Category


Latest Blogs

All Blogs »

April 12, 2017 | Network Access Controls (NAC)
By Jennifer Minella, IANS Faculty

 Deploying NAC for Both Wired and Wireless Networks

No two network access control (NAC) solutions are alike, and choosing the right implementation for a complex health care environment that spans both wired and wireless networks is difficult at best. In this Ask-an-Expert written response, IANS Faculty Jennifer Minella provides an overview of current NAC options along with some industry-specific recommendations.

Read More »


April 5, 2017 | Wireless Networks
By Paul Asadoorian, IANS Faculty

 Detecting Rogue Wireless Access Points

Rogue wireless access points (WAPs) are a known attack vector, but correctly detecting and identifying them amid the noise of different wireless networks and protocols can be difficult. In this Ask-an-Expert written response, IANS Faculty Paul Asadoorian steps through the process of detecting rogue WAPs, including those impersonating corporate SSIDs.

Read More »


March 16, 2017 | Embedded Systems and Internet of Things
By Aaron Turner, IANS Faculty

 Balancing Business Benefits with IoT Dangers

Some say IoT stands for Internet of Threats, but businesses and consumers are rushing headlong into the adoption of everything from wearables to smart buildings. In this report, IANS Faculty Aaron Turner examines the enterprise risks of IoT and explores defensive tactics to help build a short- and long-term strategy to effectively and securely employ IoT technology. 

Read More »


March 10, 2017 | Architecture, Configuration and Segmentation
By Marcus Ranum, IANS Faculty

 Securing Your Network With Overlapping Controls

Many security practitioners complain about being flooded with alerts and vulnerabilities, because they don't get to design their systems so that the alerts are useful. Segmentation is one of many techniques these practitioners can use to manage alerts and reduce breach
impact. In this webinar, IANS Faculty Marcus Ranum and Ron Dilley describe a model for administratively breaking your network apart into management "zones" that can be analyzed and secured separately.

Read More »


February 15, 2017 | Virtual Private Networks
By Dave Shackleford, IANS Faculty

 DirectAccess: Understanding the Pros and Cons

Microsoft's DirectAccess offers some clear operational and cost advantages for organizations, but it also brings with it some potential drawbacks from a security perspective. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford assesses these pros and cons and details some of the security considerations organizations need to take into account when deciding to implement DirectAccess. 

Read More »


January 5, 2017 | Malware and Advanced Threats
By Dave Shackleford, IANS Faculty

 Information Security Trends for 2017

2016 was a challenging year for infosec, with the proliferation of ransomware, IoT botnets and more. What new attacks will surface in 2017, and what hot technologies are on the horizon to fight them? In this webinar and corresponding report, IANS Lead Faculty Dave Shackleford reveals major trends in store for IT security professionals in the coming year.

Read More »


November 10, 2016 | Converged Infrastructure
By Aaron Turner, IANS Faculty

 Bluetooth Security Risks: An Overview

When it comes to evaluating Bluetooth security risks, it's important to divide up the technology into different sections and examine the potential risks of each. In this Ask-an-Expert written response, IANS Faculty Aaron Turner evaluates Bluetooth security from the perspectives of physical-layer, protocol implementation and application-layer vulnerabilities.

Read More »


October 13, 2016 | Networking and Network Devices
By Mike Saurbaugh, IANS Faculty

 What to Look for in a Secure Web Gateway

Secure web gateways provide a staple in network infrastructure and the market seems to suggest they will be around for the next few years. In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh explores the capabilities of modern proxy solutions and offers selection criteria to help evaluate various solutions.

Read More »


September 28, 2016 | Networking and Network Devices
By Aaron Turner, IANS Faculty

 Preparing for a DDoS Attack

When it comes to preparing for and responding to DDoS attacks, there is no one-size-fits-all approach. In this Ask-an-Expert written response, IANS Faculty Aaron Turner breaks down the different types of DDoS attack and offers a number of strategies and tools that organizations can lean on to better prepare for them.

Read More »


August 23, 2016 | Intrusion Prevention/Detection (IPS/IDS)
By Dave Kennedy, IANS Faculty

 Detailing the Benefits of Network- and Host-Based IDS/IPS Solutions

Both network- and host-based IDS solutions are critical for organizations when it comes to quickly identifying threats. In this Ask-an-Expert written response, IANS Faculty Dave Kennedy breaks down the advantages and limitations of each and offers recommendations for organizations to get the most out of their IDS/IPS solutions.

Read More »


June 17, 2016 | Firewalls, NGFW
By Dave Shackleford, IANS Faculty

 Understanding AWS Network Security Firewall Requirements

Choosing a firewall to leverage within Amazon Web Services comes with a number of important considerations. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford lists the benefits of using a third-party firewall and details the key factors organizations need to consider when choosing a firewall, including support level, cross-cloud compatibility and, ultimately, cost.

Read More »


June 13, 2016 | Virtual Private Networks
By Aaron Turner, IANS Faculty

 Managing the Risks of Remote Access

Providing remote access to employees can present a host of potential security challenges. In this Ask-an-Expert written response, IANS Faculty Aaron Turner details the approaches companies can take to provide their employees with secure remote access and explains that costs and resources will ultimately dictate which path to take.

Read More »


June 2, 2016 | Networking and Network Devices
By Marcus Ranum, IANS Faculty

 From Tools to Understanding: Reinventing Security

Let’s face it: Current security practices just aren't working. Patching – and playing whack-a-mole with malware – is an endless, grinding failure. In this report, IANS Faculty Marcus Ranum introduces a completely new model for building secured networks from the ground up and uses real-world examples to show how putting in some hard work upfront can pay big security dividends.

Read More »


November 10, 2015 | Endpoints
By John Strand, IANS Faculty

 The New Security Fundamentals: Kill Your Antivirus

As user needs and expectations evolve, security teams are faced with the challenge of effectively protecting these next-generation endpoints. In this Ask-an-Expert written response, IANS Faculty John Strand explains the benefits of implementing internal firewalls, offers a practical approach to Internet whitelisting and details a number of discrepancy analysis tools that security teams can use to identify deviations from the norm.

Read More »


August 13, 2015 | Networking and Network Devices
By Dave Shackleford, IANS Faculty

 Internal Network Monitoring Solution RFP (Template)

When creating a request for proposal (RFP) of any kind, the purpose is to ensure prospective vendors can check all of the necessary boxes. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford develops a comprehensive RFP template specifically designed for organizations seeking an internal network monitoring solution.

Read More »


July 22, 2015 | Networking and Network Devices
By Mike Saurbaugh, IANS Faculty

 Building a Network Security Roadmap

Provide Perimeter-less Data Protection: In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh offers a comprehensive list of effective network segmentation and security technologies, from privileged account management solutions like Thycotic to threat simulation tools like AttackIQ.

Read More »