Disclaimer

The content of this material are challenges faced onsite and how I personally resolved them. Please be noted that solutions posted here

1> should not be considered as ultimate. The material may be considered for reference only.

2> should not be considered as guarantee that solutions may work. Contact Cyberoam support before making any changes.

3> blog does NOT belong to the Cyberoam. It's a blog...a personal blog.

Changes done after referring this site may seriously damage the network. So...

........DO CHANGES AT YOUR OWN RISK

(please contact cyberoamsupport before implementing any changes)

Thursday, 24 May 2012

Most common myths about the network security


Myths about network security
1>     I am anonymous on internet:
2>     Having a security appliance will require dedicated manpower
3>     The threats are only from outside
4>     I am secure if I am accessing HTTPS
5>     Installing firewall : I am secure

1>     I am anonymous on internet:

This is a common myth most the administrators are under. They do not understand that to bring down a big target, hackers target small organisations. The reason for this behaviour is obvious; they want to cover their tracks. Hackers create zombies in smaller networks and try to bring down bigger network. When doing a forensic analysis it will always be your network under the RADAR.

2>     Having a security appliance will require a dedicated manpower

The Cyberoam UTM appliance is all in one solution and does not require any dedicated manpower. Companies can use their existing manpower to control their internet traffic. The products is very simple to configure and its plug and play device.

3>     Threats are only from outside

Most of the administrators feel that threats are only from outside. This is great myth of all, as the threats from inside is equally distributed to threats from outside. More than 50% of the threats are from inside. Free surfing on the internet will invite virus, Trojan and worms inside the network and thus will reduce the speed of the whole network. You will buy new switches which should be working at great speeds and at the end of the day you will still find them working the same as before. The worms eat up your bandwidth due to broadcasts and Trojans can launch attacks from inside the network. If your email server gets compromised you will see your public IP getting black listed.

4>     I am secure, if I am accessing HTTPS

This is where you get a false sense of security. When you see secure protocol you should never feel full secure. Security is never full and complete, it’s a constant evolution. So you should always update yourself with new technologies and then remember to use your brain before implementing it as a solution.

5>     Installing firewall : I am fully secure

The firewall just a primary security but what about the ports which you have bypassed like when you are using a web server, FTP server or email server. You have opened these ports directly from your firewall. Now there is no protection on these ports except checking the state of the connection and DOS check. Many other attacks like URL redirection, XSS attacks, Buffer overflow attacks which could seriously damage your reputation are ignored. 

No comments:

Post a Comment