Denial of Security Holes Can Lead to Denial of Service - Page 3
Halting potential problems on VPNs is an issue of access, says Shimeall. "Do what you can to limit the services even on VPNs. If a service not required over the VPN, turn it off." He says a key mistake most administrators make is to assume the VPN is secure. "Don't assume that. That's the attitude you want to fight."
Compromises often happen when there is no validation of the networks to which you are now connected. "You need to validate what the security is on the other ends of the VPN. Usually firewalls don't monitor traffic over the VPN." He says there are added issues if the partners on the VPN have public gateways -- a huge vector for transmission of viruses and conduit welcoming intrusions and disruptions.
He suggests administrators secure their network by asking questions as if you were contracting with an ISP. This can help shore up weak points and formulate responses to possible network compromises or intrusions.
Administrators must have a comprehensive security strategy. It's important not only to have perimeter defenses, but each desktop client should be protected to, for example, keep viruses from spreading unchecked.
Hartmann says system administrators "should be prepared for a worse case scenario. Simply ask yourself...what do you do when your system gets infected or when your system is being hacked? Who do you call? ... There are many questions, which should be covered in a proper plan."
Once that perimeter is breached, then what? Increasingly, administrators are advised to enact a proactive overall security plan. These can, says Hartmann, be expensive and difficult to manage, especially without sufficient staff to monitor the entire network. But being proactive can be as simple as installing content filtering software at gateways or Exchange servers.
User behavior -- not downloading potentially infected files or breaching protocols, opening attachments, changing preferences in e-mail software, etc. -- is a huge factor in network security, regardless of the size of the enterprise. Hartmann says it is wisest for administrators "to move the decision making away from the desktop and to your first layer of defense -- the gateway, which is managed by one of the administrators."
Users should be involved in developing security protocols. "Don't ignore them. Involve them," advises Shimeall. Security plans, he says, "should be done with your users, not done to your users."
Realted Article: DoS Attacks Go For the Throat