Ever since the creation of the internet with all of the good that it has brought to the table came the bad as well. In the age of information technology, an unsecured product is a surefire way to numerous issues. A company, which creates a product has to make sure both the software and the network security features of it are as robust as possible. In the previous we discussed application security, however, it is never complete without a clear network safeguards to serve as a frontline against malicious users trying to exploit the system. But what is network security and what are some of the methods used to protect systems? article Network security is a practice of prevention and protection against unauthorized intrusions into any large corporate or smaller home network. It is complimentary to endpoint security, which focuses on individual devices rather than on their interaction with each other. The SysAdmin, Audit, Network and Security Insitute, or SANS is a private U.S. for-profit company founded in 1989, which specializes in information security, cybersecurity training and certificates and it describes network security as: “Network security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment.” To rephrase it the network security consists of methods of preventing unauthorized users from accessing your hardware. Ideally, someone cannot hack into your computer remotely if they can’t connect to it using a network. Network Security Basics Definitions are easy to understand as a starting point, however, how does one implement the vision into practice? Let’s discuss some of the network security basics. There are numerous different perspectives on this however three major aspects always stick out of the bunch. These are: , which involves the correct configuration of the system as well as the network. Protection , which involves the ability to identify the changes in the configuration or when to notice when something sketchy happens in the network traffic. Detection , which involves identifying and responding to the problem as quickly as possible to return to the safe state and continue running the service. Reaction It is universally accepted that all three of these basic bits have to be covered when securing the network, otherwise, overreliance on one of these will lead to weaker implementation of the others and thus the system, which can still be exploited more or less with ease. The best way to view the network security is not as one line of defense, which if broken everything gets compromised but as a field of battle, which even if invaded the threat can still be responded to, isolated, and then expunged from the system without letting them compromise the whole field. Cloud Service and Network Security Cybersecurity is expensive. It requires a lot of funds, a trained team of professionals, licenses, and whatnot. Due to this, a lot of companies started outsourcing their computing to cloud service providers creating a hybrid infrastructure. Even this is no easy task though. Keeping in mind that these infrastructures in themselves are self-contained networks, which can be either physical or multiple virtual machines running on the same server. To tackle the security issues many cloud service providers have created a centralized security control policies on their own platforms. However, these systems do not always match up with the policies of the company hiring their services and this mismatch can cause additional workload for network security professionals. Common Methodology Network security combines a multitude of layers of defences. Each of these layers implement policies and controls. These in term regulate who gets access and who gets blocked from being able to exploit vulnerabilities and threats. A Computer Information System COmpany, or CISCO, an American multinational technology conglomerate, which specializes in IT, networking, and cybersecurity solutions lists the types of network security as follows: are basically a barrier between your trusted internal network and the outside world, such as the internet. Firewalls have a set of defined rules, which regulate what application has the right to access and what does not. This can be done using both hardware and software. Firewalls can also be divided into smaller categories: Firewalls Network firewalls Next-generation firewalls Web application firewalls Database firewalls Unified threat management Cloud firewalls Container firewalls Network Segregation firewalls is one of the most important factors of today’s network security as statistically, it is a gateway to a huge number of security breaches. Attackers usually use social engineering to manufacture a very well developed phishing campaigns to deceive the recipients and send them to their bogus websites, designated to steal personal information or to infect the accessing computer with malicious software. Email security applications block incoming attacks and control outbound messages to control what the in and outflow of sensitive information. Email security protects the system from malicious software including viruses, worms, Trojans, ransomware, spyware, and etc. Malware usually has payload dropping timers where they will invade the system and sit dormant until a specific event happens to trigger the payload. Malware may take days, weeks, months, or even years to activate depending on the expected outcome of the hacker. Anti-virus and anti-malware software is a software-defined methodology, which puts network traffic into different categories, which makes enforcement of security policies much