What other security software/devices are there for online/networking protection

[G_K]

What other security software/devices are there for online/networking protection 

 

What i got so far but failed

 

2x IPS

Antivirus -spyware 

rootkit finder

 

[8tg]

Common Sense 2021 special edition 

don’t touch the stove burner just because you have gloves 

[j.son19]

I've always used Bullguard internet security which I find works fine does the job the only thing would say is I don't know if others do this but when Bullguard puts an offer on occasionally, you have a popup telling you about on when you get logged into your pc.

[TehDwonz]

1 hour ago, Uknown0002 said:

What other security software/devices are there for online/networking protection 

 

What i got so far but failed

 

2x IPS

Antivirus -spyware 

rootkit finder

What failed? This is a very vague question too. Can you give us more context?

[Dutch_Master]

ClamAV: Open Source & free! Mail only though.

[G_K]

3 hours ago, TehDwonz said:

What failed? This is a very vague question too. Can you give us more context?

My Intrusion protection system didn't pick up, malware coming through the network, once i contacted the security service they did a security update and then the next time it tried again (trojan) it got blocked because of the update, there has been many zero day attacks recently and the software can't keep up because its not in the system to pick up, i need a few security products/services to get these malwares picked up to not find the vulnerability's to get into my network and infect every device

[TehDwonz]

40 minutes ago, Uknown0002 said:

My Intrusion protection system didn't pick up, malware coming through the network, once i contacted the security service they did a security update and then the next time it tried again (trojan) it got blocked because of the update, there has been many zero day attacks recently and the software can't keep up because its not in the system to pick up, i need a few security products/services to get these malwares picked up to not find the vulnerability's to get into my network and infect every device

Seems like more regular updates might be in order then? Also, perhaps the firewall might need some stricter rules in place or a review of the current settings at least. How many other people use the network? Are they allowed to use their own devices?

[Akolyte]

2 hours ago, Uknown0002 said:

My Intrusion protection system didn't pick up, malware coming through the network, once i contacted the security service they did a security update and then the next time it tried again (trojan) it got blocked because of the update, there has been many zero day attacks recently and the software can't keep up because its not in the system to pick up, i need a few security products/services to get these malwares picked up to not find the vulnerability's to get into my network and infect every device

Good security can cost a lot of money.   I don't know what your company is, but I'll give some surface-level advice below that would be suitable for an enterprise.

 

If you want it to find zero-day threats some advice I could offer is to invest in security technologies that can actually find those threats.  

 

IPS can block exploit kits and attack methods based upon signatures, antivirus components can block Trojans etc based on signatures.  A good IPS won't necessarily block malware but it will block an exploitation attempt. 

 

If you want the best security then investigate the following: 

• Fortinet has a sandbox  technology which isolates and analyses files as it passes through the network, other companies offer similar solutions such as Trend Micro, etc.  You'll want one of these, as well as a good IPS such as a Fortigate or AlienVault. 

 

• Implement a zero-day focused endpoint security suite like Crowdstrike if you want something popular in the industry, there are others like SentinelOne, and Comodo has a new Endpoint Security Product that combines their legacy but highly secure default-deny sandboxing technology with more modern AI-based detection methods. 

 

• Invest in a cloud security solution that provides rigid access control and a good oversight of all of your users and stats and ratings of their activity (on the work network/computers).  A good example of this is Microsoft's security suite which is actually very good for this purpose.  Using it will ensure attackers can't get confidential files and data off of computers. 

 

• Monitor endpoints, get a security agent such as Tenable to ensure all of your user's endpoint machines are patched and up-to-date.  You should download an appliance such as the Metasploit scanner and run monthly scans on your servers to ensure no widely known exploits will work on your servers. 

 

Remember, even though prevention is the ultimate goal you should always assume you will get hacked.  By that I mean you should also focus on plans to deal with an attack/data breach and put restrictions and limitations in place to mitigate the damage that an attacker could cause. 

 

This means you should also harden all of your accounts, services and systems up to a standard.  You, as the security professional should create and publish configuration and security hardening standards for your administrators.  If a system does not meet a security standard, you are somewhat responsible.  It's your job to make the standards known.

 

If you use signature-based protection like I gather you're using now it will never be fully secure, even AI-based protection won't be fully secure.  But to expect to have good security while not combining zero-day and signature-based protections is old-school and definitely leaves opportunities in your network.  

[ballisdabest]

Get BITDEFENDER

[G_K]

8 hours ago, TehDwonz said:

Seems like more regular updates might be in order then? Also, perhaps the firewall might need some stricter rules in place or a review of the current settings at least. How many other people use the network? Are they allowed to use their own devices?

33 devices to 35 on the network