Tips for Securely Implementing Evasion Prevention

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
Next Tips for Securely Implementing Evasion Prevention-7 Next

Defeating AETs involves utilizing a data stream-based approach with layered protocol analysis. All data traffic must be recorded and analyzed with the utmost precision. Doing this requires multiple parallel and sequential state machines through which the data stream is fed and all data traffic is analyzed by default.

The lower protocol layers must be examined, with the security device only passing slightly modified or non-modified TCP segments and IP fragments. Those that contain overlapping data or conflicting data are not passed through, resulting in an effective normalization. This process ensures network traffic passing through the IPS is interpreted and the data stream reconstructed for inspection and analysis in the upper layers. Secondly, it is essential the TCP layer is inspected as a reassembled data stream, rather than in segments. Assembling the data transmitted in a TCP connection into a data stream provides detection of attacks in the stream that individual segment inspection may miss if the attack stretches across TCP segment boundaries. Finally, the higher protocol layer inspection must have the capability to inspect certain protocol elements in greater detail. This can be done by inspecting those elements as separate data streams and then normalizing them as per the protocol.

One of the most worrisome and potentially crippling threats to next-generation infrastructures is Advanced Evasion Techniques (AETs), which are being used more and more by cyber criminals because AETs leave no trace to current management and monitoring systems, logs or reports – leaving the devices blind and creating an illusion of continued security. Since their discovery, many companies have not taken the proper security measures to effectively thwart AETs. Still, the threat posed by AETs is real and there are steps that must be taken to protect your environment. This slideshow features nine tips, provided by Stonesoft, to help you secure against AETs.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.