost effective way to do this is to use an automated network management tool.

Network Management Standards

The International Organization for Standards (ISO) addresses the five major functional area of the Network Management Model as performance management, accounting management, configuration management, fault management and security management.

Performance Management

Performance management is monitoring, assessing, and adjusting the available bandwidth and network resource usage in order make a network run more efficiently. Performance management is a very important part of the network management model particularly to the business and/or organization that wants to streamline their network's performance. SolarWinds is a great tool for performance management.

Accounting Management

Accounting management monitors and assesses the usage of data and/or resources for the purpose of billing. This aspect of the network management is by Internet Service Providers to bill customers for the resources they use.

Configuration Management

The configuration side of network management is for tracking the hardware and software versions on the network to identify their effects on the network's operation. An example of this is Microsoft's System Management Server (SMS) which has the capability to monitor, manage and track every piece of software and hardware on a given network.

Fault Management

Fault Management is what most people think of when they think of network management. The purpose of this area of network management is to detect, log and alert the system administrators of problems that might effect the systems operations.

Security Management

Security Management deals with controlling access to resources and even alerting the proper authorities when certain resources are accessed. In the same way that a network manager can be paged or emailed when a resource goes down, network management systems can be used to send messages when certain files, servers or routers is accesses. Intrusion detection systems such as Symantec's Intruder Alert have this security management capability.

There are many products that support some or even all of these areas of network management. What most network management systems have in common is their use of protocols such as Simple Network Management Protocols (SNMP), SNMPv3, and Common Management Information Protocol (CMIP). There are a variety of Network Management tools ranging from Intuit's Network Management Software to IBM's Tivoli, Fidelia's Helix to AdventNet. Maybe your network management solution does not include a system that increases vending machine prices as the heat rises, but you can definitely find what you need among these and other excellent tools on the market.

References:

Cisco. Network Management Basics. Cisco.com. Feb 2002

http://www.cisco.com/

RFC 1157. Simple Network Management Protocol.

http://www.faqs.org/rfcs/rfc1157.html

Wikipedia. Network Management. Wikipedia.org.

http://en.wikipedia.org/wiki/Network_management

ITPRC. Network Management. Itprc.com

http://www.itprc.com/nms.htm

Read More......

Setting network--wired or wireless network?

Wire or Wire

Wireless network 's, fashion, but your installation will fail if you choose the correct type network and configure it correctly.Wired network s requires that each computer connected via cable to a central location, called a switch or hub is often include installation cables through walls and ceilings and could pose a problem for anyone.
If the computers in your home or Office all within 500 feet of each other, wireless network might be for you.Wireless network has no cable it can connect computers in different floors or even across the street. Along with the obvious advantage wireless wireless network s more convenient, since installation, customization and configuration changes can be done within a few minutes, without careful planning.
Wireless network s, but not as fast as a wire network sec.If you play computer games or to watch streaming video or other high-speed wireless multimedia, network might not have enough room. but if you just want to check e-mail and browse the Web, wireless network is a good choice. To set up a wireless network, you need a wireless access point and wireless network card for each computer. Will need to purchase a wireless card network for each desktop, although most new laptops are equipped with one.
Security is not a great deal of interest in wired network because someone will have to physically connect a wired network recess in wireless network s car parked outside with a laptop can easily connect to your network if you don't have. To prevent this, the wireless encryption network connections, or set a password for network or do both. DIY or call a?

If you decide to use wired network, consider whether you install it yourself or hire a professional if you have a small number of computers that are located very close to each other, you may be able to buy pre-assembled network cables and assemble them yourself.If you need to bind multiple floors and lay the wires across ceilings and walls, require professional installation.If you go this route, it is best to start with a plan of your Office or home, determine what your current needs and consider how designing network can be adapted to future needs.Professional installation should be familiar with TIA EIA standards, local conductors and electrical codes and do custom cables cabling specialists network often judged by the purity of their work, because sloppy cables are more likely to get worse over time, it is more difficult to manage and create a fire hazard.
With wired or wireless network network are not mutually exclusive in many small offices have wired network in addition to one or more s wireless network, depending on its needs. Wireless network s continue to receive faster, safer and cheaper. Wired network s will continue to co-exist with wireless network s, often in the same homes and offices.

Read More......

Network Marketing Recruiting Secrets Revealed

Translate Request has too much data
Parameter name: request
Translate Request has too much data
Parameter name: request

In this article, we're going to cover how you can maximize your network marketing recruiting efforts while dramatically increasing the retention rate and overall performance of your downline. I am not going to sell you on anything whatsoever. I am not going to attempt to convince you to join my opportunity and I am not going to hold anything back on what you need to do to be successful. This information is my gift to you with absolutely no strings attached. Why I am giving this information away for free? My satisfaction comes from knowing that I have made a difference in the lives of people that are struggling with a home-based business opportunity and I know how that feels. It also means that my chosen industry of network marketing will continue to be respected as a viable and logical alternative to conventional business and employment.

As you find yourself understanding the principles I'm going to outline, you're going to have a clearer picture of exactly what you need to do to make it to the top of your company's compensation plan. Many of these secrets will doubtlessly be very scary to some people. However, if you're the kind of person who is ready for success, you're going to benefit from this information by leaps and bounds.

The cornerstone secret to recruiting for your network marketing opportunity is integrity. As obvious as this sounds, there is much more to it. When a person is recruiting for their network marketing opportunity they don't set out to give their prospects the wrong idea of what network marketing is (I least I hope they don't) but what sometimes ends up happening, is that their level of excitement coupled with a misunderstanding of what network marketing is and is not, ends up leading their new independent representatives down the wrong road. This leads to frustration and ultimately ends with a collapse of their downline. With the knowledge I'm going to give here, you'll be able to avoid this unforeseen pitfall.

