
	Home > Ask the Security Experts > Network Security Questions & Answers > What are the top LAN security issues in a client-server network environment?

Ask The Security Expert: Questions & Answers

EMAIL THIS

What are the top LAN security issues in a client-server network environment?

EXPERT RESPONSE FROM: Mike Chapple

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 15 June 2008
When it comes to a client/server network environment, what are the top LAN security issues?

EXPERT RESPONSE
Thank you for the opportunity to get on a soapbox and preach about what I perceive to be the biggest threats to network security. Let's take a look at my top four issues:

Failure to properly configure firewalls. Firewalls are a staple of the network security diet. In a good network design, an enterprise should protect its systems with both network and host firewalls. However, all too often those firewalls are not properly configured and may even be disabled for "temporary" testing that never seems to be finished. Failing to properly configure firewalls creates a foothold for the exploitation of other vulnerabilities.

Failure to authenticate network users. Are you really sure who is on your network? It's a good idea to use some form of authentication technology, such as 802.1x, to ensure that devices connecting to your network are associated with an authorized user.

Use of weak (or no) wireless encryption. Believe it or not, many enterprises still use WEP encryption to "protect" their networks. As I mentioned in an earlier article, WEP encryption is fundamentally flawed and should never be relied upon to secure a wireless network. Use WPA encryption instead.

Failure to patch. Everyone knows that it's important to apply vendor security patches to systems and applications. But not everyone does. In fact, a recent study showed that many Oracle administrators have never applied patches to their systems. This is a bad idea, as hackers keep a close eye on security bulletins, looking for exploitable flaws.

More information:

Contributor David Davis walks you through PIX firewall configuration from scratch.

Ed Skoudis explains how to develop a patch management policy for third-party applications.

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Network Security
	What OSI Layer 4 protocol does FTP use to guarantee data delivery?
	What firewall controls should be placed on the virtual private network (VPN)?
	How to obtain a digital certificate for a server
	What kinds of security defenses can prevent the hijacking of a city's fiber network?
	What are 'phlashing' attacks?
	Do strong passwords make it safer to conduct banking on an open connection?
	What firewall features will best protect a LAN from Internet hack attacks and malware?
	How to become an information security expert
	What are the differences between intrusion detection and intrusion prevention?
	Will there be DMZ routing issues if several firewalls serve as the default gateway?

Network Firewalls

Do strong passwords make it safer to conduct banking on an open connection?

What firewall features will best protect a LAN from Internet hack attacks and malware?

Firewall management tools aid configuration, compliance

Web app attacks grow, but developers may fight back

Will there be DMZ routing issues if several firewalls serve as the default gateway?

Should tunnel connections be initiated from an ISP to a internal data center, or vice versa?

Cisco warns of security appliance flaws

Kaminsky: DNS issue still major threat

Product Review: Sophos Endpoint Security and Control 8.0

PCI DSS 1.2 clarifies wireless, antivirus use

Network Access Control Basics

How to secure desktops as suites expand, network perimeters shrink

Network access control poised for a comeback by aiming small

What's the difference between access control mechanisms and identity management techniques?

McAfee adds NAC module, appliance for unified policy enforcement

Learn how to choose NAC services

Exploring Microsoft's Network Access Protection policy options

Companies Finding a Place for Maturing NAC Projects

Sophos finds patching issues through endpoint NAC tool

Forrester: NAC ready for wider deployments

Which is a more secure data access technology: SPAN or TAP?

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

bastion host (SearchSecurity.com)

firewall (SearchSecurity.com)

Firewall Builder (SearchSecurity.com)

personal firewall (SearchSecurity.com)

screened subnet (SearchSecurity.com)

virus (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business
Targeted Security Channel Tips for Resellers, Integrators and Consultants

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy