Login Signup
Verified Document

Why Threat Management Is Different From Vulnerability Management Term Paper

Related Topics:
Hacking Port Security Security Management Attack
Open Document Cite Document

Networks Security Management Network Security Management

Why Threat Management Is Different from Vulnerability Management

Studies have attempted to examine on the possibility of implementing an all rounded technology that seeks to manage several layers of OSI networking levels. However, this implementation has considerably lost influence since this approach is defeated by the nature of attacks. Currently, 2600 hacking publication presents to a user several methodologies of attacks. In fact, hacking as become complex for the single - headed approach. This research will be integral in differentiating threat management from vulnerability management. Their importance in implementing a hybrid network management on the operating system and vulnerability Management approach on the layer side is also addressed. The research will further clarify that the security approach designated by hybridism factor is responsive to all nature of attacks in the OSI networking models.

Studies

The research is based on the following studies. Firstly, Nikolaidis (2003) inspired this study in his analysis of the TCP/IP networking model and its relevance in establishing a security perimeter. Seconding this, Wu (2013) and Wenqiang (2010) who assesses the authentication approach and how some of these systems are weak in a given network. Thirdly, Gandotra (2013) seconded by Andre (2008) and Hsu et al. (2012) will seek to clarify on the various software roles and their impact on network defenses. Fourthly, Sterling (2006) will provide the technical approach in relation to DMZ server places and the effects on the first to third layers of OSI in the general debate of Threat management of Vulnerability management.

Threat Management

In modern day I.T security, the desire to provide comprehensive services is paramount. The chief reason behind this is based on the knowledge that potential clients of a given technology do not know the basic approaches of network security. Wenqiang (2010, pp. 104) argues that; traditional signature scanning was found impossible to keep pace with virus attacks that reaching epidemic levels at the time. Therefore, the TM technology was applied to ensure that a plethora of different gateway and desktop solutions could be applied hand in hand. The evolution of TM technology was due the fact that hacker were presented using blended attack. As such, basic antivirus software could not mitigate attacks from happening and in this case, it was necessary to enroll user mitigation techniques from the file transfer system, web and email.

Threat management is a networked-based security approach focusing on the primary network gateway used as a defense mechanism in any organization. Threat management is capable of performing multiple network defense protocols, which include gateway antivirus, network intrusion prevention, gateway ant-spam, VPN content filtering, data-leak prevention and load balancing. OSI (2006, p. 13) argues that the technology uses multilayered approach to incorporate several security technologies. TM system can be incorporated and configured to ensure that security feature can be quickly updated to meet evolving threat. Wu et al. (2013) joins this argument in what he considered as a triple 'A' approach in the network and system management. These include authentication, authorization, and accounting.

Authentication seeks to prove that the identity claim is authentic and valid. In most of the network attacks, proving the identity of the attacker is the most serious handle. However, when applying this approach, one will notice the technology is capable of identifying the source attacks and response will be directed towards the source attacks. Secondly, Gandotra (2012, pp. 290) argues that technology can be configured on Graphical User Interface system so that the administration among junior level managers is easy. As part of user management, the system ensures that there it is simple and reduced to ensure that troubleshooting, reduced and TCO advantages. Thirdly, the technology has reduced technical training requirements, that is, one comprehensive product approach. Fourthly, the technology is simplified and in any case, it is administered on a single software orientation. However, TM does not address the single point compromise if the network is vulnerable. It is also prudent to mention that the technology has impacts on a single point compromise. Lastly, the technology has single bandwidth orientation and cannot satisfy demands of a given network.

Based on this approach, (Gandotra, 2012, pp. 491) seconds that the TM is capable of mitigating frauds, pharming attacks, and phishing attacks. In this case, TM provides detects, analyzes, and provide remedies from attacks that have lost productivity and system downtime on aggregate. As part of further merits, (Eaton, 2001, pp. 184) argues that; TM is capable of providing standalone...

In fact, each of the system has separate maintenance processes and requires patch management strategies, which can be upgraded on every software release. Consequently, as part of the operation, TM has provided its personalized operating system, which is mandated to ensure that there is centralized management, which can be monitored on reporting extra advantages provided on TM solution. Therefore, in contemplating whether to apply TM or other technologies, substantial concern is directed to ensure that a different solution checks on the behavior of connecting to unusual ports.
Vulnerability Management

On the other hand, vulnerability management focuses on a cycle of identifying, remediating, classifying, and mitigating potential vulnerable attacks. These could be driven by software or firmware mounted on a given system. In this regard, a vulnerability device utilizes a series of hardware and software, which are previously mounted on the identified open ports, insecure software configuration, or even susceptibility to malware. A vulnerable scanner is one that can be identified on the zero-day attack (Gandotra, 2012).

In I.T industry, pundits have ensured that vulnerabilities attacks are simple and can patch to those annoying software issues, which are done. In fact, the scope of the platform and relevant application provides a plethora of weaknesses and prevention is the only key remedy. In this regard, most organizations will attempt to comply with networks that have a large number of different products. Also in this relation, it is prudent to note that researchers; for instance, Hsu et al., (2012, pp. 1439) have acknowledged that most organizations do not attempt to implement the I.T defense to the last mile. As this is the case, patches will often appear irrelevant to implement since support is organization is either not aware of releases or at most not even have the precise knowledge on how they are implemented.

