No matter how good any single network security application is, there is someone out there smarter than the people who designed it with more time on his hands than scruples who will eventually get past it. It is for this reason that common security practice suggests multiple lines of defense, or in-depth security.
In-depth security uses layers of different types of protection from different vendors to provide substantially better protection. A hacker may develop an exploit for a vulnerability that enables them to bypass or circumvent certain types of defenses, or they may learn the intricacies or techniques of a particular vendor, allowing them to effectively rendering that type of defense useless.
By establishing a layered security you will help to keep out all but the cleverest and most dedicated hackers. As a baseline I suggest implementing the following computer and network security products:
- Firewall: Basically, a firewall is a protective barrier between your computer, or internal network, and the outside world. Traffic into and out of the firewall is blocked or restricted as you choose. By blocking all unnecessary traffic and restricting other traffic to those protocols or individuals that need it you can greatly improve the security of your internal network.
- What is a Firewall?
- Free Personal Firewall Software
- The Windows XP SP2 Firewall
- How to Configure the Windows XP SP2 Firewall
- Antivirus: Antivirus software is a type of application you install to protect your system from viruses, worms and other malicious code. Most antivirus programs will monitor traffic while you surf the Web, scan incoming email and file attachments and periodically check all local files for the existence of any known malicious code.
- Free Antivirus Tools and Utilities
- What to Look for in Antivirus Software
- Vista-compatible Security and Antivirus Tools
- Intrusion Detection System (IDS): An IDS (Intrusion Detection System) is a device or application used to inspect all network traffic and alert the user or administrator when there has been unauthorized attempts or access. The two primary methods of monitoring are signature-based and anomaly-based. Depending on the device or application used, the IDS can either simply alert the user or administrator or it could be set up to block specific traffic or automatically respond in some way.