Manualshelf

Datasheet

ManualsBrandsFor Dummies ManualsSoftware978-0-470-64748-6
11121314151617181920
466
Mitigating Security Threats
VPN protocols are responsible for encrypting the data. Examples of VPN
protocols are the Point-to-Point Tunneling Protocol (PPTP) and the Layer 2
Tunneling Protocol (L2TP). Growing in popularity is SSL VPNs, which do not
require VPN client software on the client systems as the Web browser makes
the client connection. It should also be noted that VPNs can be created from
one site to another in order to encrypt all traffic between the two sites (as
opposed to the clients creating the VPN).
Mitigating Security Threats
Now that you have been introduced to some of the different types of
network attacks and identified some of the popular network security
appliances, let’s take a look at how you can minimize potential network
threats. A fancy term for minimizing the threats is mitigating.
Although this section is not intended to be a complete list of the steps to
take to secure your environment, it is definitely a list of some of the
fundamental steps you should take — and they will go a long way to helping
create a secure environment.
Workstations
To help keep your desktop workstations secure, you should consider doing
the following, at a minimum:
Patch your systems. Be sure to keep your systems up to date with
patches. This includes patching the operating system and all software
installed.
Use antivirus software. Ensure that you have company-approved
antivirus software installed on all desktop systems.
Keep virus definitions up to date. Make sure you are keeping the virus
software definitions up to date. These definitions allow the virus-protection
software to know what the current viruses are.
Limit administrative accounts. Do not give all the users administrative
capabilities to the desktop system. Ensure that most users utilize
restricted accounts and limit how many people have administrative
access.
Maintain user awareness. It is important to ensure users are aware of
some of the different threats that exist. Educate users on good e-mail
practices and about social engineering attacks.
Servers
To help keep your servers secure you should contemplate doing the
following, at a minimum:
22_647486-bk04ch01.indd 46622_647486-bk04ch01.indd 466 10/15/10 11:27 PM10/15/10 11:27 PM