In your own words, answer this unit’s discussion questions in a main post (recommended minimum 300 words), and respond to at least 2 peers’ postings (recommended minimum 75 words).
There are many network devices and software programs that an organization can use to protect its network. Select a device or software that is currently used successfully. Describe the device or software, and explain how the typical organization uses the device to mitigate threats to the network. Explain why this would be your first choice if you could only afford one. Choose the posting of another student and respond by asking questions and agreeing or disagreeing with the other student’s choice. State your reasons for any disagreement.
During much of my research I have run across the term Intrusion Prevention and Detection systems which covers a broad spectrum of both hardware and software components. One of these types of components is the Juniper IDP 10, 100, 500, and 1000 which is hardware based. The great thing about this hardware is it is compatible with different operating systems where some are only compatible with Windows and it has clear upgrade paths but currently it costs around $20,000 US (Tett, 2044). When first deploying the Juniper the perimeter of the network needs to be defined and the points where the IDP machine, or “sensors”, needs to be decided (Tett, 2044). Once that has been done each sensor will report back to a management server which will collect all logs, and maintains and stores all the policies and access information which the security team can remotely access the server to check the logs, run reports, and manage the configurations of the sensors (Tett, 2044).The Juniper provides a great scalable solution for organizations with a large distributed network that may need different speeds or classes in different locations, and it reduces administrative overhead by having a centralized management and administration console (Tett, 2044).
Coordinated Threat Control is an important feature available on the Juniper IDP that can effectively identify, stop, and remediate users who pose network or application-layer threats while detecting security events and blocking threats all done in real time (“Coordinated Threat Control”, 2010). The three benefits to using the available Coordinated Threat Control feature is it provides comprehensive threat prevention and detection utilizing leading technology that can detect and block most network worms based on software vulnerabilities, it provides correlated threat information that can identify the source of the attack and provide administrators with complete visibility into the security event, and finally it provides a coordinated threat response that blocks the threat before reaching the intended target which is the main purpose of any security device being used (“Coordinated Threat Control”, 2010). This is a great tool that can be used in any mid to large organization but might be too costly and robust for smaller organizations so it all depends on the needs and even scale of the network to determine what network security devices should be used.
Tett, M. (2004, Aug 20). Detection and Prevention: 6 Intrusion Detection Systems Tested. ZDNet. Retrieved from https://www.zdnet.com/article/detection-and-prevention-6-intrusion-detection-systems-tested/
“Coordinated Threat Control”. (2010). Juniper Networks. Retrieved from https://www.ndm.net/ips/pdf/junipernetworks/Juniper%20Application%20Notes%20Coordinated%20Threat%20Control.pdf
Think about alert software. In the Air Force, we used Fluke network devices to assist us with processes and finding network packets or potential threats. There was also SolarWinds and Wireshark. Think about a few of these and make some comments. i’m looking forward to it.