As good as it gets
Scores of articles are written about Network Security about setting a strong password to installing the latest anti spy ware software. There is no dearth of tips for the Networked user. Yet, one fact that remains unchanged is that no matter how good or how new the anti spy software is, there is always a more devious person out there who will find a way of hacking in.
Besides the password, if there is a time-tested method of ensuring a high level of security, it is by setting up multiple lines of defense. Traditionally on a battlefield, there were foot soldiers, followed by horseback riders followed by heavy artillery at back. If this approach towards waging war has not changed much over the years why should we not to adopt from it? The variety in the lines of defense is what makes it difficult for the attacker to make inroads.
With network security too, we need to rely on different products from variety of reputed vendors. A hacker with a knack for breaking through certain types of defense techniques of a particular vendor will render that type of defense useless. Ideally a firewall, an IDS (intrusion detection system) and anti-virus software in that very order should be in place with the firewall being the outermost layer. Working in concert, these three devices or applications can help to keep out unwanted traffic, notify you when unauthorized access does occur and protect your computer from known Trojans, worms and viruses.
Firewalls may reside on the same computer or on another computer. The IDS on the other hand should monitor traffic on the network and once it recognizes an intrusion, it can either stop data transmission or counter the attack or inform the administrator. The last layer would be the antivirus software that should be able to pick up any malicious code that gets past the first two layers.
Prevent is all that we can do and that is as good as it gets. After all, if the attacking army is stronger, it’s a matter of time before you lose but at least you can put up a fight.
Besides the password, if there is a time-tested method of ensuring a high level of security, it is by setting up multiple lines of defense. Traditionally on a battlefield, there were foot soldiers, followed by horseback riders followed by heavy artillery at back. If this approach towards waging war has not changed much over the years why should we not to adopt from it? The variety in the lines of defense is what makes it difficult for the attacker to make inroads.
With network security too, we need to rely on different products from variety of reputed vendors. A hacker with a knack for breaking through certain types of defense techniques of a particular vendor will render that type of defense useless. Ideally a firewall, an IDS (intrusion detection system) and anti-virus software in that very order should be in place with the firewall being the outermost layer. Working in concert, these three devices or applications can help to keep out unwanted traffic, notify you when unauthorized access does occur and protect your computer from known Trojans, worms and viruses.
Firewalls may reside on the same computer or on another computer. The IDS on the other hand should monitor traffic on the network and once it recognizes an intrusion, it can either stop data transmission or counter the attack or inform the administrator. The last layer would be the antivirus software that should be able to pick up any malicious code that gets past the first two layers.
Prevent is all that we can do and that is as good as it gets. After all, if the attacking army is stronger, it’s a matter of time before you lose but at least you can put up a fight.
posted by Ramesh @ 7:14 PM
0 comments
0 Comments:
Post a Comment
<< Home