How protect my network ?

Marc_Potter
Comes here often

How protect my network ?

What's new in the domain of network security?

I want the newest tools (hardware, software, machine learning, artificial intelligence , cryptography) to protect my network and data from attacks or access my data (stealing,damage...) .

Are there new ideas?

I have a company and I have sensitive and critical data . How do I protect them?

2 REPLIES 2
BrechtSchamp
Kind of a big deal

A few keywords to get you started. I'm basing this on the assumption that you have a full-stack Meraki.

 

The classics:

  • Segmentation aka splitting up your network in VLANs
  • 802.1X to limit who's allowed onto your network wired and wireless
  • Firewalling of course, ideally with IDS/IPS, AMP malware protection (incl Thread Grid integration) and content filtering. The cloud-based intelligence features are mainly found here. This can be done on a global level, on a per-VLAN level or a per-user level. With or without a link to an external RADIUS server (e.g. Cisco ISE).
  • WIPS (wireless intrusion prevention) aka Air Marshal
  • Set a password for your local status pages
  • 2 factor authentication for your admins possibly using Cisco's newly acquired Duo
  • Systems Manager to keep your endpoints in check (this could be a whole topic on its own)
  • Perhaps also look into high-availability features to improve resiliency (redundant power supplies, stacking, warm-spare, vrrp, etc, dynamic routing protocols)
  • Physical security with the MV camera's

The new stuff, check out the security webinar https://meraki.cisco.com/securitymadesimple/en or the Meraki Unboxed podcast, episode 13, for more info:

image.png

 

In addition to the things you can do in Meraki:

  • Antivirus
  • SIEM (security information and event management) to basically centralize log-data from various devices find and correlate events and provide insights.?
  • CASB to protect you and your sensitive data if you're using cloud applications
  • Endpoint encryption
  • DDoS protection
  • Reverse Proxy

I personally don't know too much about the storage world. I'm sure there's things to do there too.

Nash
Kind of a big deal

What's new in the domain of network security, for most networks, is reviewing your implementation of the basics. If they aren't there, then figure out what you can do within your network and do that.

 

The latest and greatest gadget and whizzbang software will not save you if you don't close the front door.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels