What are the emerging Technologies Road Map for the year 2019-21..?

With the emerging outbreaks of the pandemic COVID19 the world has come to a standstill. Due to this, there has been a disconnect between cybersecurity executive and their organization’s security analysts.

There was a study done by the research giants Gartner who in consultation with the leaders have come up with the Road Map for the year 2019-21.

If we see the road map and concentrate on Cloud and CyberSecurity technologies:

Security

As we go down the map we realize the four phases “Monitoring”, “In Planning” , In Pilot and “In Deployment” .

We at DocToolss have often talked about Endpoint Detection and Response (EDR) , Virtualized Firewalls. The terms which we will be further talking about in our future blogs would be Statis Application Security Testing (SAST), Threat Intelligence Services, Network Sandboxing, User and Entry Behaviour Analytics, Signature Endpoint Detection or Protection and Database Audit and Protection etc.

If we further drive deep in the Road map curves, we will find out about cloud technology though we haven’t talked about it much in our past blogs but will plan to do it in our future blogs.

Cloud Technology

As we go down the map we realize the four phases “Monitoring”, “In Planning” , In Pilot and “In Deployment” .

The PaaS technology which has been categorized under “In Deployment” phase has already been talked about in our past blogs, you can click here to know more.

Further technologies terms would be explained in our future blogs, or if there is anything which you want us to explain or to drive in, we will always be happy to hear from you.

The inputs for this blogs has been taken from Gartner website, for more information on this, click here.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | WordPress: www.doctoolss.wordpress.com | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/  | Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/

Good practices to be followed for FireWalls to avoid cyberattacks

What are Firewalls?

Firewalls are the network security systems which monitors the incoming and outgoing network traffic as per the pre-determined rules which are being implemented on it.

The well known OEM for firewalls are many but the ones discussed here are Palo Alto, Juniper, Check Point and Cisco ASA.

Password Requirements

  • Set the login attempts to 3?
  • The login attempt from a user should be set to a 3 attempts or minimum so that if incase an unauthorised users tries to break a user account, the attacker attempt could be prolonged and the account could be avoided from any kind of attacks .
  • Set the minimum length of password to be eight or more?
  • The password sets should be bigger in length that too alphanumeric to protect the system from any kind of attacks such as dictionary attacks etc. as minimum length passwords can be easily cracked by an attacker.
  • Set the login time to be 3 minutes or less?
  • The user who logs in to its account should be logged on for a minimum time, if he/she has failed in its first few attempts of login. This will help in keeping the account safe from an unauthorised users.

Authentication Authorization Accounting and Auditing (AAA)

Authentication

It is the process by which users prove that they are who they claim to be which can be judged by username , passwords, token cards etc.

Authorization

As in the users are authenticated the next step i.e. Authorization, where in the users or administrators can determine which resources the users or administrators are allowed to access and do operations to be performed as if an unauthorised users get to access the administrators profile by which they could access those resources which could lead to losses to the organisation.

Accounting and Auditing

After the users are authenticated and authorized then it comes it begins to access the network. The role of accounting and auditing is to see how long does the users or administrators stay accessed to their accounts and what all actions are being performed by them. These are also known as crating the audit trails.

Virtual Private Network (VPN)

VPN is termed as a logical connection between two devices via an encrypted tunnel.
Types of VPN:
  1. Remote Access VPN
  2. Site to Site VPN
    • Intranet based VPN
    • Extranet based VPN
Remote Access VPN : - When a user who connects to a private network and access all its services and resources remotely. example : If an employee of a XYZ company is located in a remote zone and wants to access to use its XYZ company's resources or want to apply for a leave on its company's portal he or she will remotely connect to a VPN which is a secure environment and access the resources.
Site to Site VPN :- It is also known as Router-to-Router which is commonly used in the large companies or organisations. Where in  organisations, with branch offices in different locations, will use Site-to-site VPN to connect the network of one office location to the network at another office location. 
Ex: If a bank named as "Cherry Bank" located in Hudson, New York wants to access the customer's data who has been recently re-located to Cloumbia, New York, will access the data of "Cherry Bank" located in Cloumbia, New Work. 
  • Intranet based VPN: When several offices of the same company are connected using Site-to-Site VPN type, it is called as Intranet based VPN.
  • Extranet based VPN: When companies use Site-to-site VPN type to connect to the office of another company, it is called as Extranet based VPN. Ex : Barclays Bank in London, UK is connecting to ANZ Bank , Auckland, NZ.

For more information on Technologies/best practices

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | WordPress: www.doctoolss.wordpress.com | Website: www.doctoolss.com | Facebook: https://www.facebook.com/DTdoctoolss/

Cyber Crime on a Roll, CyberSecurity still catching up..!!

Cyber Attack

Not a week ago that we don’t hear about a breach or identify theft, there are security devices such as Firewalls, Switches, Routers, NIDS/NIPS, VPN concentrator, SIEM, DLP, NAC, SSL/TLS accelerator, Proxy, Load Balancers, Wireless Access points, bridges , Mail/Media Gateway , Hardware Security Modules which are used to either block the threats or delay it.

Router

Routers are used to connect the networks and operate at Layer 3 of the OSI model. A router stores information about network destinations. A border router is an outside connection of a LAN to an external WAN.

 Router Security

Access Control Lists (ACL): It is used to filter packets by source address, a destination address, protocol, or port.

Zones: Segmenting networks based on functionality or security.

Antispoofing: By creating access lists which can block access to private IP addresses and localhost ranges from the internet.

Switches

It connects devices with a computer network, by using packet switching to receive, process and forward data to the destination. It works on Layer 2/Layer 3 of the OSI model.

Packet-forwarding decisions are based on MAC (Media Access Control) 

Switch Security 

VLANs: Segment networks and limit broadcast traffic.

Port Security – Enable/Disable, individual switches ports based on MAC address.

  • It Provides Loop prevention
  • It ProvidesFlood Guard

Proxy

It is a boundary device between internal and external networks 

It’s a device that acts on behalf of others and provides security, logging, and caching

  • Proxy Server – Blocks known malicious websites
  • Forward Proxy – Retrieves data on behalf of a client
  • Reverse Proxy – Protects access to a server on the internal network 
  • Transparent Proxy/inline/forged proxy/aka intercepting – A caching server that redirects client’s requests without modifying them to reduce bandwidth usage. 

FireWalls

What are FireWallSs?

These are the Network security system which monitors the incoming and outgoing network traffic based on predetermined security rules. 

For more information on Technologies/best practices.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | WordPress: www.doctoolss.wordpress.com | Website: www.doctoolss.com | Facebook: https://www.facebook.com/DTdoctoolss/

Website Built with WordPress.com.

Up ↑

Create your website with WordPress.com
Get started