-
Snort Tutorial: How to use Snort intrusion detection resources
In this Snort Tutorial, you will receive advice from the experts on Snort rules, installation best practices and unified output. You will learn how to use Snort, how to test Snort and how to upgrade to different versions of the intrusion detection to... Learning Guide
-
Managed network security services learning guide
The management of network security services is a unique offering for a security solution provider. In this guide, we review all the steps that will help you assess and maintain the security of your customers' networks. Learning Guide
-
Host-based IDS/IPS Partner Program Directory
Use our Partner Program Directory to choose a host-based IDS/IPS vendor partner. Whether you are looking for a new partner program or want to see what your competition's partner programs are like, our easy-to-read checklists will help you weigh the b... Partner Program Directory
-
IP traceback via probabilistic marking
This section of our chapter excerpt on network algorithms teaches how to defend a client's network against IP traceback issues by understanding denial-of-service attacks and probabilistic marking. Chapter Download
-
IP traceback via logging
This section of our chapter excerpt on network algorithms teaches how to respond to the issue of IP traceback by using efficidnt packet logging and Bloom filters. Chapter Download
-
Detecting worms
This section of our chapter excerpt on network algorithms teaches how to detect worms using Code Red and Smaller technologies and how each can present slow response and constant effort. Chapter Download
-
Approximate string matching
This section of our chapter excerpt on network algorithms suggests that approximate string matching could be implemented at wire speeds by using minwise hashing and random projection theories. Chapter Download
-
Searching for multiple strings in packet payloads
This section of our chapter excerpt on network algorithms explains how to use the Aho-Corasick algorithm for searching for multiple strings in one pass and the the classical approach of the Boyer-Moore algorithm. Chapter Download
-
Performing local installation
This section of the chapter excerpt delves deeper into the steps to undertake when performing local installations. Chapter Excerpt
-
Downloading OSSEC HIDS
This section of the chapter excerpt reviews and provides step-by-step approaches downloading OSSEC HIDS. Chapter Excerpt
- See More: Essential Knowledge on Network intrusion detection and prevention defenses
-
ArcSight SIEM integration brings opportunities for ForeScout partners
ForeScout’s NAC product may now be integrated into ArcSight’s SIEM platform. This could open doors for ForeScout partners into ArcSight accounts. News | 16 Sep 2011
-
NitroSecurity partners to get new Nitro SIEM incentives
In an effort to boost Nitro SIEM sales, NitroSecurity software partners get increased margins for new deals and free certification-focused training. News | 25 Jul 2011
-
SIEM services help customers with security monitoring
Solution providers can help customers meet security monitoring, reporting and audit requirements by offering services built around security information and event management (SIEM) tools. Article | 20 Oct 2009
-
Implementing IDS/IPS technologies: Managing politics and accountability
Find out how one security solution provider handled implementing IDS/IPS technologies in a customer business. Ken Harthun explains how to accommodate the IDS/IPS needs of a customer while overcoming end-user reluctance. Article | 30 Jun 2009
-
Juniper launches mid-level security appliances
Juniper's SRX 3000 appliances are positioned for data center consolidation. The vendor also released new versions of Unified Access Control and SSL VPN products. Article | 09 Mar 2009
-
Trend Micro warns of substantial Trojan attack
A Trojan attack discovered by Tokyo-based antivirus firm Trend Micro is wreaking havoc in Italy. Attackers are planting a keylogger on victims' machines to steal passwords. News | 19 Jun 2007
-
Identity-based security tools give customers control of users, not just ports
The need to quickly identify and respond to threats has driven the development of tools that can define not just whether a resource can be used, but how it is used, and by whom. Article | 25 Apr 2007
-
Biometric authentication methods: Comparing smartphone biometrics
Biometric authentication helps ensure only authorized smartphone users can access a network. David Jacobs weighs the pros and cons of three methods. Tip
-
Deploy network forensics tools and services for incident response
For incident response, solution providers may resell forensics tools or offer forensics as a managed service. Lisa Phifer compares the options. Tip
-
How to do penetration testing: Overcoming problems and concerns
A lot can go wrong with pen testing. Dave Shackleford discusses potential problems and how to fix them, or avoid them altogether. Tip
-
Book chapter: IT security risk assessment and program management
Read this excerpt from the book Security Risk Management by Evan Wheeler to learn how to build a solid risk management program for your clients. Tip
-
Practicing defense-in-depth: Implementing a defense-in-depth strategy
Implementing a defense-in-depth strategy can protect your customers’ Web applications from attack. Take a layered approach with intrusion prevention, encryption and code review. Tip
-
PCI guide: PCI DSS documentation, resources for solution providers
Beyond basic PCI DSS assessments and reporting, solution providers may need to access PCI DSS documents for emerging technologies and other standards, as detailed in this guide. Tip
-
Security product specialization key for Oracle VAR success
Considering adding an Oracle security product to your line card? This article will guide your choice based on your current skill set. Tip
-
Round-up of pen testing tools for penetration testing services
Pen testing tools can be used to detect network and application vulnerabilities. Dave Shackleford lists specific tools for each category of penetration testing. Tip
-
Selling SIEM: Security information event management for solution providers
Customers usually lack the knowhow to implement and manage a SIEM product on their own, which creates an opportunity for VARs and solution providers. Ben Rothke explains how to make SIEM products work for customers. Tip
-
Implementing network access control products: How to prep your clients
There's a reason why NAC projects are so often abandoned. Your clients are not making the right preparations before they launch network access control products. Tip
- See More: Tips on Network intrusion detection and prevention defenses
-
Is open source security software best for my clients?
