Portal Home > Knowledgebase > Articles Database > The ultimate network security: IDS + TVA +...?
The ultimate network security: IDS + TVA +...?
| Posted by BunkerDatacenter, 08-22-2010, 09:17 AM |
| What would you do to protect your network and what kind of tools (soft- or hardware?) would you implement?
What would you use on the borders, the aggregation-level and access-level?
Would you use an IDS, a TVA solution?
Not talking about single server protection, but complete network coverage... Like to hear different opinions and solutions to start a discussion about the ultimate network security setup.
|
| Posted by aleb, 08-22-2010, 11:45 AM |
| What is TVA? Tennessee Valley Authority?
If you ask about the design of Data Center:
Very good design: (in attach)
If you prefer, we can discuss this in the correspondence.
Attached Thumbnails
|
| Posted by BunkerDatacenter, 08-22-2010, 02:01 PM |
| Hi Aleb,
A TVA is a 'Topological Vulnerability Analysis' system. It's a proactive intrusion prevention and response via attack graphs. It constantly attacks your own network with known and new exploits/hacks etc. to look for weak spots before it is actually attacked.
TVA automates the type of labor-intensive analysis usually performed by penetration-testing experts. It encourages inexpensive “what-if” analyses, in which candidate network configurations are tested for overall impact on network security. It also allows for the computation of network-hardening options that protect given critical resources while requiring minimal network changes.
Thnx for the network layout, will look it over.
Last edited by BunkerDatacenter; 08-22-2010 at 02:07 PM.
|
| Posted by aleb, 08-22-2010, 02:41 PM |
| I forgot about this term.
As far as I remembered it all based on the work:
S. Jajodia, S. Noel, B. O'Berry, "Topological Analysis of Network Attack Vulnerability"
And the only known product (with the term TVA) is the product Couldron.
http://www.epok.net/pdf/Cauldron-Top...w_Approach.pdf
This look like as theoretical model.
Partial functionality is in Cisco MARS.
You can try to build a system yourself. Hardly search of vulnerabilities can be fully automated.
Besides the idea of "The [GMU] project looked at ways to improve on the efficiency of reviewing vulnerabilities and trying to focus on what vulnerabilities should be resolved first - with tons of network scans and data" seems to me questionable.
|
| Posted by GOT, 08-23-2010, 12:57 PM |
| I always liked this product:
http://www.tippingpoint.com/
|
| Posted by BunkerDatacenter, 08-24-2010, 09:19 AM |
| Thnx for the feedback.
No other experiences, solutions or suggestions?
|
Add to Favourites 
Print this Article
Also Read
