What is a DMZ? The Demilitarized Zone (DMZ) is an independent network that acts as a buffer zone between an external network and the internal network. The buffer network contains, for example, web servers or mail servers whose communication is monitored by firewalls. As businesses and organizations become more dependent on technology and online presence, … Read more
What is LLDP (Link Layer Discovery Protocol)? The Link Layer Discovery Protocol works on layer two of the OSI reference model and is specified in the IEEE 802.1AB standard. Neighboring devices in a network can use the protocol to exchange information. The devices store the information they receive in their Management Information Base. Typical applications … Read more
A proxy is a software instance or a server that acts as an intermediary in a network. It receives requests and forwards them by proxy. Proxies can be used, for example, to obfuscate communication between local end devices and web servers, to speed it up, or to secure it. Have you ever been restricted from … Read more
A network domain is an administratively delimited network area that can be used to logically map the organizational structures of a company. Security policies, user rights, and user roles are managed centrally via a domain controller. A user logs on to a domain via the domain controller. Domains have unique names and are structured hierarchically. … Read more
How does RADIUS work? RADIUS stands for Remote Authentication Dial-In User Service and describes a service that authenticates and authorizes users in a dial-in network. RADIUS can also be used for the accounting of services. In companies, RADIUS is often used for user logon in WLAN networks. Have you ever wondered how you connect to … Read more
An Information Security Management System (ISMS) defines rules and methods to ensure information security in a company or organization. The ISMS is process-oriented and follows a top-down approach starting from the company management. Protecting sensitive information has become paramount for organizations and individuals alike, and the increasing sophistication of cyber threats and the growing volume … Read more
What is cross-site scripting? Cross-site scripting (XSS) is one of the most commonly used attack methods on the Internet. The goal of cross-site scripting is to obtain confidential data, hijack applications, or cause other damage. XSS embeds the attack code in a supposedly secure context. In today’s digital age, web applications are an integral part … Read more
The so-called Security Operations Center, abbreviated SOC, sees itself as the center for all security-relevant services in the IT environment of organizations or companies. It protects the IT infrastructure and data from internal and external threats. With the rapidly evolving landscape of cybersecurity, organizations face many threats and attacks on their digital assets. To combat … Read more
An intrusion prevention system, abbreviated IPS, is able to detect attacks on networks or computer systems and to take automatic defensive measures. It provides additional protection compared to conventional firewall systems. An Intrusion Prevention System (IPS) clearly differs from an Intrusion Detection System (IDS) in some functions. Cybersecurity is of utmost importance to protect our … Read more
An intrusion detection system, abbreviated IDS, is able to detect and inform about attacks directed at computers, servers, or networks. Often the Intrusion Detection System complements the usual functions of a firewall. Network security plays a critical role in safeguarding organizations from cyber threats. One essential component of network security is an Intrusion Detection System … Read more
A firewall is a system that is capable of analyzing data traffic. It protects IT systems from attacks or unauthorized access. The firewall can be a dedicated hardware or software component. Literally translated, firewall means “firewall”. The term refers to an IT system that can analyze, forward, or block data traffic. This enables the firewall … Read more
WPA2 (Wi-Fi Protected Access 2) has been the successor to WPA since 2004. Among the most important changes compared to WPA is the use of the AES encryption method. WPA2 eliminates the vulnerabilities of WPA that were discovered and is still considered very secure when a strong password is used, despite known attacks. In our … Read more
BSI Standard 200-1, along with Standards 200-2 and 200-3, is an elementary component of the BSI’s IT-Grundschutz methodology. It defines the general requirements for information security management systems (ISMS – information security management systems) and is compatible with ISO standard 27001. The aim of the BSI standard is to make the business processes of companies … Read more
Stateful Packet Inspection is a dynamic packet filtering technique for firewalls that, in contrast to static filtering techniques, includes the state of a data connection in the inspection of packets. It detects active TCP sessions and can allow or block data packets based on the session state. SPI provides higher security for firewall inspection and … Read more
A wireless intrusion prevention system can detect and defend against attacks and unauthorized access to a WLAN. It provides additional protection for the wireless network environment. The WIPS consists of several components and uses sensors to monitor the wireless network. What is WIPS (Wireless Intrusion Prevention System)? The acronym WIPS stands for Wireless Intrusion Prevention … Read more
Endpoint Security protects the various endpoints in a network from various threats. Technical and organizational measures prevent unauthorized access to devices or the execution of malicious software. Endpoint protection ensures that the end devices achieve the desired level of security. Endpoint security refers to the measures and practices implemented to secure the various endpoints in … Read more
Secure Access Service Edge (SASE) is an architectural concept that provides WAN services and security functions as a combined cloud-based solution. The security functions operate at the network edge. They replace centralized security concepts, for example, via virtual private networks. Identity- and context-based access mechanisms are in place for users, applications, and devices. What is … Read more
Transport Layer Security (TLS) is a layer 5 protocol of the ISO/OSI layer model that ensures encrypted transmission of data on the Internet. TLS is the successor to SSL and is used, for example, by browsers for secure HTTPS connections. TLS (Transport Layer Security) is a cryptographic protocol designed to secure communication over the internet. … Read more
Security Information and Event Management (SIEM) provides a holistic view of IT security by collecting and evaluating messages and log files from various systems. Suspicious events or dangerous trends can be detected in real-time. Organizations face increasing threats to their information systems and data security in today’s interconnected digital landscape. As cyberattacks become more sophisticated, … Read more
With Windows Server Update Services (WSUS), Windows updates can be provided and distributed locally via your own network and your own Windows servers. The updates are decoupled from regular Windows updates. This offers extensive management and control options for various clients. Keeping computer systems up-to-date with the latest software patches and security updates is crucial … Read more