MBA (General) - IV Semester, Information Technology and E-Business, Unit 5.1
Internetworked Security Defenses
When a computer connects to a network and begins communicating with others, it is taking a risk. Internet security involves the protection of a computer’s internet account and files from intrusion of an unknown user. Basic security measures involve protection by well selected passwords, change of file permissions and back up of computer’s data.
Internetworked Security Defenses
When a computer connects to a network and
begins communicating with others, it is taking a risk. Internet security
involves the protection of a computer’s internet account and files from
intrusion of an unknown user. Basic security measures involve protection by
well selected passwords, change of file permissions and back up of computer’s
data.
Security concerns are in some ways peripheral
to normal business working, but serve to highlight just how important it is
that business users feel confident when using IT systems. Security will
probably always be high on the IT agenda simply because cyber criminals know
that a successful attack is very profitable. This means they will always strive
to find new ways to circumvent IT security, and users will consequently need to
be continually vigilant. Whenever decisions need to be made about how to
enhance a system, security will need to be held uppermost among its
requirements.
How Does
It Work?
As previously described, it takes a number of
steps to detect and prevent an attack before it can shut down your network.
Here we outline the process at a broad level. Some common questions may be
addressed through the descriptions below.
Monitoring
VeriSign collects traffic flow data from the
customer’s Internet- connected routers. Samples of the customer’s Internet
traffic are incorporated into VeriSign’s correlation engine for threat
detection, alerts, and reporting. The frequency of packet sampling can be
tailored based on customer size, type, and router performance. Packets are
classified and analyzed using advance heuristics to profile normal versus
anomalous traffic patterns.
Threat detection is comprised of two primary
components signature analysis and dynamic profiling.
Signature Analysis
Signature analysis looks for predefined
deviations that are signs of a DDoS attack. VeriSign uses a combination of
industry best practices and proprietary intelligence to identify these
signatures. Since attacks are always evolving, lessons learned from mitigating
them feed into our ongoing research and development to help identify new threat
signatures.
Dynamic Profiling
Because all customers are different and attack
profiles are constantly changing, it is vital that VeriSign understand each
customer’s “normal”