In this sad notion, vulnerability concept will often provide a file patching technology that uses vulnerability scanners that can detect vulnerability from the network side with reasonable accuracy as well as, detecting vulnerability issues from the host side with optimal accuracy. However, Andre (2008, p. 4) when it comes to this system, it should be noted that volumes of data presents the key problem. In fact, many organizations have large databases: conducting a system scan-then-fix approach presents the potential problem. It is prudent to mention that most approaches in relation to vulnerability attacks do fail adequately to provide network visibility issues on the critical system.

To develop a given vulnerability process, Ariba et al. (2006, pp. 256) suggest the following steps that will act in line with overall mitigation plans. Firstly, it is good for the I.T department to develop a fastening policy that will initiate the first step that includes a definition of state device configuration, resource access and user identity. Secondly, it is appropriate to ensure that the I.T expert is away of the vulnerable attack. Thirdly, it is positive to ensure that the I.T expert is a better position to prioritize mitigation of activities and essentially extend external threat information; for instance, assets classification and security posture. Fourthly, it is appropriate to spread the shield of the environment, which is in this case, prior to eliminating the vulnerability by using network or desktop driven tools. Fifthly, the administrator should seek eliminate the vulnerability problem from the root and this approach is considered a legitimate concern. Sixthly, it is appropriate to maintain continually monitoring of the environment for deviation from policy and as a result, identify new vulnerability, which can affect the DMZ zone.

Vulnerability attacks do have three phases of problem approach; these are discovery, reconnaissance, and white box testing. Technically, the process identifies all host on given networks based on the process, version, type, and passiveness. The system applies a series of creative end use protocols that ensure that there is a close analysis of application behavior. When a host is identified the white box pings it and gather more information, and all information is backed on a security server firm. The complexity with this approach relates with its ability to conduct ICMP echo request applied when identify a given host and its origin. Through the mitigation process, most scanner will technically the TCP / IP process so that it can be the system can be able to override the networking protocols (Ariba, 2006, pp. 259). Ideally, the technology seeks to override the entire system by issuing a package sniffing process that identifies common ports in a network design. To achieve this, the TCP SYN packet is applied simultaneously in several ports and its actual intention is to determine…

Continue Reading...
Sources used in this document:
References

Andre, M. (2008). RSA: Sinowal Trojan stole vast volume of data. Computer Fraud & Security,

2008(11), 4.

Ariba, Y., Gouaisbaut, F., & Labit, Y. (2009). Feedback control for router management and TCP/IP network stability. IEEE TRANSACTIONS ON NETWORK AND SERVICE

Management, 6(4), 255-266.
Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
Managing Information Technology - Set
Words: 6095 Length: 13 Document Type: Term Paper

The vision Oracle has is one of unifying all of their enterprise applications into their Fusion architecture and creating a single unifying Service oriented Architecture (SOA) was first announced in 2006 (Krill, 13). Since that time Oracle has continually strived to create an SOA in Fusion that would appeal to its corporate customers. The proposed Fusion SOA platform has been designed to be robust and scalable enough to encompass enterprise-level

Read More
Essay
Managing Risk Assessment Litigation
Words: 2810 Length: 10 Document Type: Term Paper

Managing Risk Assessment and Litigation in UK Physical Education Departments This is a research proposal for a British university that aims to examine the rise of the litigation culture in the UK, as well as how schools' physical education (PE) departments are geared towards coping with it, particularly in light of professional training of physical education teachers for this purpose by management. Risk assessment training is a management-based programme; therefore, the

Read More
Essay
Risk Management Explain the Difference
Words: 784 Length: 2 Document Type: Essay

The most effective security reporting procedure is to use the OCTAVE-based methodology. The reason why is because, they are utilizing solutions that will address the total nature of the threat in comparison with the others. For any kind of organization, this helps them to understand what kinds of issues that they could be facing and the impact that it will have on the entity itself. At the same time, it

Read More
Essay
Threat of Terrorism Weighing Public Safety in Seattle
Words: 5948 Length: 17 Document Type: Case Study

Terrorism in Seattle Even before the World Trade Center attack in September, 2011, most major cities in the United States were not only aware, but anticipatory regarding the potential for a terrorist attack. Seattle has been fortunate in that it has never experienced an actual international attack, but has had three major domestic incidents since 1999 that continue to be in the minds of Emergency Management professionals. In 1999, Ahmed Ressam,

Read More
Essay
Risk and Vulnerability Analysis
Words: 1408 Length: 4 Document Type: Research Paper

Risk Management Risk and vulnerability analysis Risk can be defined as a prediction of future events and their outcomes and consequences. Initially, as these predictions are being made, there is no guarantee that these event will actually occur. At this point, it becomes vital to apply probabilities in order to determine the likelihood of the event occurring. Risk analysis, therefore, is a process of describing risks involved in any situation or organization.

Read More
Essay
Ing for Emergency Management Emergency
Words: 5324 Length: 20 Document Type: Essay

Slide 9: Technological innovations in emergency management The starting point in the creation of a plan on how to improve our program from a technological standpoint has been constituted by the review of the it industry. The scope of this research has been that of identifying the innovations in the field and their relevance for our agency and its mission. The results of the research endeavor are briefly presented below: GIS is

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now