I have been hugely successful in network marketing, but it took many trials and errors before discovering how to succeed in this lucrative business, as well as how to keep people in my downline and help them succeed. In one opportunity I was able to recruit at least one person a day starting from day one, but I found that they would soon fall off out of abject frustration that they were not able to produce the results I was able to. At the time, I didn't clearly understand what I was doing wrong but over the years the secrets to network marketing success have slowly been revealed to me.

What can you do to make sure that when you're out recruiting for your network marketing opportunity that people will stay involved and that you'll be successful? You must understand exactly what network marketing is and who actually makes it to the top of your company's compensation plan.

Here are the secrets that you'll need to know and that you'll want to cover with your current downline and future prospects:

Network marketing is neither a job nor a get rich quick pyramid scheme. This may seem like a no-brainer like many of the other secrets I'll be going over, but bare with me and I'll explain the reason why this fact can be so deeply forgotten or misunderstood that the obvious becomes hidden. Understand that most people-even after they've heard your presentation about starting a home-based business-still may not fully understand what huge differences rest between a home-based business and a job. People who enter your organization who are stuck on job-think will have put forth the investment to get started and yet they mistake the independent representative application with a time-sheet for clocking in to work. At many jobs, you clock in and regardless of whether you do anything or not you will still get paid (so long as you're not caught slacking off too much). When a person is running their own business they will make absolutely nothing unless they market their business. Once you grow your residual income and the momentum of your downline, then you can relax...and do it quite comfortably! However, initially it's going to mean working hard...very hard. You've probably noticed the strange phenomenon that almost every single network marketing company has someone somewhere complaining that that particular company is a scam, yet your company probably has outstanding products or services and they probably have oceans of people who are making money and who are excited about being involved. Pyramid schemes are illegal, and if a company is found to be a pyramid scheme it is quickly shutdown by the government. So why do some people seem so unhappy with network marketing? This is the secret that fast food companies, recliner chair manufactures, air conditioning manufacturers and insurance salesman figured out. The average person wants satisfaction right now. The average person will always opt for the most relaxing position in life. The average person doesn't want to sweat and the average person wants to be assured that so long as they keep doing the same thing every month, the money will be there. Unfortunately, if a person has not been properly informed about what it really means to own their own home business, they will likely give up and join the naysayers. To be successful in network marketing a person must be patient as they work each day to build toward their success. They must be willing to step outside of their comfort zone. They must be willing to sweat a little by taking a chance on their own self-determination and they must realize that the size of their network marketing paycheck hinges not upon clocking in, but the courage to face down every rejection while moving with excitement and urgency toward the manifestation of their dreams. Yes, it is hard work. However, the upside to network marketing recruiting is that if you've been trained by a quality company, or upline leader in your opportunity, you'll find that working hard in your network marketing opportunity can be fun and exciting.

Network marketing success hinges upon hard work. A person cannot buy their way to top of a network marketing opportunity, it must be earned. Yes, it is possible to make it to the top of your company's network marketing compensation plan by simply buying every prospect that you talk to a starter kit out of your own pocket and paying for all their customers (which would take a whole lot of money and very little work), but even if a person has that kind of money to waste, they'd find that their downline would collapse. The absolute only way anyone every makes it to the top of a network marketing opportunity and sustains and continues to grow their massive downline is by making a commitment to do network marketing recruiting the right way and by nurturing their downline. Nurturing your downline means being available to help them grow their own organizations. Recruiting the right way means putting your nose to the grindstone; putting your best foot forward to attract and present your opportunity to the right people, and never, ever, ever letting up on your success. If I told you I'd hire you for a job and that it entails working extremely hard almost every day of every month and that your reward will be to that get to work like a dog for many, many more years to come, would you take the job? Most people have agreed to that. Would it scare you if I told you that you're going to have to work extremely hard over the next year to four years in your network marketing opportunity, but your reward will be that you'll be able to walk away from your job, would you stick with your opportunity? If you answered "yes", then lets proceed...because you already possess the characteristics that are at the nucleus of what makes top producers tick (courage and self-determination).

Network marketing recruiting takes a highly-motivated and disciplined personality. This means that a person must have the discipline to monitor their level of motivation and if they ever find themselves falling below optimum levels of excitement, they will immediately do whatever is necessary to change course. That could mean taking the time to watch your company's opportunity videos again and again everyday, so that you'll have a fresh feeling of excitement and be motivated to make it happen. It could mean making a "success collage" created out of pictures of the places you want to go, the kind of house you'd like to live in or the kind of car you'd like to drive. It could mean calling up your upline leaders for some uplifting advice. It could mean consistently listening to motivational speakers, playing their audios at home and in the car or watching their videos on YouTube. To reach your success goals you must be motivated. To be motivated you must be excited to make it happen. Excitement is contagious, and it's the single most powerful ingredient for network marketing recruiting success.

Network marketing is not a pyramid scheme. People at the top of a network marketing organization do not necessarily make lots of money. What? Bare with me because this is another secret that might sound scary to some people but as I explain it you're going to begin to understand exactly why you should be excited about this simple fact. Here's how it works: If Alfred recruits Bob and Bob recruits Cassandra, we can imagine them in a straight line from top to bottom (A, B, C) with Alfred standing at the top of the organization, Bob standing on the level below him, and Cassandra last. Alfred goes wild, puts his nose to the grindstone and makes things happen. Cassandra is off the charts with her network marketing recruiting efforts; she's always excited to talk to people about her opportunity and ends up building a massive organization. If we'd look back at Alfred, whose standing at the top, we'd see a massive organization below him due to his own efforts and multiplied by Cassandra's diligence and hard work...but what about Bob? Bob only recruited Cassandra, he decided he'd stay involved because he loved the products and services, but he didn't get promoted to any kind of prestigious title in the opportunity's compensation plan. Why? Because network marketing isn't a pyramid scheme and it isn't a job. In a true network marketing company you can have someone above you who makes less money than you do. The percentages and bonuses you earn in a true network marketing opportunity are based upon your earned position. The keyword here is "earned". If a person does not acquire the customers or independent representatives that they need to quality for their opportunity's higher earned position they'll earn a bit more money from the efforts of someone like Cassandra, but it will be pennies compared to what Cassandra earns herself. Yes, Bob is at the top of the huge organization but it's Alfred and Cassandra who are making the real money, and rightfully so. In a conventional business, whether large or small, a person's job position in the corporate pyramid linearly dictates how much money they make. In almost every case, in a corporation, the people at the top make the big bucks and the people at the bottom make much, much, much less. Network marketing rewards the people who are hungry for success regardless of where they are located in the organization's structure. Think about that.

