- Chinese Internet censorship: An inside look
- Desktops of the future here today
- What network CEOs really make
- DoD sold counterfeit network gear
- Sci-Fi's goofiest gadgets and technology
Rss FeedRss Feed
Crackin' the Kraken bot. Listen now!
Wireless dangers at airports. Listen now!
The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry regulations imposed by the major credit card companies to ensure the safety, security, and integrity of cardholder data. Any business that processes, stores, and transmits cardholder account data must comply with this complex new standard, and must be able to demonstrate that compliance through automated and manual audits of their systems. This white paper looks at the key challenges and requirements of PCI DSS as it relates to Microsoft Windows and Active Directory, and shows you how a third-party software solution can help with PCI compliance.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
There are many compelling reasons for virtualizing Windows and Linux applications. Virtualization improves server utilization by allowing you to run multiple workloads on a single physical server. It reduces the number of physical servers you have to maintain, while allowing you to use less physical space and power while still improving scalability. All of these capabilities translate directly into lower costs, less complexity, and greater flexibility in your mixed IT environment. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
Enterasys Sentinel is now known as Enterasys NAC - see http://www.enterasys.com/products/advanced-security-apps/enterasys-network-access.aspx...- Anonymous
To secure the network at Argonne National Laboratory, Scott Pinkerton, network services manager for the lab, uses a mix of NetFlow traffic analysis and customized device scripting to tie together different Cisco-based security products, such as firewalls, VPN gear and intrusion detection/prevention system (IDS/IPS) hardware.
"We're data mining NetFlow very aggressively for what we think are zero-day attack traffic patterns," Pinkerton says, who manages a network of 2,600 users, about half of which are scientists at the lab's DuPage County, Ill. facility, operated by the University of Chicago.
NetFlow is a Cisco technology for storing traffic flow histories on routers and switches. Pulling NetFlow data and analyzing the flows with tools from Cisco and third party vendors can reveal network trends such as bandwidth utilization, protocol usage and end-user traffic patterns.
The network staff at Argonne pulls NetFlow data from all of its edge and core switches and routers every 60 seconds. Data pulled from the devices is centralized on a single server then and analyzed for unusual, or outright illegal, behavior.
"We can see how often machines on our network talk to other machines outside the network," and vie versa, Pinkerton says. For instance, he says, "desktops are not normally sending e-mails to 1,000 different IP addresses across the Internet."
When strange traffic behavior is detected in the NetFlow data, firewalls are reconfigured to limit or block such traffic. Pinkerton says firewall configurations are re-read, or tweaked, every hour to keep the perimeter devices up to date on the latest activity going on inside and outside the network.
Argonne National Labs is not an island; it peers with over a dozen other Department of Energy national laboratories, such as Lawrence Livermore in Berkeley, Calif., Sandia in New Mexico and the Stanford Particle Accelerator. With many of these labs interconnected with university networks, security is a larger issue for the entire group.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
