1
General Discussion / advices and suggestion on creating an company network
« on: June 18, 2024, 02:32:59 am »
hi ,
i am (would like) about to create a robust company network with security in mind
from all kinds of attacks ,
in network if pcs got infected so protect the network from it or to it,
from red team or malicious person that will connect directly to the network port
have a super high security file share type system
and so on...
i have seen , zenarmor and suricata with proofpoint emergingthreats rule set for IDS and IPS
trying to find a good XDR (i've seen Wazuh agent idk how it compares against sentinel one , cybereason , palo alto) , suggestion and thoughts are welcome .
trying to find how to properly protect a shared type system (idk which one yet , SMB seems obivous but im not sure its the best thing for a non domain environment)
trying to find out how to protect physical ports for malicious actors , for example to shutdown a port. (like portnox)
trying to find a way (not sure if that exists) to give access to the network and or "receive networking service" to authenticated computers on the network , like for the pc to send a special crafted packet or something else .
for example it is needed when an attacker can mimic a mac address to enter the network , however ! if he does not have that special crafted packet or something like that , the network will ignore it
anyhow , help , suggestion are all welcomed !
thank you
i am (would like) about to create a robust company network with security in mind
from all kinds of attacks ,
in network if pcs got infected so protect the network from it or to it,
from red team or malicious person that will connect directly to the network port
have a super high security file share type system
and so on...
i have seen , zenarmor and suricata with proofpoint emergingthreats rule set for IDS and IPS
trying to find a good XDR (i've seen Wazuh agent idk how it compares against sentinel one , cybereason , palo alto) , suggestion and thoughts are welcome .
trying to find how to properly protect a shared type system (idk which one yet , SMB seems obivous but im not sure its the best thing for a non domain environment)
trying to find out how to protect physical ports for malicious actors , for example to shutdown a port. (like portnox)
trying to find a way (not sure if that exists) to give access to the network and or "receive networking service" to authenticated computers on the network , like for the pc to send a special crafted packet or something else .
for example it is needed when an attacker can mimic a mac address to enter the network , however ! if he does not have that special crafted packet or something like that , the network will ignore it
anyhow , help , suggestion are all welcomed !
thank you