Wednesday 2 May 2012

Top 6 Best Practices for Network Vulnerability Management

We all know the importance of having a secure network and we also know that most of the time this is easier said than done. The difficulty in achieving this target stems from the wide variety of issues we need to monitor and fix. This is where a good vulnerability scanner can help. The right tool for the job is only half the job, one also needs to use the tool effectively and this applies to a vulnerability scanner as well. Here are six best practices that can help ensure maximum efficiency when it comes to network vulnerability management:
  1. Ensure a secure baseline: Most vulnerability scanners will notify the administrator when things change but this is only effective if you're sure that what you have now is properly configured and secure.
  2. Ensure good test environments: Fixing vulnerabilities involves changing your network and without proper testing the fixing process itself can cause the downtime you’re trying to avoid. Use your vulnerability scanner to map your network and determine what software and hardware your test environment should have. The closer your test environment is to the live network the better testing you can do.
  3. Ensure your vulnerability scanner is monitoring your network periodically: Most vulnerability scanners will allow you to configure them to automatically scan your network for issues on a schedule. This is a good idea as doing this manually involves risks such as skipping the process in favour of other urgent tasks.
  4. Prioritize your patch management: Patch management is a challenging process. The longer you take to complete it the higher the risk that someone might exploit an un-patched vulnerability. The ideal patch management scenario involves extensive testing but that will take time. For this reason you should prioritize – your servers take precedence over workstations. Furthermore, patches themselves need to also be prioritized based on their criticality. That way you can plan out your testing schedule to achieve the best testing and the fastest deployment possible.
  5. Be mindful of the hardware on your network: Generally when we think of network vulnerability management most people would not consider hardware and peripherals. An employee hooking up a wireless network card can be as insidious if not worse than any un-patched vulnerability. For this reason it is essential to ensure your vulnerability scanner is constantly monitoring the hardware that is added or removed to your network.
  6. Do proper Change management: Networks tend to change often, be it because new software is installed, configurations change or new machines connected to the network. These can all pose a security risk.
A good vulnerability scanner can be invaluable at notifying the administrator the moment such a change is detected enabling them to take prompt action. A good vulnerability scanner can reduce a lot of risk so long as it is used effectively. These six best practices will help you improve the security health of your systems and network.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging need. Learn more on what to look out for when choosing a vulnerability scanner. All product and company names herein may be trademarks of their respective owners.

No comments:

Post a Comment