You have to talk to people. This one also seems completely obvious and because of that I never saw it as something I had to point out in my early days of network marketing. Due to leaving this out, many people in my downline would complain that they weren't making any money. I couldn't understand what was happening, but now I can share this with you: To be successful in network marketing you have to be willing to talk to people and share your opportunity in as many different ways as you can possibly think of. Have you put the link to your opportunity website in your email signature? Have you sent a short, gentle but excited announcement to every person you can think of, informing them that your home business is open for business? Have you made a YouTube video proudly and excitedly talking about all the neat stuff about your opportunity's products or services? Do you have the courage to give a brochure or a DVD to a complete stranger? Make a commitment right now to inform your downline that to be successful in their own home-based business they must let as many people as possible know that they're in business. Reveal to people that the secret to making money in network marketing is talking, and those who keep on talking are the ones who make it to the top.

The average person will not get rich with network marketing. This fact sounds pretty depressing when you first read it, but let me ask you: Do you consider yourself an average person? I can already answer that question. No, you are not an average person because if you were, you wouldn't be reading this. An above average person is willing to take the time to invest in themselves and you've invested in yourself by seeking out knowledge that you can use to propel your business forward. Read this network marketing recruiting secret again and realize that it doesn't have anything to do with whether or not you are going to be hugely successful in network marketing. You must refuse to be average. You must refuse to back down or give up. The average person is not self-motivated or excited about putting in hard work even if it means literally changing the future history of their family tree. Therefore, yes, it is an absolute fact that the average person in network marketing will only make a little money or no money at all. The average person doesn't have anything to do with you or what you are capable of. You have made it this far. I have gut-checked you over and over, and you've made it this far. Are you going to give up or are you going to take the bull by the horns and prove that I am right when I say that you are not just another average person, but an above average success story in the making?

You must not be afraid to sell. A person must have no fear of the word "salesman" and no dread of the concept of "selling". There are life-saving devices in hospitals because a salesman had the courage to stand by his product. If you know someone whose life was saved by a defibrillator, thank the doctor, nurse or paramedic...and don't forget the salesman who sold their hospital the unit. If someone asks, "Are you trying to sell me something," respond with excitement, "You bet I am...and you absolutely have to take a look at this!" Salesman are the highest paid people in the world. Why anyone would not want to be a salesman beats me. However, in network marketing you are selling your products or services but you are marketing your business opportunity. Successful network marketing recruiting means knowing the difference between these two areas of your business.

Successful network marketing recruiting doesn't mean chasing people. Now that we've moved beyond the word "salesman" we can get to the pinnacle of network marketing recruiting secrets. In terms of getting people to sign up for an opportunity, a person must understand that successful network marketers do not sell people on an opportunity. You sell people products or services and selling them on a product or service means that you might need to convince them that it is superior to the competition or that it is otherwise something that will enrich their lives. Successful network marketers do not sell people network marketing opportunities, they market them. Marketing means inviting and inviting means we're giving out invitations. An invitation, although it can certainly be an open invitation, typically means that a person has been assessed and selected to participate in an event or organization. I have absolutely no interest in chasing anybody to do anything. I will invite them. I will market my opportunity by letting as many people as possible know that the opportunity is here; that it exists, but it's up to them to accept or reject the invitation. To be successful in network marketing a person must grow an awareness of the existence of their opportunity and let people make up their own minds. Almost everyone I had to convince to make an investment in themselves didn't make any money no matter how much I tried to help them. I found myself not wanting to help them because they were so negative and required too much of my energy to motivate. On the other hand, those who are invited to watch a DVD, invited to listen to a business opportunity briefing or invited to click on a link, and who decide to get involved, are the people you will want to help make it to the top with you...and they are the ones who are going to help you get it to the top!

I've given you the knowledge that I wish I had years ago. Now it's up to you to dig down deep within yourself and find the courage to make it happen.

I wish you health, happiness and success!

Read More......

LAN Design and model a hierarchical network

Translate Request has too much data
Parameter name: request
Translate Request has too much data
Parameter name: request

CCNA focuses on networks for SMBs (small, medium businesses).

A hierarchical design model is recommended.

Easier to manage and expand.

Problems are solved more quickly.

Hierarchical design divides the network into 3 layers.

Core, (CL).

Distribrution, (DL).

Access, (AL).

Each layer provides specific functions.

This "modularity" facilitates scalability and performance.

Access Layer, (AL): lowest

Interfaces with the end device (user).

Includes routers, switches, bridges, hubs and wireless APs.

Provides a means of connecting devices to the network and controlling which one communicate on the network.

Distribution Layer, (DL):

Aggregates data received from the AL before transmitting to the CL for routing.

Controls traffic flow using policies and delineates broadcast domains with VLANs defined at the AL.

VLANs allow traffic segmentation (separate subnetworks).

DL switches are typically high-performance devices that have high availability and redundancy to ensure reliability.

Core Layer, (CL):

The high-speed backbone or the internetwork.

Critical for interconnectivity between distribution layer devices ? needs to be highly available and redundant.

Often connects to Internet resources.

Aggregates tfc fm all devices, so it must be capable of forwarding large amounts of data quickly.

Note: smaller networks often combine the distribution and core layers.

Three Logical Laye3rs are separated into a well-defined hierarchy.

It is much harder to see these layers physically.

Benefits of a Hierarchical Network:

Scalability:

Hierarchical networks scale very well.

The modularity allows you to replicate design elements.

