IN THIS CHAPTER
Learning what information network monitoring can provide
Using systems that monitor a network for unauthorized access
Intelligently and dynamically blocking network intruders
Preventing unauthorized information from leaving your network
Learning about attempted attacks with honeypot decoys
Network security isn't something you can assure with a one-time audit or configuration. The Internet is constantly evolving, as are the devices you may connect to it. Operating systems and applications undergo frequent updates, new methods of attack are invented, and new exploits are discovered. As a result, you can improve your security by regularly monitoring your network for any new breaches that may have slipped past your defenses.
This chapter covers several different sorts of network monitoring, including methods that simply watch for potential threats and alert you, methods that actively work to block new threats, and methods that help to ensure that no proprietary or confidential data is sent from your network to other locations on the Internet. It also briefly discusses ways of luring attackers away from your most important Macs by using a mechanism known as a honeypot.