What is SIEM? SIEM (usually pronounced 'seem' or 'sihm') stands for Security Information and Event Management. It comes in several forms and various price points, including as a software product, appliance or as a service. SIEM collects log and event information from servers, security devices, network devices and applications. It's a single window into all of your network activity. If you like movie references, think of it like the eye of Sauron tirelessly watching your network landscape... But it doesn't just collect the data. It normalizes, correlates and sorts everything into useful categories like threats, failed logins, successful logins, firewall…
Read More
What Is a Vulnerability Assessment? A proper vulnerability assessment looks at the system architecture, data flows and IT processes for an organization. You need to understand security controls around the network, ensure security devices are properly configured, ensure best practices for secure configurations are in place, and much more. There are a lot of benefits to getting a thorough vulnerability assessment done, including: Comprehension of What's Actually on your Network -- You will learn whether firewall and content filters are properly configured; which vulnerabilities exist on your systems; whether your user directory is properly secured and configured; whether there are…
Read More
Data travels across the Internet governed by several sets of rules called protocols. Collectively, these protocols make up the Internet Protocol, or IP. This standardized set of rules is what allows devices to communicate across networks. It's what makes the Internet possible. Recently, you may have come across a term called IP convergence. What does this terminology mean? If IP is the set of rules that governs how data travels across the Internet, then what is convergence? IP convergence refers to the capability of the Internet to act as a single pathway for various applications that traditionally had their own…
Read More
We told you not to trust your neighbor. But you should be able to trust your vendors, right? Not necessarily! In recent weeks there have been a couple of high profile security vendor breaches/vulnerabilities. Juniper Networks disclosed two backdoors in their firewall code and Fortinet also had a backdoor/vulnerability within their software. Both Juniper and Fortinet backdoors would give an attacker access to your firewall. Your firewall! Remember -- this is the very device that is supposed to keep your network protected!! Oh, the irony. So... Down with vendors, then? Obviously, no. We cannot grow all of our solutions at home. And…
Read More
I covered in my last installment, how converging your voice and data networks allows you to take full advantage of the benefits VoIP telephony offers. This can be a tricky road, but one very worth the trip. In this post, I'll talk more specifically about some security details you should consider while weighing your decision to go to VoIP and how to mitigate those concerns. Converged Network Security Implications A converged network can create security problems unheard of in the legacy, voice-only telecom world. Traditionally, calls are sent and received over closed, circuit-switched networks. Security and performance concerns are minimal in that…
Read More