To effectively deploy the security configuration, it is recommended that the administrator follows a series of general steps that will facilitate implementation of the security policy defined in the company, while at the same time minimizing the number and severity of security incidents:
The first step the team responsible for ensuring corporate security has to take is create a series of documents that define the security framework required by the company.
This security framework must be compatible with users' needs with regard to network access and the tools required to do their daily tasks without problems.
The objective is to describe a safe and productive environment for the network computers, and for the integrity of the data handled by the company, protecting corporate assets from unauthorized access and preventing data leaks that may damage the company's reputation and lead to financial losses.
To be able to generate this documentation, the team responsible for ensuring corporate security must have a deep understanding of the security and suspicious behavior detection mechanisms to be implemented in the company in order to ensure a trusted, productive environment.
The protection and security features provided by Adaptive Defense are:
Advanced permanent protection (Audit, Hardening, Lock)
Data theft detection
Protection of vulnerable systems
The purpose of this point is to determine the corporate devices that will receive a security configuration from Adaptive Defense. To do that, it will be necessary to know each device's operating system, its role within the network (server, workstation, mobile device), and the profile of the user who will use it along with their department.
For computers to be integrated into the Adaptive Defense console and protected, they must have an agent installed and a valid license assigned. Refer to information about installation procedures.
Refer to chapter License management for information about how to check the status of your Adaptive Defense licenses.
Developing a clear device grouping strategy is key to managing corporate security. Given that each security configuration will be applied to one or several computer groups, it will be necessary to find those computers that have the same security requirements.
To be able to segment the network into different groups you must first establish the grouping criteria to be used. Take into account the computer and user data obtained in the second point, that is, the profile of the user who will use the device, the device's operating system, etc.
A security profile is a configuration template assigned to one or several device groups, and which defines the protection behavior.
The administrator will have to create as many security profiles as security scenarios are required for the different computer groups.
There are several options when assigning profiles to groups: one single profile applied to several groups, each group with a different profile, or just one profile and one group in the case of very small or homogeneous networks.
Once you have applied a security profile to a group, every device in the group will be protected according to the protection behavior described in the security profile assigned to it.