|
At its simplest, protection is the proactive detection
of active attacks against information resources, the
prevention of unnecessary security vulnerabilities, and
rapid, appropriate response when a security event takes
place.
"Detect" is the ability to recognize that an
attack is underway, then alert both other elements of the
security solution and administrators of the attack and its
potential severity.
"Prevent" is the ability to identify which
networks, servers or desktops are at risk for a successful
attack, including automatic prioritization for the most
serious exposures and straightforward advice and automated
processes for closing up gaps in the security fabric.
"Respond" is the rapid application of both
automated and administrator-directed measures to isolate
the security event and prevent it from accessing or
damaging networks, servers or desktops.
|
