Hello, Michael. Have you

Mike Keenan · ‎03-05-2015

I would like to come up with a new security infrastructure model for my company. That being said, I think the first step is to categorize major threats to our network and then to match those threats to network devices/applications that will help defend against those categorized threats. Does anyone have a good reference that I can use that clearly and concisely categorizes these threats? Also, I would like information that identifies what types of devices defend against those threats. For example:

Attack Vectors

- Scripting Attacks
- SQL Injection
- Buffer Overflow Attacks
- DDoS Attacks
- Malvertising

Network or Application Security Devices

- Cisco Advanced Malware Protection (AMP)
- Web Application Firewall
- Web Security Appliance
- Network Firewall
- Intrusion Prevention System

Is there an authoritative and/or trusted reference that categorizes or lumps these attacks and devices together? And is there anything out there that can list what types of network devices that can defend against these threats? I would like a reference that was not written by sales people or marketers but people that know what they are talking about. If I read about or hear the phrase "industry leading" or "proven technology" one more time I might throw up.

Thank you!!!

bsiapco · ‎03-06-2015

Hello, Michael.

Have you looked into Cisco FireSight (along with Cisco FirePower Services) for a unified threat management console? If you are getting a new Security Appliance, might as well check Cisco ASA 5500-X series to support FirePower Services.

http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/datasheet-c78-732251.html

Let me know if you have additional concerns. Hope this helps!

Network Threat Categorizing