Expansion is easy to plan and implement.

Redundancy:

As a network grows, availability becomes more important.

Availability increases dramatically with hierarchical networks.

E.G. AL switches connect to 2 DL switches. If one DL switch fails, the AL switch can switch to the other one.

Redundancy is limited is at the access layer. Typically, end devices do not connect to multiple switches.

Performance:

Properly designed networks can achieve near wire speed btwn all devices.

Security:

AL switches can be configured to provide control over which devices are allowed to connect to the network.

More advanced security policies available at the DL.

Some AL switches support L3 functionality, but it is usually the job of the DL switches, because they can process it much more efficiently.

Manageability:

Changes can be repeated across all devices in a layer because they presumably perform the same functions.

Deployment of new switches is simplified because configs can be copied with few modifications.

Consistency within each layer simplifies troubleshooting.

Maintainability:

Because of their modularity and scalability, hierarchical networks are easy to maintain.

This also means these networks are less expensive.

With other designs, manageability becomes increasingly complicated as the network grows.

Principles of Hierarchical Network Design:

Hierarchical design is no guarantee of good design.

Simple guidelines help differentiate btwn well-designed and poorly designed hierarchical networks.

Network Diameter:

Usually the first thing to consider.

The # of devices a packet crosses to reach its destination.

Small diameter ensures low and predictable latency.

Bandwidth Aggregation, (adding together):

Combines links btwn switches to achieve up throughput.

Cisco has a proprietary link aggregation technology called EtherChannel.

Aggregated links are indicated by multiple dotted lines with an oval or a single, dotted line with an oval.

Can be used at every layer (less common @ AL).

Redundancy:

Redundancy can be provided in a number of ways.

E.G. 2x connections btwn devices, or 2x devices.

Redundant links can be expensive.

Designing redundancy starts at the AL. You ensure that you accommodate all network devices ? 3 of AL switches.

This helps determine 3 of DL switches ? CL switches.

What is a Converged network?

SMBs are increasingly running voice, video and data.

Convergence is the process of combining these.

Until recently this was limited to large enterprises.

Legacy (older) equipment hinders convergence.

Because analog phones have not yet been replaced, you will also see legacy PBX telephone and IP-based systems.

Convergence is now easier and less expensive.

With a convergence there is just one network to manage.

This costs less to implement and manage.

IT cabling requirements are simplified.

Convergence also creates new opportunities.

You can tie voice and video directly into an employee's PC.

No need for an expensive phone or video equipment.

Softphones (Cisco IP |Communicator) offer a lot of flexibility.

With software businesses can quickly convert to converged networks with little capital expense.

With cheap webcams videoconferencing can be added.

Separate Voice, Video and Data Networks:

Voice networks contain isolated phone lines running to a PBX (Private BDXT Exchange) switch located in a Telco wiring closet PSTN (Public Switch Telephone Network).

Telco closet often separate fm the data and video closets.

New phone ? a new line to the PBX.

Using a properly designed hierarchical network voice lines can be added with little or no impact.

Now that networks can accommodate the BW it makes sense to converge.

Considerations for Hierarchical Network Switches:

Tfc Flow Analysis:

The process of measuring BW usage and analyzing it for performance tuning, planning, and HW improvement.

To select the appropriate gear in a hierarchical network, you need to spec out tfc flows, users and servers.

Networks must be designed with an eye on growth.

Done using tfc flow analysis software.

Should consider port densities and forwarding rates to ensure adequate growth capability.

Analysis Tools:

Many tfc flow analysis tools are available.

E.G. Solarwinds Orion 8.1 NetFlow Analysis.

User Communities Analysis:

Identifies user grpings and their impact on net performance.

Affects port density and tfc flow, which influences the selection of network switches.

Typically users are grped according to job function.

E.G. HR one floor and Finance on another.

Each dept. has different users and needs, and requires access to different resources through the network.

Choose switches that have enough ports to meet the dept needs and pwrful enough to accommodate tfc.

Good network design also factors in the growth.

Investigate the tfc generated by end-user applications.

Some user communities generate a lot, some do not.

The location of the user communities influences where data stores and server farms are located.

By locating users close to their servers, you can reduce network diameter, reducing the impact on other users.

However, usage is not always bound by department or physical location.

Data Stores and Data Servers Analysis:

Data stores can be servers, SANs, NAS, tape bu units, or any other storage device or component.

Considers both client-server and server-server tfc.

Client-server tfc typically traverses multiple switches.

BW aggregation and switch forwarding rates can help eliminate bottlenecks for this type of tfc.

Some server apps generate high volumes btwn servers.

These server shouls be located close to each other (i.e. secured data centers).

Tfc across data center switches is typically very high.

Requires higher performing switches.

Topology Diagrams:

A graphical representation of a network infrastructure.

Shows how all switches are interconnected, including which ports interconnect devices.

It shows where and how many switches are in use.

Can also contain info on device densities and user grps.

Helps visually identify potential bottlenecks.

Very difficult to create after the fact.

Switch Features:

Switch Form Factors:

Fixed or modular config, and stackable or non-stackable.

Thickness is expressed in rack units. (i.e. 1U, 3U).

Fixed Config Switches - Cannot add hardware.

Modular Switches - chassis allows for multiple line cards which contain the ports.

The larger the chassis, the more modules it can support.

Stackable Switches:

Can be interconnected using a special backplane cable that provides high-bandwidth throughput btwn the switches.

Cisco's StackWise technology allows you to interconnect up to nine switches using fully redundant backplane connections.

Stacked switches effectively operate as a single larger switch.

Desirable where fault tolerance and BW availability are critical and a modular switch is too costly.

Performance:

Port Density:

Port density is the 3 of ports available per switch.

Fixed sitches typically 1,000 ports!

Large enterprise networks require high density, modular switches to make the best use of space and pwr.

Also prevent uplink bottlenecks.

A series of fixed swtches consume many additional ports for BW aggregation btwn switches.

