Selection of Effective Controls
In order to maintain network security, there are a number of controls that could be used for data, such as access lists or audit trails, systems such as firewalls and IDSs, or two main categories of controls. The selection and implementation of controls depend on the unique circumstances of an organization. They are categorized into two main groups: preventative and detective. Let’s explore scenarios where these can be used to protect our network:
- Preventative controls: Preventative controls are placed at the network perimeter to defend against potential threats before they breach the network. These controls reside on network routers, switches, and dedicated appliances, and they tirelessly scrutinize incoming and outgoing traffic, ensuring that only legitimate data is permitted. Devices that can be used for this purpose include firewall appliances, IPSs, and ACLs.
- Detective controls: Detective controls are located within the network...