Tips for Securely Implementing Evasion Prevention

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
Next Tips for Securely Implementing Evasion Prevention-4 Next

Traffic handling, inspection and detection are three main weak points in a network. Traffic handling for many IPS devices is done with a throughput orientation, which does not allow for full normalization. Data traffic should be normalized 100 percent on every protocol layer before payload inspection is executed. This is not the case for many devices, which are instead designed to optimize the inline throughput performance. Furthermore, the devices are often optimized in a clean, or simulated, network that is never targeted with a complex attack. Instead of performing full normalization, many devices implement shortcuts and therefore only perform partial normalization and inspection. As a result, shortcut exploitation by evasions becomes a strong possibility. Rather than inspect only segments or pseudo-packets, proper security devices must inspect a constant data stream.

One of the most worrisome and potentially crippling threats to next-generation infrastructures is Advanced Evasion Techniques (AETs), which are being used more and more by cyber criminals because AETs leave no trace to current management and monitoring systems, logs or reports – leaving the devices blind and creating an illusion of continued security. Since their discovery, many companies have not taken the proper security measures to effectively thwart AETs. Still, the threat posed by AETs is real and there are steps that must be taken to protect your environment. This slideshow features nine tips, provided by Stonesoft, to help you secure against AETs.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Security119-190x128 8 Tips for Ensuring Employee Security Compliance

IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.