Whith a modular switch, aggregation is less of an issue because the chassis backplane provides the BW.

Forwarding Rates:

The processing capabilities of a switch in bps.

Switch product lines are classified by forwarding rates.

If this rate is too low, it cannot accommodate wire-speed across all ports.

Wire speed = rate that each port is capable of (10Mbps etc).

E.G. 48-port GbE switch at wire speed = 48Gbps of tfc.

If the switch only supports 32 Gbps (internally), it cannot run at full wire speed across all posrts simultaneously.

Access switches typically do not need full wire speed because they are physically limited by their uplinks to the DL.

Link Aggregation:

Determine if there are enough ports to aggregate to support the required BW.

E.G. GbE 24-port switch could generate up to 24 Gbps.

If it is connected to the network by a single cable, it can only forward 1 Gbps to the rest of the network.

That results in 1/24th wire speed for each of the 24 devices.

Link aggregation helps to reduce these bottlenecks by allowing up to 8 ports to be grped, providing up to 8 Gbps.

With multiple 10GbE uplinks very high throughput rates can be achieved.

Cisco uses the term EtherChannel = aggregated ports.

Power over Ethernet (PoE):

PoE allows a switch to deliver power over existing Ethernet.

Can be used by IP phones and some wireless APs.

Allows more flexibility for equipment installations.

Adds considerable cost to the switch.

PoE switch marked with a `V`for volts.

Layer 3 Functions:

Typically, switches operate at L2 and deal primarily with MAC addresses.

L3 switches offer advanced functionality.

L3 switches = multilayer switches.

Switch features in a Hierarchical Network:

Access Layer switch Features:

Port security - first line of defense for a network.

How many or what devices are allowed to connect.

All Cisco switches support port layer security.

VLANs - component of converged networks.

Voice tfc is typically given a separate VLAN.

Port speed:

Fast Ethernet is adequate for VoIP and most data tfc.

PoE - much more expensive, so use only when required.

Link Aggregation - supported at all 3 lvls.

QoS - needed for VoIP.

Distribution Layer Switch features:

Collect all AL switch data and forward it to the CL switches.

Provides the inter-VLAN routing functions.

DL switches have higher processing capabilities than AL.

Need L3 to support inter-VLAN routing.

Security Policies:

Need L3 so advanced security policies can be applied.

ACLs control tfc flows through a network.

ACLs allow switches to filter tfc.

ACLs are CPU-intensive because they need to inspect every packet and match ACL rules.

Placing ACLs at the DL also reduces the 3 of switches that require the extra mgmt configuration.

Policy-based connectivity and departmentaléworkgroup access to the core layer.

Quality of Service:

DL switches need to maintain the priorities of tfc coming fm the AL switches that have implemented QoS.

If not all the devices support QoS, the benefits will be reduced -. poor performance and quality.

DL switches are under high demand.

They need redundancy for adequate availability.

DL switches are typically implemented in pairs.

Recommended that they support multiple, hot swappable pwr supplies.

Finally, they need to support link aggregation and high-bandwidth aggregated links back to the core.

Core Layer Switch Features:

The CL is the high-speed backbone.

The forwarding rate is dependent on the number of devices participating in the network.

If you choose an inadequate switch at the core, you face potential bottleneck issues slowing down all tfc.

CL switches should support aggregated 10GbE.

L3 redundancy has faster convergence than L2, so, ensure CL switches support L3 functions.

CL switches should support FULL redundancy features.

QoS is important at the core since high-speed WAN access is often prohibitivel expensive.

Switches for SMBs:

Identify the Cisco switches used in SMB applications.

The features of Cisco Catalyst Switches:

You cannot simply select a switch by the size of a business.

Businesses are often cross integrated with other entities.

A 6500 makes sense as an AL switch where there are hundreds of users in an area, such as a stock exchange.

Cat Express 500 - forwarding rates = 8.8 - 24 Gbps.

Cat 2960 - L3, QoS, no PoE, 16 - 32 Gbps.

Cat 3560 - enterprise-class PoE, QoS, 32 - 128 Gbps.

Cat 3750 - stackable high performance.

Cat 4500 - DL midrange modular - up to 136 Gbps.

Cat 4900 - data center.

Cat 6500 - DL and CL - up to 720 Gbps.

Miscellaneous:

MDF - Main Distribution Facility.

Gi 0é1 - abbreviation for Gigabit Ethernet ports.

Spanning Tree - protocols allows redundant paths, but shuts down some links to avoid switching loops.

Read More......

Why is it so important to online documentation

Error in deserializing body of reply message for operation 'Translate'. The maximum string content length quota (8192) has been exceeded while reading XML data. This quota may be increased by changing the MaxStringContentLength property on the XmlDictionaryReaderQuotas object used when creating the XML reader. Line 1, position 9571.
The server was unable to process the request due to an internal error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework 3.0 SDK documentation and inspect the server trace logs.

Undocumented Networks

------------

I can't tell you how many projects I've worked on in which

the customer has little to no network documentation. The

reason for the lack of network documentation is varied. In

many cases this is both the fault of the customer and the

vendor / consultant who designed and implemented the

network. The vendor just does not do it and the customer

does not press hard enough for it. In some cases, technology

consultants do not feel it's important enough or want to

lock the customer into having to call "them" if something

goes wrong or a configuration needs to be changed.

Not only is this poor practice on the side of the

consultant, it can have a dramatic affect on the future

growth of the customer, increase the costs of future network

upgrades and diagnostics, and can negatively impact the

security of the customers network.

The Results Of A Undocumented Network

------------

Before I tell you the basic items that need to be documented

with regards to computer networks, I first want to give you

examples of what I have "not" seen documented, and what

problems this has caused.

During one of my past projects, which was primarily to

implement a new firewall and to secure many of the internal

systems , I ran into some really incredible issues. None of

the primary server systems were documented. No one knew what

server did what, how much memory, disk space, what type of

processor(s), and in some cases, did not know what Operating

System was installed. And worse than that, during my initial

review, we located three servers in a closet, on a different

floor, that no one even knew existed!

