Skip to content

OVERVIEW OF NETWORK SECURITY

Overview of Network Security

 

What Is Network Security?Network security refers to any activities designed to protect your network. Specifically, these activities protect the usability, reliability, integrity, and safety of your network and data. Effective network security targets a variety of threats and stops them from entering or spreading on your network.

Or

Network Security is an organization’s strategy and provisions for ensuring the security of its assets and of all network traffic. Network security is manifested in an implementation of security policy, hardware, and software.

Or

Network security involves all activities that organizations, enterprises, and institutions undertake to protect the value and ongoing usability of assets and the integrity and continuity of operations. An effective network security strategy requires identifying threats and then choosing the most effective set of tools to combat them.

What Is Network Security and How Does It Protect You?

Many network security threats today are spread over the Internet. The most common include:

  • Viruses, worms, and Trojan horses
  • Spyware and adware
  • Zero-day attacks, also called zero-hour attacks
  • Hacker attacks
  • Denial of service attacks
  • Data interception and theft
  • Identity theft

How Does Network Security Work?

To understand What is network security?, it helps to understand that no single solution protects you from a variety of threats. You need multiple layers of security. If one fails, others still stand.

Network security is accomplished through hardware and software. The software must be constantly updated and managed to protect you from emerging threats.

A network security system usually consists of many components. Ideally, all components work together, which minimizes maintenance and improves security.

Network security components often include:

  • Anti-virus and anti-spyware
  • Firewall, to block unauthorized access to your network
  • Intrusion prevention systems (IPS), to identify fast-spreading threats, such as zero-day or zero-hour attacks
  • Virtual Private Networks (VPNs), to provide secure remote access

What are the Business Benefits of Network Security?

With network security in place, your company will experience many business benefits. Your company is protected against business disruption, which helps keep employees productive. Network security helps your company meet mandatory regulatory compliance. Because network security helps protect your customers’ data, it reduces the risk of legal action from data theft.

Ultimately, network security helps protect a business’s reputation, which is one of its most important assets.

Network Security: A 3 Part Process

Network Security is an organization’s strategy and provisions for ensuring the security of its assets and of all network traffic. Network security is manifested in an implementation of security policy, hardware, and software. For the purposes of this discussion, the following approach is adopted in an effort to view network security in its entirety:

  1. Policy
  2. Enforcement
  3. Auditing

Policy

The IT Security Policy is the principle document for network security. Its goal is to outline the rules for ensuring the security of organizational assets. Employees today utilize several tools and applications to conduct business productively. Policy that is driven from the organization’s culture supports these routines and focuses on the safe enablement of these tools to its employees. The enforcement and auditing procedures for any regulatory compliance an organization is required to meet must be mapped out in the policy as well.

Enforcement

Most definitions of network security are narrowed to the enforcement mechanism. Enforcement concerns analyzing all network traffic flows and should aim to preserve the confidentiality, integrity, and availability of all systems and information on the network. These three principles compose the CIA triad:

  • Confidentiality – involves the protection of assets from unauthorized entities
  • Integrity – ensuring the modification of assets is handled in a specified and authorized manner
  • Availability – a state of the system in which authorized users have continuous access to said assets.

Strong enforcement strives to provide CIA to network traffic flows. This begins with a classification of traffic flows by application, user, and content. As the vehicle for content, all applications must first be identified by the firewall regardless of port, protocol, evasive tactic, or SSL. Proper application identification allows for full visibility of the content it carries. Policy management can be simplified by identifying applications and mapping their use to a user identity while inspecting the content at all times for the preservation of CIA.

The concept of defense in depth is observed as a best practice in network security, prescribing for the network to be secured in layers. These layers apply an assortment of security controls to sift out threats trying to enter the network:

  • Access control
  • Identification
  • Authentication
  • Malware detection
  • Encryption
  • File type filtering
  • URL filtering
  • Content filtering

These layers are built through the deployment of firewalls, intrusion prevention systems (IPS), and antivirus components. Among the components for enforcement, the firewall (an access control mechanism) is the foundation of network security.

Providing CIA of network traffic flows was difficult to accomplish with previous technologies. Traditional firewalls were plagued by controls that relied on port/protocol to identify applications—which have since developed evasive characteristics to bypass the controls—and the assumption that IP address equates to a users identity.

The next generation firewall retains an access control mission, but reengineers the technology; it observes all traffic across all ports, can classify applications and their content, and identifies employees as users. This enables access controls nuanced enough to enforce the IT security policy as it applies to each employee of the organization, with no compromise to security.

Additional services for layering network security to implement a defense in depth strategy 8have been incorporated to the traditional model as add-on components. Intrusion prevention systems (IPS) and antivirus, for example, are effective tools for scanning content and preventing malware attacks. However, organizations must be cautious of the complexity and cost that additional components may add to its network security, and more importantly, not depend on these additional components to do the core job of the firewall.

Auditing

The auditing process of network security requires checking back on enforcement measures to determine how well they have aligned with the security policy. Auditing encourages continuous improvement by requiring organizations to reflect on the implementation of their policy on a consistent basis. This gives organizations the opportunity to adjust their policy and enforcement strategy in areas of evolving need.

The networks are computer networks, both public and private, that are used every day to conduct transactions and communications among businesses, government agencies and individuals. The networks are comprised of “nodes”, which are “client” terminals (individual user PCs) and one or more “servers” and/or “host” computers. They are linked by communication systems, some of which might be private, such as within a company, and others which might be open to public access. The obvious example of a network system that is open to public access is the Internet, but many private networks also utilize publicly-accessible communications. Today, most companies’ host computers can be accessed by their employees whether in their offices over a private communications network, or from their homes or hotel rooms while on the road through normal telephone lines.

Threats to network security include:
Viruses : Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event
Trojan horse programs : Delivery vehicles for destructive code, which appear to be harmless or useful software programs such as games
Vandals : Software applications or applets that cause destruction
Attacks : Including reconnaissance attacks (information-gathering activities to collect data that is later used to compromise networks); access attacks (which exploit network vulnerabilities in order to gain entry to e-mail, databases, or the corporate network); and denial-of-service attacks (which prevent access to part or all of a computer system)
Data interception : Involves eavesdropping on communications or altering data packets being transmitted
Social engineering : Obtaining confidential network security information through nontechnical means, such as posing as a technical support person and asking for people’s passwords

Network security tools include:
Antivirus software packages : These packages counter most virus threats if regularly updated and correctly maintained.
Secure network infrastructure : Switches and routers have hardware and software features that support secure connectivity, perimeter security, intrusion protection, identity services, and security management.
Dedicated network security hardware and software-Tools such as firewalls and intrusion detection systems provide protection for all areas of the network and enable secure connections.
Virtual private networks : These networks provide access control and data encryption between two different computers on a network. This allows remote workers to connect to the network without the risk of a hacker or thief intercepting data.
Identity services : These services help to identify users and control their activities and transactions on the network. Services include passwords, digital certificates, and digital authentication keys.
Encryption : Encryption ensures that messages cannot be intercepted or read by anyone other than the authorized recipient.
Security management : This is the glue that holds together the other building blocks of a strong security solution.

None of these approaches alone will be sufficient to protect a network, but when they are layered together, they can be highly effective in keeping a network safe from attacks and other threats to security. In addition, well-thought-out corporate policies are critical to determine and control access to various parts of the network.

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: