eBooks/eGuides

54 Data Center & Hybrid Cloud Security For Dummies, Palo Alto Networks Special Edition These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. Although patching is a critical part of a sound endpoint protection strategy, it protects an organization's endpoints only after vulnera- bilities are discovered and patched. Delays of days, weeks, or lon- ger are inevitable as patches for newly discovered vulnerabilities must be developed, distributed, tested, and deployed. Much like signature-based malware detection, patch management is an end- less race against time that offers no protection against zero-day exploits. Vulnerability exploits, however, are the primary reason patches are needed. Many advanced threats work by placing malicious code (exploits) in seemingly innocuous data files. When these files are opened, the exploit leverages unpatched vulnerabilities in the native appli- cation used to view the file, and the code executes. Because the application being exploited is allowed by IT security policy, this type of attack bypasses application whitelisting controls. Although many thousands of exploits exist, they all rely on a rela- tively small set of core techniques that don't frequently change. Regardless of the exploit or its complexity, for an attack to succeed, the attacker must execute a series of these core exploit techniques in sequence, like navigating a maze to reach the goal (see the fig- ure). Thus, the key to exploit prevention is to focus on the exploit techniques, rather than the exploits themselves. • Protect resource-sensitive environments. Frequent antivirus sig- nature updates, application patches, and operating system updates required to secure endpoints against known vulnerabilities are par- ticularly challenging in virtual environments, where "golden images" are used to provision virtual endpoints. Many traditional physical endpoint products can create unforeseen complications when applied to virtual environments. Furthermore, purpose-built virtual security products often leave gaps in the overall security architec- ture if they are not part of a cohesive security infrastructure. (continued)

• Cover
• Title Page
• Copyright Page
• Table of Contents
• Introduction
• About This Book
• Icons Used in This Book
• Chapter 1 The Evolution of the Data Center
• Understanding the Impact of the Cloud on the Data Center
• Recognizing Security Challenges in the Data Center and Hybrid Cloud
• Looking at Why Legacy Security Infrastructure is Ineffective
• Firewalls
• Intrusion prevention
• Proxies
• Defining Security Requirements
• Gain complete visibility
• Minimize the attack surface
• Automate threat protection
• Chapter 2 Security Challenges in Hybrid Clouds
• Cloud Security and The Shared Responsibility Model
• The Dynamic Nature of Modern Threats
• Ransomware
• Credential theft
• DNS-based attacks
• Targeted "Low-and-Slow" Attacks and APTs
• Chapter 3 Delivering Consistent Security Using Zero Trust
• Gaining Complete Visibility
• Application identification
• User identification
• Content identification
• Minimizing Your Attack Surface with Segmentation
• Using Dynamic Security to Support Moves and Changes
• Chapter 4 Leveraging Unmatched Threat Protection
• The Challenges of Defense in Depth
• What Is a Perimeter?
• Threat Protection Components
• Endpoint protection
• Security orchestration and automation
• Cloud-based threat intelligence
• Chapter 5 Ten Evaluation Criteria for Network Security in the Data Center and Hybrid Cloud Environment
• Safe Enablement of Applications in the Hybrid Cloud
• Identify Users and Enable Appropriate Access
• Comprehensive Threat Protection
• Flexible, Adaptive Integration
• Secure Access for Mobile and Remote Users
• One Comprehensive Policy, One Management Platform
• Cloud Ready
• Automate Routine Tasks and Focus on the Threats That Matter
• Flexible Deployment Options
• Consume New Innovations Easily in a Broad Partner Ecosystem
• Glossary
• EULA