Because of the lack of network documentation, no one knew

what was suppose to be done to maintain their enterprise

Anti-Virus system. When I finally determined what the admin

password was to login to the Anti-Virus services, I found

that virus signatures had not been updated in over six

months. Then we found that the system was not even

functioning and nearly 90% of systems on the network were

infected with virus and worms (and not the annoying kind

either, the destructive kind)

We also found there were four different tape backup servers,

and again, because of the lack of network documentation,

none of them had been maintained. The customer just kept

changing tapes. And do you know what, none of the backup

jobs had been running for months. Talk about a false sense

of security!

The very last thing I want to talk about is how lack of

network documentation and procedures can affect network

security. In one case, a customer had a rather expensive

Check Point Firewall in place. No documentation was

available and the customer had been told that nothing needed

to be done to maintain the Firewall. The customer told me

that recently, their Internet access had become very

sluggish. It took two days to locate the Check Point console

password. When I logged in I found that the C: drive had

absolutely no free disk space because the Firewall log had

consumed it all. This could have been avoided if the

Firewall was setup properly in the first place. The Firewall

was also about 4 Service Packs behind, and the rules in

place were quite inadequate. Not to mention that none of the

rules themselves had been documented. And one more thing to

think about. If this network had been attacked and

compromised, how quickly would we have been able to respond

to the attack if so much of the network was undocumented? It

would have been a disaster.

Basic Network Documentation

------------

Here is a basic set of items that should be contained in

network documentation:

All server hardware and operating systems should be

documented, including the physical locations and what

primary, secondary, etc.. purpose they serve. All key

service accounts an login account user-id and password's

should be documented and stored in a safe location, maybe a

company lockbox or vault, or use something like KeyPass to

store them. A visual diagram of the network layout, even

from a high level, should exist no matter how small or large

the network is. Products like WhatsUpGold can assist with

this or you can create a Visio diagram of the network.

Procedures on how to maintain the network technology,

including Operating Systems, security related services,

backup and disaster recovery (business continuity), and

firewall technologies should exist.

Additionally, you should

document and secure all Operating System and application

licensing. This is something that is very often overlooked

and is imperative if you have to recover from a disaster

situation in which the rebuild of systems is necessary.

Other information to have documented is key contact

information. For instance, who do you call if your Internet

connection goes down? Who do you contact if your offsite web

services are not functioning? Do you have a third party that

maintains your Domain Name Services (DNS)? If you have

custom applications, do you know exactly who you must call

if there is a problem?

The above is just the basic items that need to be documented

within a computer network. There are many more aspects to

network documentation.

Who Needs To Document Their Network

------------

In a nutshell, anyone who has a computer network, home

office, small office, or large office, should have an

adequate level of network documentation and procedures to

follow in order to maintain the network. If you have

invested in network technology, don't you want to keep your

investment safe, sound, and performing at it's peak?

Conclusion

------------

If you are a customer, and have a systems integrator or

consultant working on a new network implementation or

upgrading an existing one, demand that they provide you with

complete network documentation. Even if it costs you extra

you should request it. It will save you a lot of time and

money in the future. And, it may actually keep your business

from experiencing long periods of down time.

You may reprint or publish this article free of charge as long as the bylines are included.

Read More......

Network Security 101

As more people are accessing the Internet every day, Network security becomes a larger issue. In the United States, identity theft and computer fraud are among the fastest growing crimes. It is important to protect your network and ensure the security of all computers and users in network.

What is the network?

To fully understand network security, one must first understand what exactly the network. Network represents a group of computers that are connected. Computers can be connected in different ways. Some of these methods fall into a USB port, telephone lines, connection via Ethernet or wireless connection. Internet network network sec.Your Internet service provider (ISP) also constitutes a network.When a computer connects to the Internet, he joined his network which connects with a host of other network s connected to the even more network s and so on all these network s cover Internet. huge amount of computers on the Internet and the number of providers and the General network s makes network security.

Total network security breeches

Hackers often attempt to break into vulnerable network, s. hackers use a variety of attacks to cripple the network. Do you have a home network or network, it is important to know how hackers will attack in network.

One common way for a hacker to wreak havoc — access to things that ordinary users should not have access to in any network, administrators are able to make some part network "unauthorized access". If a hacker can gain access to a protected area in network, he or she can affect all computers in the network. Some hackers are trying to break into a network s and release the viruses that affect all computers in the network.Some hackers as you can see the information that they should not see.

Destructive attacks

There are two main categories for destructive attacks network.Data Diddling is the first attack she usually not obvious that something is wrong with your computer, where he was allegedly diddler. data changes usually Diddlers rooms or multiple files, and the damage is much later.After tracing the problem can be really hard to trust any of your previous data because the culprit can potentially confusing to a lot of different instruments.

The second type of wipe is complete removal.Some hackers will just break into your computer and delete the files.This will inevitably cause problems for any business, and can even lead to a computer is useless.Hackers can rip operating systems from each other and awful problems network or computer.

Value network security

Knowing how destructive hacker might display network security most network s have enabled a firewall blocks hackers and viruses with virus protection software on all computers in the network is mandatory in network all computers are connected, so if a computer has a virus, other computers can be adversely affected by the same virus. any administrator network should have all the core files on the backup drive. If the file is deleted, hacker, but there is a backup, there is no where files will be lost forever, trouble the network is an important thing for businesses and homes. hackers are trying to make life difficult, but if you are ready for them, your network will be safe.

Read More......

