Answer:
There are several components to assessing network vulnerabilty and performing penetration testing to ensure that your systems remain safe from hackers. The first component involves determining whether your systems and networks have weaknesses that could allow an attacker to gain unwanted access. Performing a vulnerability analysis using sophisticated vulnerabilty scanning tools will allow you to test whether each service on your network is vulnerable to attack.
The second key component to assessing your network security is to determine whether your systems can detect an attack as it is in progress. Intrusion detection systems work much like anti-virus software, constantly monitoring your network traffic and comparing data packets against known "attack signatures" packets.
Because even the best of these types of automated tools can result in missed vulnerabilites, false positives, or even failed instrusion detection, experts recommend penetration testing to assess vulnerabilities. It is best to hire well-trained intrusion detection analysts to aid in performing these tests.
There are several companies that provide these services. Bindview and Red Siren are two well known companies that provide security management solutions and software.
Other Resources:
Network Intrusion Detection: An Analyst's Handbook (2nd Edition)First published on BankersOnline.com 6/17/02
print
share