easier. Divide and conquer. Network Segmentation is a very common method to separate user privileges to access only specific parts of the network. The process is called Network Access Control and it regulates which devices have what type of access rights. These may be limited, full-on the administrator with access to everything, and blocking the malicious or noncompliant users. Access Control is a big part of network security as well as one operates in conjunction with the other. Any software created has some vulnerabilities or contains holes. The attackers will use these to infringe on your network and cause havoc. Application Security is one of the best ways to detect malicious activity over the network. However, to be able to do this one must first know what normal behavior is. This is done via extensive logging and monitoring of usual activities and then spotting anything out of usual. Behavioural Analysis (DLP) is a method of making sure that the members of the organization do not send out sensitive information outside of the network. DLP is a technology that can prevent people from uploading, forwarding, or even printing critical data. Data Loss Prevention (IPS) scans network traffic for an attacker and blocks their access upon detection. Cisco has a cutting edge software called Next-Generation IPS (NGIPS) which do this by crosschecking with huge amounts of global threat intelligence and not only blocks the malicious attackers but also pays attention to the progression of hacker inside of the system to prevent further outbreaks and reinfections. Intrusion Prevention Systems is becoming more and more important day by day since the world has now gone almost fully handheld. As of today, losing your mobile phone may cause much more trouble than losing your wallet. Because of this cybercriminals are targeting our smartphones and applications. This is even more reinforced by the fact that loads of banking, shopping, and etc. activities are also done solely on the mobile devices. It is estimated that within the next 3 years, 90 percent of the IT organizations will have support for smartphone users. Due to this, MDS is becoming a vital part of network security. Mobile Device Security (SIEM) products are tools, which help security staff in identifying and responding to threats. SIEMs may come in different shapes and forms including physical and virtual appliances. Security Information and Event Management (VPN) is a piece of software, which encrypts the connecting from an endpoint to a network. This means that even if the attacker somehow comes by the information in the middle of the transfer they won’t be able to utilize it since it will all be encrypted by some VPN standard. Apart from this, tracking individual network connections is also becoming harder due to the fact that VPN providers have their own servers which help spread out the connection making geolocating the user harder. Virtual Private Network control corporate staff’s internet access. This method can be used to block malicious websites and web-based threats. Note: Web Security also refers to the steps one takes to protect their website. Web Security Solutions is a must-have in the 21st century as wireless networks are nowhere near as secure as wired ones. Since tapping into the wired network is almost impossible without a landline connection to the device, the wireless networks can be accessed using a device somewhere in the vicinity of the router making it that much more dangerous to use unprotected networks. This is why it is always recommended not to do banking or any other sensitive work on a public WiFi network. Wireless Security In addition to all of this, network security professionals will also utilize specific tools to keep track of what’s happening inside of the network. This may include stuff like: , which give deep insight into data traffic. This means that it shows information about connections and whats and wheres about every individual node. Packet sniffers scanners like Nessus Vulnerability software, like Snort Intrusion detection and prevention software, which attempts to penetrate your own network to see how robust the security standards are. The best way to understand the vulnerabilities is to try and crack it open. Penetration testing Conclusion Network Security is an integral part of the scheme to protect the system. As expensive and intensive as it may get the issues will always come up as you go. However, there are multiple tools that security professionals utilize to keep the system protected from malicious attacks. It is also important to note that not everyone needs to have a network security of the Pentagon. If someone is running a small business that does not keep personal information of customers or other highly sensitive data - there's no point in having 10 guards with watchdogs surrounding server room with blastproof door and a group of another 10 cybersecurity experts monitoring systems day and night. Everything is heavily dependant on what type of service one is providing and correct assessment of the damage control mechanisms. Apart from all of this, the security budget is usually set up after extensive research into possible threats to the company.

BUNCH

Cisco

Too Long; Didn't Read

Developers: Build Less. Deliver More. [Learn how]	

Network Security Basics

Too Long; Didn't Read

Companies Mentioned

Giorgi Artsivadze

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

Network Security Basics

Too Long; Didn't Read

Companies Mentioned

Giorgi Artsivadze

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES