Because ENA NetShield UTM is a co-managed solution, our customer support team works around the clock to provide the best modern security features and updated reporting analytics. However, to make sure your network continues to meet your community’s evolving needs, there are a few best practices we encourage you to adopt.
These five tips will help you get optimal performance out of ENA NetShield UTM.
1) Routinely review your dashboard
ENA NetShield UTM helps defend your organization against known and unknown threats. ENA recommends administrators routinely log into the my.ena.com portal to keep abreast of network activity. Analytics, logging, and reporting tools enable you to monitor activity, identify trends, and swiftly resolve network issues. As part of our efforts to maintain best in class standards, we are consistently enhancing features within the portal, so whenever you log in there might be a new security feature to see!
2) Review compromised hosts
Your portal provides several reports and monitoring tools, such as custom reporting, top threats, log history, and VPN activity. The compromised hosts tab is an additional helpful feature that will alert you to threats we have detected on endpoint devices. For each compromised host, the solution will indicate the threat severity and recommend a course of action. For more information on compromised devices or appropriate recourse, please contact our CTAC team at [email protected]. As a best practice, ENA recommends reimaging compromised machines to be sure the infection has been removed from your environment.
3) Remove bad traffic and clean up the network
Administrators should watch out for traffic directly hitting the firewall with outbound denied application layer protocol requests and also track dropped or rejected internal devices. Network administrators should investigate the source of the blocked outbound traffic and take mitigating action when appropriate.
4) Remove unused rules and objects from the rule bases
ENA recommends regularly reviewing firewall policies to confirm their efficacy—every ninety days is a good interval. For optimal reviews, each policy and note entry should include a business and technical owner. Unused policies should be disabled and noted. When frequent changes are required, review all policies on a monthly basis.
5) Take advantage of geo-blocking
Geo-blocking is an advanced firewall feature that allows us to block known bad actors based on geographical location. ENA engineers implement this feature at turn up, but we recommend a thorough review to ensure the configuration meets your network needs.