![]() ![]() AV is not very helpful here, because a watering hole is being used so it is doing what is supposed to within its signatures. I used watering holes as an example because this is a common means of targeted attacks using spear-phishing and credential harvesting typically found in organizations. ![]() They know your network already, hence have the watering hole in place. Traffic to these DMZ hosts is permitted so the firewall is doing what it's supposed to as reconnaissance has already been performed by the attacker. Let's say you have a scenario (pick one actually), where a watering hole attack is underway. GFI Languard is informing you of this because it is against best practices on baseline metrics. If you are managing this environment, then it is advised to have this on. Your answer should be "absolutely", security analysts as myself refer to this as "layered defense" and is part of a "defense-in-depth" strategy. To be honest i can't answer this question. Need Windows Firewall Also? If must be enable it which is the reason when i have all the above protection? My network has already a Firewall, i have Antivirus, Some servers are in DMZ. One of the High Security Vulnerability is that Windows Firewall is disabled. I use GFI Languard to check Security of Our Environment. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |