This document is a sample of written work only. Copyright remains the property of the respective owners.
It's about...
Secure information sharing is critical to every business. Each year, substantial amounts of money and hours of productivity are lost due to network security breaches and malicious attacks. With the magnitude of threats on the rise and the risks of huge potential losses, organizations are now looking into unified solutions that can address all aspects of their network security needs.
Let’s take a look at how the security of businesses can be strengthened by unifying all the components in the network.

Information flowing in and out of an organization needs to be secured because security breaches can cost as much as or more than break-ins. Between the local and wide area network (LAN/WAN) is where gateway security effectively controls and manages information flows from an organization to the outside world.

Using conventional firewall or VPN alone unfortunately is insufficient to effectively protect the network. Adding new security appliances one after another to keep the network security up to date, on the other hand, may result in increasing network complexity and management load.

All these bottlenecks can be resolved by upgrading the conventional network protection model to D-Link network protection with Unified Threat Management (UTM), which incorporates industry leading firewall and VPN functionality into an all-in-one security solution.

What is IDP?
Intrusion Detection and Prevention (IDP) looks out for patterns of usage and traffic that match the signature of known exploits to prevent new threats and intrusions. A subscription service is available for updating its web content filtering and ongoing automated protection against emerging virus and intrusion threats.
Besides offering easy upgrade for the future, it is capable of handling wire-speed stateful inspection to capture sophisticated threats and provide gateway antivirus, virtual private network (VPN) and content filtering.

Two of the most common security threats today are intrusion and virus attack.

Hackers and scammers are becoming more sophisticated these days in their attempts to access networks without authorization. Even with some of the best perimeter prevention, once in a while such unauthorized access may still get through, and this can cause critical applications to go down or security breach. Virus or worm, in addition, can cause the infection of a network host to many other hosts and generate excessive loads of traffic, which may result in the slowing down of applications on the network, loss of data, or even bring down the entire network.

One of the best ways to handle intrusion and infection is to combine various components in the network to handle the different points of threats from the edge of the network to the endpoint where users are connected.

By using the IPS feature in D-Link’s UTM solution, firewall rules and user definition rules can be set to inspect and screen all illegitimate traffic from the local area network (LAN) users. Once any illegitimate traffic is detected, the D-Link switch will shut down the port where the infected computer host is connected and stop the infection from spreading.

Using D-Link’s IP-MAC-Port binding feature, network spoofing can also be prevented with a white list that keeps track of network nodes allowed access through the switch. Packets with incorrect combinations are dropped, and the port is then blocked, with an attack alert is sent to the administrator.

Training users to be security conscious is good, but in order to ensure users are following the prescribed policy rules when accessing the network, automated checks to verify compliance will be necessary.

A good way to protect the end users from accessing the network without required policy compliance is to implement joint security. D-Link’s joint security combines the capabilities of firewalls, switches and wireless access points, together with their respective built-in technologies, to work with Microsoft Network Access Protection (NAP).

Once configured, NAP will undergo a health check to evaluate security compliance before granting connections or quarantining the user that is non-compliant. Non-compliance to policies may include aspects such as conformance to critical patches or virus definitions, failing which the user may be isolated from access to a patch server for updating before he or she is granted access.

Building a viable network security requires a solution that covers from end-to-end all aspects of an organization’s network needs from the edge of the network to the endpoints where the users are connected.

In order to ensure a network is completely secured, businesses should consider leveraging on solutions such as the End-to-End Security (E2ES) from D-Link, which is cost-effective and covers a wide-range of choices to meet the different needs of each organization.

Print Friendly

For more information about D-Link, please visit its website at