The lowdown on security tools for network management
What are they?
Security tools for network management include both targeted software, such as intrusion detection programs, and those that have more general uses. Many of the tools that monitor network performance can also be used as security tools or hacker tools, and vice versa.When do I need them?
If your network is connected to the Internet, an attack of some kind is probably inevitable. But remember that the biggest threat is almost always internal, resulting either from employee carelessness or malicious intent. Network management tools can provide early detection and warning of attacks.What is the leading protocol?
Simple Network Management Protocol Version 1 is still the premier network data collection standard. SNMP Version 3 has more security features, but the Defense Department, in particular, chose to add security extensions to Version 1 instead of migrating to SNMPv3, so v3 really never took off.Must know info?
Most system intrusions can be prevented, but management often drops the ball or even gets in the way. The most common security mistakes by management include:
- failure to understand the consequences of security failures
- failure to have an incident response plan in place
- assigning unqualified people to manage network security, then failing to provide adequate training or resources so they can accomplish their task
- assuming that a firewall is all that's needed
- and, especially, reacting to a threat with a short-term fix rather than authorizing the implementation of an overall defensive security plan.