The ideal solution would be able to track routine network usage by every employee, identify when and how critical servers are being accessed, harden and segment networks to proactively prevent unauthorized access to confidential information, and prevent attacks from compromising legitimate access to critical information. This new network security solution should perform the following functions to address PCI compliance:
- Assess: The solution should be able to learn the behaviors of networked applications and users and use this model to identify the presence of latent vulnerabilities.
- Monitor: The solution should collect real-time flow information from switches, routers, and packet capture devices on internal networks; it then would be able to evaluate each individual flow and detect deviations from normal network behavior.
- Enforce: The solution must be able to apply network access control and allow network security managers to deploy “virtual perimeters,” a new security technology that allows enterprises to generate and simulate the impact of internal switch or firewall rules.
- Report: The solution should provide details on security events, create policies, and implement procedures for protecting critical assets.
A solution that takes sophisticated network performance technology and applies it to the complex problem of internal network security finally will allow IT managers to control the entire networked landscape – maintaining control on the interior of the network while patrolling the perimeter. By providing visibility into the vulnerable areas of the interior and the normal behavior of its users, this new solution eliminates exposure to internal attack, facilitates the immediate detection of unauthorized data access, and ensures business continuity.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.