don’t sit on a 2 leg stool
TRANSCRIPT
Secure your Endpoints Use a Firewall
ContinuouslyMonitor the
Network
Don’t Sit on a 2 leg Stool!Because you will eventually fall and get hurt
Don’t Sit on a 2 leg Stool!Why You Need “Continuous Network Monitoring”
Netwatcher.com
Why Do Continuous Monitoring?• Fortune 5000 companies have been doing advanced cyber
security for over 15 years and using all levels of the cyber security maturity stool.
• Why? Because a layered approach is the only way to cover your bases and reduce your risk of compromise
• Why? Industry compliance standards (HIPAA, GLBA, FINRA, PCI-DSS etc.) compliance all require network monitoring
• Why? Most companies are exploited because a user lets a bad actor into the network & not a bad actor breaking in on their own.
• Why? Because the median number of days that attackers were present on a victim’s network before being discovered is 146 days (more).
Secure Your Endpoints (laptop, phone etc.)Endpoint protection consists of security solutions that address endpoint security issues, securing and protecting endpoints against zero-day exploits, attacks, and inadvertent data leakage resulting from human error.
• Signature Based Anti Virus – Monitors memory, images & binaries for known malware signatures.
• Endpoint Firewall – Monitors what TCP/IP ports the user of endpoint can use to communicate.
• Virtual Private Network - Enables users to send and receive data across the Internet as if their endpoint were directly connected to the private network.
• Web content filtering – Monitors what HTTP(S) sites user visits for malware and other nefarious activity (pornography etc.)
• Host intrusion protection – Monitors important operating system activities to ensure protection against malware intrusion.
• Behavior analysis – Monitors the behavior of all processes for potential harmful action.
Keep the bad actor from being ableTo take control of your assets…
What happens if you don’t have endpoint security: Every time a user goes to a website, opens an email or download a file your company is at risk of being owned!
Use a FirewallA network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted, secure internal network and the Internet, that is assumed not to be trusted (secure).
• If you are using an internet provider’s router it does Network Address Translation (NAT) converting an external IP address range to an internal IP address range – this provides a certain level of traffic filtering.• Layer 3 Firewall - A packet filter which looks at network addresses, ports and
services of the packet and determines if the packet should be allowed or blocked. (example: block all inbound traffic from Iran; block a list of known bad IP addresses; block all inbound HTTPS/443 traffic but allow outbound HTTPS/443 traffic)• Layer 7 Firewall (or application firewall, or Next Generation Firewall or Intrusion
Protection or Unified Threat Management or Web Application Firewall) – A packet filter which looks at the content of an application and determines if the packet should be allowed or blocked. (example: block all pornography)
Keep the bad actor from being ableTo get into the network…
What happens if you don’t have a firewall: Then your endpoint(s) is/are exposed directly to the internet. Any services running on the endpoint will be accessible for attempted compromise and reconnaissance.
Continuously Monitor the Network
• Log Monitoring (SEM) - Provide real-time analysis of security alerts generated by network hardware and applications.• Intrusion Detection (IDS) – Monitors network via Deep Packet Inspection for
malicious activity or policy violations.• Net Flow Analysis – Monitor the analytics of a networks traffic• Active Scanning – Assess computers, networks & applications for weaknesses.• Advanced Correlation – 1. Monitor events from the SEM, IDS, Net Flow and
Scanning over time for poor security hygiene, security vulnerabilities and exploits 2. Classify severity of the issue 3. Alert others via a workflow based on the severity of the issue.
What happens if you don’t do continuous monitoring: You may miss attacks on other IOT devices (smart TVs on board room walls, printers, smart phones). You may miss root-kits that have compromised assets. You may miss poor behavior by the staff using vulnerable/risky software or going to nefarious websites or sending data over the internet in clear text all of which will lead to your company being breached.
Monitor the network in case someone lets a bad actor through the firewall by un-intentionally creating a security vulnerability … Monitor if an Endpoint gets exploited…
If all you have is this…
NetWatcher can do the rest
Easy to use, Easy to install, Accurate, Affordable, Enterprise Security… Starting as low as $299/month…