From the course: Cisco Network Security: Intrusion Detection and Prevention
Managing the threat landscape - Cisco Routers Tutorial
From the course: Cisco Network Security: Intrusion Detection and Prevention
Managing the threat landscape
- [Instructor] Today companies are faced with numerous challenges to protect the infrastructure. Network environments are complex and can include bring your own device, cloud computing, social media, the Internet of Things, and the new technology that is added to the mix daily. Coupled with the challenges, cyber threats are becoming more aggressive, complex, and sophisticated. Attackers range from the disgruntled employees to crime rings and nation states. The attacks are highly organized by skilled and motivated players and have resulted in massive amounts of sensitive data, such as credit cards, medical data, intellectual property, passwords, and state secrets being exposed. I'm here at this website, Information is Beautiful, where we can see the world's biggest data breaches. Down below here, you can see all the organizations that have been affected, and then down below, the methods of leak, which can include accidentally published, hacked, an inside job, lost or stolen device or media, or simply poor security. Once you click on one of the bubbles, you can see that there's information, and you can read a little bit more about the data breach. No single application can effectively manage the many threats. As a result, the network administrator uses a layered approach to protect a computer system or network from attack. The concept of defense in depth encompasses an overall approach to organizational security. And there are a variety of methods available to secure an organization, and those include firewalls, antivirus, packet shapers, and spam filters. However, some threats can slip past all the defense methods, possibly by an end user falling victim to a social engineering attack and clicking on a link, releasing malware that ends up in the network. A network most be able to instantly recognize threats. Intrusion detection and intrusion prevention systems provide a proactive approach to monitor the network and take action against possible threats such as questionable processes, login attempts at odd hours, and other indicators of unusual and suspicious behavior on a network. The threat landscape continues to be a challenge. By using intrusion detection/intrusion prevention systems, the network administrator can provide countermeasures to detect and mitigate many common attacks.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.