3 Tips for Intrusion Security Planning

Gartner vice president Paul E. Proctor wrote the book—literally—on intrusion detection. But a lot has changed since 2000, when he penned the Practical Intrusion Detection Handbook, a 359-page tome with tips on choosing vendors, setting up policies and justifying related costs.

The intrusion detection systems of old sat inside the network, watching the incoming traffic. They could spot malicious packets like worms, viruses or spyware and alert technology managers, but they couldn’t stop those threats from pervading the network. That’s where intrusion prevention came into play. Prevention systems not only sit inline and detect bad traffic; they can block the packets completely.

But those aren’t the only tools at a security manager’s disposal. Proctor continues to watch the evolving security market and offers these tips for technology managers looking to step up their network protection.

1. Avoid Blocking Blunders

Intrusion prevention systems can deliver value at relatively low risk, Proctor says, but technology managers need to tweak what the system will or will not block. Some packets crucial to an application’s performance could get snapped up and spit out unless the system is configured to let them through. “The risk still remains that if you turn on the wrong things, you can basically break applications,” he says.

2. Turn Up the Volume

Vendor products can include 3,000 or so signatures, which are patterns of unwanted network activity. Once you figure out which applications—and, therefore, which patterns–you need to allow, activate as many signatures as you can, Proctor says. This will cover your bases in blocking the maximum amount of threats.

3. There’s No Silver Bullet

Vendors and users can tout the success of prevention systems all they want, Proctor says, but those systems alone cannot effectively guard your network. The right approach, he explains, is to employ multiple systems, including technologies such as detection and prevention, firewalls, anomaly-based monitoring (which takes a sample of normal traffic behavior and audits network flow against it), and security information and event management (which centralizes system logs and checks for patterns).

Neuroscientist reveals a new way to manifest more financial abundance

Breakthrough Columbia study confirms the brain region is 250 million years old, the size of a walnut and accessible inside your brain right now.

Learn More

Picture of Brian P Watson

Brian P Watson

TRENDING AROUND THE WEB

If you tend to worry too much about things you can’t control, say goodbye to these 8 behaviors

If you tend to worry too much about things you can’t control, say goodbye to these 8 behaviors

The Blog Herald

8 subtle signs a person has low-quality energy, says psychology

8 subtle signs a person has low-quality energy, says psychology

Global English Editing

If you recognize these 7 subtle signs, you’re in serious need of a digital detox

If you recognize these 7 subtle signs, you’re in serious need of a digital detox

Personal Branding Blog

People who genuinely enjoy life despite not being rich usually display these 7 unique traits

People who genuinely enjoy life despite not being rich usually display these 7 unique traits

Small Business Bonfire

People who are secretly unfulfilled in life usually display these 7 behaviors (without realizing it)

People who are secretly unfulfilled in life usually display these 7 behaviors (without realizing it)

The Vessel

People who stay happy and active into their 70s and beyond usually have said goodbye to these 10 habits

People who stay happy and active into their 70s and beyond usually have said goodbye to these 10 habits

Jeanette Brown