Learn when it is best to recommend open source security software to your clients as opposed to proprietary security software. Ask the Expert
-
Understanding smurf attacks
A smurf attack can slow down a network to the point of shutting it down completely. Learn how to understand a full-scale smurf attack and how to prevent it. Ask the Expert
-
Podcast: IT security challenges and endpoint security vendor selection
In this podcast, the CTO of PC-Plus Technologies discusses the company’s biggest security problem, the vendors it supports and why, and its use of events to generate business. Podcast
-
Must-haves for wireless network security: WLAN switches, intrusion detection and more
Joel Snyder of Opus One reviews the WLAN switch technology and explains why intrusion detection systems and firewalls need to also be carefully added to a "defense in depth" network configuration. Video
-
Biometric authentication methods: Comparing smartphone biometrics
Biometric authentication helps ensure only authorized smartphone users can access a network. David Jacobs weighs the pros and cons of three methods. Tip
-
Deploy network forensics tools and services for incident response
For incident response, solution providers may resell forensics tools or offer forensics as a managed service. Lisa Phifer compares the options. Tip
-
ArcSight SIEM integration brings opportunities for ForeScout partners
ForeScout’s NAC product may now be integrated into ArcSight’s SIEM platform. This could open doors for ForeScout partners into ArcSight accounts. News
-
How to do penetration testing: Overcoming problems and concerns
A lot can go wrong with pen testing. Dave Shackleford discusses potential problems and how to fix them, or avoid them altogether. Tip
-
NitroSecurity partners to get new Nitro SIEM incentives
In an effort to boost Nitro SIEM sales, NitroSecurity software partners get increased margins for new deals and free certification-focused training. News
-
Book chapter: IT security risk assessment and program management
Read this excerpt from the book Security Risk Management by Evan Wheeler to learn how to build a solid risk management program for your clients. Tip
-
Practicing defense-in-depth: Implementing a defense-in-depth strategy
Implementing a defense-in-depth strategy can protect your customers’ Web applications from attack. Take a layered approach with intrusion prevention, encryption and code review. Tip
-
PCI guide: PCI DSS documentation, resources for solution providers
Beyond basic PCI DSS assessments and reporting, solution providers may need to access PCI DSS documents for emerging technologies and other standards, as detailed in this guide. Tip
-
Security product specialization key for Oracle VAR success
Considering adding an Oracle security product to your line card? This article will guide your choice based on your current skill set. Tip
-
Round-up of pen testing tools for penetration testing services
Pen testing tools can be used to detect network and application vulnerabilities. Dave Shackleford lists specific tools for each category of penetration testing. Tip
- See More: All on Network intrusion detection and prevention defenses
About Network intrusion detection and prevention defenses
Read network intrusion detection and prevention news, tips and advice for security service providers, consultants and value-added resellers (VARs) helping customers choose, install and implement network intrusion detection system (IDS) and network intrusion prevention system (IPS) solutions. You'll find how-tos and best practices on protecting customer networks from intrusions and selling IDS products and services (such as Snort), including help with network intrusion management, preventing Denial of Service (DoS) attacks, monitoring network traffic and network forensics, network behavior anomaly detection (NBAD), network scanning and security event management.