Network security-the road ahead

Translate Request has too much data
Parameter name: request
Translate Request has too much data
Parameter name: request

Network Security - The road ahead

Introduction
What is Network Security?
"Network
Security" -Monitoring



"Network Security" -Forensics
"Network Security" -Compliance


HIPAA


SOX
GLBA



Conclusion


Introduction

Network Security is the next wave which is bound to sweep the software

market. Increase in offshore projects and transfer of information

across the wire has added fuel to the burning urge to secure the

network. As the famous adage goes, the most safest computer is

one which has been unplugged from the network(making it almost

useless). Network security

is becoming more of a necessity. Interestingly the type of security

required across different enterprises depends on the nature of its

business. Offlate some laws & acts have been defined to

identify security breaches, which is a very good move to prevent

fradulent use/access of information. There are two types of softwares

for Network security, one which prevents it and one which does the

forensic analysis. The main focus of this article would be

the forensics of network security.

What is Network Security?

network security: the

protection of a computer network and its services from unauthorized

modification, destruction, or

disclosure

Network security is a self-contradicting philosophy where you need to

give absolute access and at the same time provide absolute security.

Any enterprise needs to secure itself from two different access of

information/transaction for that matter(ex:ftp,http etc.), internal

access and external access. Securing the access of information or

resources from the external world(WWW) is quite a task to master, that

is where the firewalls pitch in. The firewalls act as gatekeepers who

seggregate the intrusive and non-intrusive requests and allow access.

Configuring & maintaining a firewall is by itself a task which

needs experience and knowledge. There are no hard and fast rules

to instruct the firewalls, it depends on where the firewall is

installed and how the enterprise intends to provide access to

information/resources. So, the effectivity of any firewall depends on

how well or how bad you configure it. Please be informed many firewalls

come with pre-configured rules, which intend to make the job of

securing the information access from external sources. In short

firewall gives you information about attacks happenning from the

external world.

The toughest job is to secure information from the internal sources.

More than securing it, managers need to track the information flow, to

identify possible casuatives. The tracking of information flow will

come in handy in case of legal situations. Because what seemingly to be

a sharing of information could be held against you in the court of

law. To enforce this, acts such as HIPAA, GLBA, SOX have been

putforth, to ensure that the scam(s) like that of "Enron" does

not happen. In short the tracking of information and audit gives you

information abouot security breaches and possible internal attacks.

There are a variety of network security attacks/ breaches:

Denial of Service
Virus attacks
Unauthorized Access
Confidentiality breaches
Destruction of information
Data manipulation

Interestingly , all these information are available across the

enterprise in the form of log files. But to read it through

and making sense out of it, will take a life time. That is where the

"Network Security" monitoring also known as "Log Monitoring" softwares

pitch in. They do a beautiful

job of making sense out of the information spread across various

locations and offer the system administrators a holistic view of what

is happening in their network, in terms of Network Security. In short they

collect,collate,analyze & produce reports which help the

system administrator to keep tabs on Network Security.

"Network Security" -Monitoring

No matter how fine your defense systems are, you need to have someone

to make sense out of the huge amount of data churned out of a edge

device like firewall and the system logs. The typical enterprise logs

about 2-3GB/day depending upon the enterprise the size might vary. The

main goal of the forensic software is to mine through the vast amount

of information and pull out events that need attention. The

"Network security" softwares play a major role in identifying the

causatives and security breaches that are happenning in the

enterprise.

Some of the major areas that needed to be addressed by any network

security product is to provide a collective virus attacks across

different edge devices in the network. What this offers for an

enterprise is a holistic view, of the attacks happening across the

enterprise. It offers a detailed overview of the bandwidth

usage, it should also provide user based access reports. The

product has to highlight sescurity breaches and misuse of internet

access, this will enable the administrator to take the necessary

steps. The edge devices monitoring product has to provide other

stuffs like Traffic trends,insight into capacity planning and Live

traffic monitoring, which will help the administrator to find causes

for network congestion.

The internal monitoring product has to offer the audit information of

users, system security breaches and activity audit trails (ex: remote

access) As most of the administrators are ignorant of the requirements

for the

compliance acts, it is better to cross reference which acts apply to

their enterprise and ensure that the product supports reporting for the

compliance acts(please refer here

for details on compliance)

In altoghether they will have to support archiving, scheduling of

reports and a comprehensive list of reports. please follow the next

section for more details.

"Network Security" -Forensics

The most important features you need to

lookout,when you short list a network security forensic product is the

ability

to archive the raw records. This is a major factor when it comes to

acts and laws. So in the court of law, the original record has to be

produced as proof and not the custom format of the vendor. The

next one to lookout for is the ability to create alerts, i.e the

ability to notify whenever some criteria happens ex: when 3

unsuccessfull login attempts mail me kind of stuff, or better still if

there is a virus attack for from the same host more than once, notify

me etc. This will reduce the lot of manual intervention needed in

keeping the network secure. Moreover the ability to schedule

reports is a big plus. You don't have to check the reports daily. Once

you have done your ground work as to configure some basic alerts and

some scheduled reports. It should be a cakewalk from then on. All

you need to do is check out the information(alerts/reports) you get in

your inbox. It is recommended that you configure reports on a weekly

basis. So that it is never too late to react to a potential threat.

And finally a comprehensive list of reports is a vital feature to

lookout for. Here is a list of reports that might come in handy

for any enterprise:

Reports to expect from edge devices such as a firewall:

Live monitoring
Security reports
Virus reports
Attack reports
Traffic reports
Protocol usage reports
Web usage reports
Mail usage reports
FTP usage reports
Telnet usage reports
VPN reports
Inbound/Outbound traffic reports
Intranet reports
Internet reports
Trend reports

Reports to expect from compliance and internal monitoring:

( see compliance sub-heading for reports on compliance)

User Audit reports (successfull/unsuccessful login attempts)
Audit policy changes (ex: change in privileges etc)
Password changes
Account Lockout
User account changes
IIS reports
DHCP reports
MSI reports( lists the products installed/uninstalled)
Group policy changes
RPC reports
DNS reports
Active directory reports


The gating factor for choosing a monitoring product is to cross verify

whether the devices you have in your network are supported by the

vendor you choose. There are quite a number of products which

address this market, you might want to search for "firewall analyzer"

and "eventlog analyzer" in google.

"Network Security" -Compliance

Most of the industries such as health care and financial

institutions are mandated to be compliant with HIPAA and SOX acts.

These acts enforce stringent rules in all aspects of the enterprise

including the physical access of information. (This section

concetrates on the software requirement of the acts) There are quite a

number of agencies that offer the compliance as a service for an

enterprise. But it all depends on whether you want to handle compliance

yourself or employ a third party vendor to ensure compliance to the

acts.

HIPAA Compliance:

HIPAA defines the Security Standards for monitoring and auditing system

activity. HIPAA regulations mandate analysis of all logs,

including OS

and application logs including both perimeter devices, such as IDSs, as

well as insider activity. Here are some of the important reports that

need to be in place:

User Logon report: HIPAA requirements (164.308 (a)(5) -
log-in/log-out monitoring) clearly state that user accesses to the
system be recorded and monitored for possible abuse. Remember, this
intent is not just to catch hackers but also to document the accesses
to medical details by legitimate users. In most cases, the very fact
that the access is recorded is deterrent enough for malicious activity,
much like the presence of a surveillance camera in a parking lot.
User Logoff report: HIPAA requirements clearly state that user
accesses to the system be recorded and monitored for possible abuse.
Remember, this intent is not just to catch hackers but also to document
the accesses to medical details by legitimate users. In most cases, the
very fact that the access is recorded is deterrent enough for malicious
activity, much like the presence of a surveillance camera in a parking
lot.
Logon Failure report: The security logon feature includes logging
all unsuccessful login attempts. The user name, date and time are
included in this report.
Audit Logs access report: HIPAA requirements (164.308 (a)(3) -
review and audit access logs) calls for procedures to regularly review
records of information system activity such as audit logs.
Security Log Archiving Utility:Periodically, the system
administrator will be able to back up encrypted copies of the log data
and restart the logs.

SOX Compliance:

Sarbanes-Oxlet defines the collection,retention and review of audit

trail log data from all sources under section 404's IT process

controls. These logs form the basis of the internal controls that

provide corporations with the assurance that financial and business

information is factual and accurate. Here are some of the important

reports to look for:

User Logon report:SOX requirements (Sec 302 (a)(4)(C) and (D) -
log-in/log-out monitoring) clearly state that user accesses to the
system be recorded and monitored for possible abuse. Remember, this
intent is not just to catch hackers but also to document the accesses
to medical details by legitimate users. In most cases, the very fact
that the access is recorded is deterrent enough for malicious activity,
much like the presence of a surveillance camera in a parking lot.
User Logoff report:SOX requirements (Sec 302 (a)(4)(C) and (D)
clearly state that user accesses to the system be recorded and
monitored for possible abuse. Remember, this intent is not just to
catch hackers but also to document the accesses to medical details by
legitimate users. In most cases, the very fact that the access is
recorded is deterrent enough for malicious activity, much like the
presence of a surveillance camera in a parking lot.
Logon Failure reportThe security logon feature includes logging
all unsuccessful login attempts. The user name, date and time are
included in this report.
Audit Logs access report:SOX requirements (Sec 302 (a)(4)(C) and
(D) - review and audit access logs) calls for procedures to regularly
review records of information system activity such as audit logs.
Security Log Archiving Utility:Periodically, the system
administrator will be able to back up encrypted copies of the log data
and restart the logs.
Track Account management changes:Significant changes in the
internal controls sec 302 (a)(6). Changes in the security configuration
settings such as adding or removing a user account to a admistrative
group. These changes can be tracked by analyzing event logs.
Track Audit policy changes:Internal controls sec 302 (a)(5) by
tracking the event logs
for any changes in the security audit policy.
Track individual user actions:Internal controls sec 302 (a)(5) by
auditing user activity.
Track application access:Internal controls sec 302 (a)(5) by
tracking application
process.
Track directory / file access:Internal controls sec 302 (a)(5)
for any access violation.

GLBA Compliance:

The Financial Services Modernization Act (FMA99) was signed into law in

January 1999 (PL 106-102). Commonly referred to as the

Gramm-Leach-Bliley Act or GLBA, Title V of the Act governs the steps

that financial institutions and financial service companies must

undertake to ensure the security and confidentiality of customer

information. The Act asserts that financial services companies

routinely collect Non-Public Personal Information (NPI) from

individuals, and must notify those individuals when sharing information

outside of the company (or affiliate structure) and, in some cases,

when using such information in situations not related to the

furtherance of a specific financial transaction.

User Logon report:GLBA Compliance requirements clearly state that
user accesses to the system be recorded and monitored for possible
abuse. Remember, this intent is not just to catch hackers but also to
document the accesses to medical details by legitimate users. In most
cases, the very fact that the access is recorded is deterrent enough
for malicious activity, much like the presence of a surveillance camera
in a parking lot.
User Logoff report:GLBA requirements clearly state that user
accesses to the system be recorded and monitored for possible abuse.
Remember, this intent is not just to catch hackers but also to document
the accesses to medical details by legitimate users. In most cases, the
very fact that the access is recorded is deterrent enough for malicious
activity, much like the presence of a surveillance camera in a parking
lot.
Logon Failure report:The security logon feature includes logging
all unsuccessful login attempts. The user name, date and time are
included in this report.
Audit Logs access report:GLAB requirements (review and audit
access logs) calls for procedures to regularly review records of
information system activity such as audit logs.
Security Log Archiving Utility:Periodically, the system
administrator will be able to back up encrypted copies of the log data
and restart the logs.

Conclusion

"Network Security" has to be done both internally as well as

externally, the job of nailing the problem is a huge task

which needs expertise and mostly help from softwares such as EventLog Analyzers(compliance and internal monitoring of internal machines) and Firewall Analyzer(virus,attacks

and traffic monitoring of edge devices).

Bibliography

http://www.interhack.net/pubs/network-security/

http://www.hipaa.org/

[http://www.sarbanes-oxley.com/]

http://www.senate.gov/~banking/conf/

Read More......