Directory
Content Protection
Content Protection
Content Protection is a critical part of protecting computers and networks in today's world. Unwanted or undesirable content, the risk of unauthorized devices on your networks, and stolen data all combine to eat away at the resources available for your business.
Content Protection is a critical part of protecting computers and networks in today's world. Unwanted or undesirable content, the risk of unauthorized devices on your networks, and stolen data all combine to eat away at the resources available for your business.
This section includes Content Filters, Network Access Control, Endpoint Security, and Full Disk Encryption.
Also look at the Unified Threat Management (UTM) appliance page for network appliances that combine these functions with the traditional firewall/VPN appliance.
Also look at the Unified Threat Management (UTM) appliance page for network appliances that combine these functions with the traditional firewall/VPN appliance.
Content Filters
Content filters do just what the name implies, filter content. They can be for a single pc, or a network. They are software and/or appliances. They can act just on web browsing, or all traffic. They filter based on file type, banner ads, URL, page content, images, executables, white lists, black lists, categories, p2p, chat. They can log and record for monitoring and reporting purposes. Most that filter based on URL come with a URL database and update services.
Content filters do just what the name implies, filter content. They can be for a single pc, or a network. They are software and/or appliances. They can act just on web browsing, or all traffic. They filter based on file type, banner ads, URL, page content, images, executables, white lists, black lists, categories, p2p, chat. They can log and record for monitoring and reporting purposes. Most that filter based on URL come with a URL database and update services.
Endpoint Security
Endpoint Security includes applications to control the use of portable storage devices on the computer, encryption of the data on those devices, and improvements in the devices themselves to secure the information on them.
Endpoint Security includes applications to control the use of portable storage devices on the computer, encryption of the data on those devices, and improvements in the devices themselves to secure the information on them.
Network Access Control
Network Access Control (NAC) products (also referred to as Network Admission Control, Network Access Protection (NAP), or Network Quarantine) protect networks by authenticating and authorizing users and computers prior to granting access to the network. The implementation by each product varies widely, using solutions such as DHCP servers, VPNs, or switch hardware. Some solutions require endpoint software be installed on each client.
Network Access Control (NAC) products (also referred to as Network Admission Control, Network Access Protection (NAP), or Network Quarantine) protect networks by authenticating and authorizing users and computers prior to granting access to the network. The implementation by each product varies widely, using solutions such as DHCP servers, VPNs, or switch hardware. Some solutions require endpoint software be installed on each client.
Full Disk Encryption
As the use of mobile computing increases for business and governments, so does the risk of sensitive information falling into "the wrong hands." Many businesses and governments now mandate full disk encryption as a way to mitigate this risk. This can be done through hardware or software, as an individual or a centralized administration task or even as a managed service. Many products perform FDE with the use of special encryption chips or the TPM (trusted platform module) that is being included in more and more laptops.
As the use of mobile computing increases for business and governments, so does the risk of sensitive information falling into "the wrong hands." Many businesses and governments now mandate full disk encryption as a way to mitigate this risk. This can be done through hardware or software, as an individual or a centralized administration task or even as a managed service. Many products perform FDE with the use of special encryption chips or the TPM (trusted platform module) that is being included in more and more laptops.
Last Reviewed by Michele Jordan 31 Oct 2005
- Computer Professionals for Social Responsibility Filtering FAQ
- PodSnaffler is a tool to show what data could be stolen from the computer via removable storage.
- Microsoft article about using the OS to manage removable storage security.
- IT managers see portable storage device security risk: How much damage can an iPod or memory stick do? Plenty, say analysts article by Lucas Mearian
- ITtoolbox Blog about portable storage device security.
- Securing USB Memory Devices to Reduce Risks to IT Infrastructure - overview of the problem and options, by Siemens
- Social Engineering, the USB Way - an article about using USB memory sticks to compromise a credit union during a security assessment.
- Primer: Network Access Control
- Network Access Control Learning Guide
- Market Analysis: Network Node Validation
- Using 802.1X to control physical access to LANs
- Remote User Security Checklist
- Network Access Control: User and Device Authentication.
- Articles on NAC/Quarantine in Windows Server 2003
- From TechNet - Network Access Quarantine Control in Windows Server 2003
- From WindowSecurity.com - Server 2003’s Network Access Quarantine Control: What is it and How Does it Enhance Security?
- From TechNet again - Network Access Protection
Categories
- Content Filters (67)
- Endpoint Security (23)
- Full Disk Encryption (32)
- Network Access Control (28)
Listings
There are 0 Listings in this Category.Add your listing here