Home > Peak Performance > One Step Ahead of the Bad Guys, part two

One Step Ahead of the Bad Guys, part two

Continuing from part one: During the attack, you hope that your guards and systems perform the way you expect: blocking, inhibiting, controlling, repelling.

  • Intrusion detection or intrusion prevention systems are effective. Sensors at the perimeter, guards and dogs patrolling the campus, access control systems all deliver valuable information to the security command center. But good policies. secure locks, and properly configured firewalls on the network are the foundations of a secure site.
  • Sniff around for malicious activity. With very well-tuned network intrusion detection from Symantec, IBM, McAfee, Cisco and others, or complementary tools such as Sourcefire’s RNA, an organization can find many more bad things on the network than it could without. In the physical domain, complement your guards and locks with video analytics from ioimage, Object Video, Cernium, Mate or others.
  • Physical security devices fit in, too. Event logs from physical security devices like IP cameras, card readers, and proximity detectors can show interesting information about malicious or anomalous human behavior, especially if correlated with logical event data. Look to Orsus, SentryPort, and Vidsys to process a wide variety of PSIM data.

In short, have all systems tuned to aggregate, normalize, corrleate and report on the status of all sensors and systems.  That way, the security team has an up-to-the-minute view of the source and impact of attacks as they are happening.

We’ll clean up after the attack tomorrow…

Advertisements
Categories: Peak Performance
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: