How to defend network against APT attacks?

First and foremost, take stock of the controls that already exist on the network and ensure they are both effective and well-managed.

Most enterprises already have a mixture of firewalls, intrusion detection and prevention systems (IDS/IPS), antimalware packages and other controls.

Are they audited regularly?

Do they have current signatures?

Are they consistently deployed?

Check the basics before even considering adding additional layers of defense.