Network systems are one of the key players in contemporary business life. Some networks are private while others are open to public access. The obvious example of a public network is the Internet. Conversely, most big companies today prefer private networking accessed locally by limited number of people. Rapidly growing networks became even portable and dynamic and now may be accessed from homes or hotel rooms while on the road through normal telephone lines.
No matter whether your network is private or public it should have robust security and be safely protected. In this article we will discuss where network security starts and will describe common measures taken for its safety.
Why to secure?
This question might always come to your mind especially when you deal with public networks. For example, you may state that not Internet but you as a user should secure yourself from it on client side (personal PC with antivirus or spyware) not to grab a Trojan or malware threat into your system. And of course, you seem to be right from user’s point of view. The problem of network security becomes a more serious issue when you deploy a private network system which targets and serves particular group of people to communicate, collaborate and share.
Network Security is a process which involves all activities, provisions and policies that organizations and system administrators undertake to protect the integrity and continuity of operations, communications, data and their values in their network. In order to have an effective network security you should have security strategy. Planning and elaboration of such strategy is the preparatory part which guarantees a stable and targeted safety for your network. It assumes monitoring of the system, identification of threats and their solutions.
a. Identification of Threats
To heal the patient you should first know his disease and its source. Though providing network security is a complicated task but it may be ensured in this quite simple logic. Revealing threats is one of the key points in planning.
Threats to networks may be of different essence.
Viruses and Infections
Viruses occur in programs developed by fraudulent programmers and are designed to replicate themselves and infect systems when triggered by a specific event or service.
Software containing Trojans are a malware. Trojans seem to be harmless and even useful but instead they facilitate unauthorized access to the system and change system configuration or infect it. Examples of such applications may be games, converters, browser toolbars, desktop gadgets, widgets etc. As the name describes it always seems desirable and useful, thus users are tricked into downloading and installing them.
Vandal Applications or Applets
Vandals are software applications or applets that cause destruction to networks and systems. Unlike Trojan horse programs vandals exceptionally aim at crashing or destructing the system to the “pieces” without accessing or manipulating any data.
Network Systems are attacked for different purposes;
– Reconnaissance attacks aim at information-gathering and data collecting to compromise networks
– Access attacks exploit network vulnerabilities to gain entry to e-mail, databases and to manipulate the data
– Denial-of-service attacks, also known as DoS attacks, block access to part or all of a computer system. Such attacks are theoretically almost impossible to track and stop.
Data interception is eavesdropping of networks communications. Interception may also be used for not only catching the data being transmitted over a network but also altering those data packets.
Unauthorized Access and Intrusion
User authentication is the base activity for network security. Authentication is made mostly with a username and a password which are unique per user. There are also some other types of authentication such as authentication via user’s mobile phone, ATM card, fingerprints etc. Any unauthorized access to network may be considered as intrusion to system.
It is another form of obtaining confidential information related to network security such as posing as a technical support person and asking for people’s passwords. E-mail spoofing is one of the popular means in social engineering. It is an attempt to trick the user into making a damaging statement or releasing sensitive information such as password.
This list of threats may be expanded endlessly and be frustrating. If one has ever faced any of these threats (and you might have at least one case still being a simple PC user) then damages and loss caused to your insecure network may be really tangible and irretrievable.
b. Risk Management
Risk management is one of the essentials of network security planning. It is very important to understand risks and know how to handle them. Certainly risks and their definitions vary for different organizations and business areas. It depends on the security priorities and the policy adopted by the company. Risk management for network security is a periodic activity which contains network analyzing and monitoring for vulnerability and threats.
When we speak about network security we immediately associate it with concept of firewall.
Firewall is like “supervisor” enforcing access control policy between two connected networks. Once user is authenticated, firewall enforces access policies to establish what services are allowed to be used by users. Tools such as firewalls and intrusion detection systems provide protection for all areas of the network and enable secure connections. Network Firewalls are of two types – software based and hardware based. Typically, individual PC stations use Firewall Software meanwhile networks use dedicated Firewall Devices. Firewall Devices are designated for protecting many computers connected through a network. Thus choosing and deploying optimal firewall solution for your networking is so significant.
However, no firewall can detect or stop all attacks, so it’s not sufficient to install a firewall and then ignore all other security measures.
Even in case of effective security your system is not ensured against technical and electronic faults, often caused by hardware failure. To prevent any loss or critical damages to your network you must plan and realize periodic backups of the data and transmission logs. This will help easily recover your data in the event of such system failures. It is more than obvious… better to live with backups than to suffer of loss.
Let’s assume you have already identified your threats, setup risks management policy, and deployed an effective firewall for your network. What is next? Now you need a software system which will enable managing and centralized control over all ongoing measures and activities in your network system.
Nowadays IT market is rich in different network solutions software and it makes difficult to choose amongst them. For obtaining an optimal software solution for your network security you might first want to consider such factors as targeted solution, ability to handle voluminous data, ability to generate various reports on system status and security, customizability and of course easy-to use feature.
Today many companies specialize in reviewing and rating of software and applications available in market. Rating is provided through such factors as features, user-friendliness, performance, support, value for money etc. So if you are interested in deploying effective Software And Tools for your Network Security you should have closer look at some popular Ratings By Authoritative Reviewers.
None of these approaches alone will be sufficient to protect a network, but when they are layered together, they can be highly effective in keeping a network safe from attacks and other threats to security. In addition, well-thought-out corporate policies are critical to determine and control access to various parts of the network.
Originally posted at Network Security Magazine