What are… Data Networks? Image by: JD Hancock/Flickr
WHAT WE’LL COVER:• Definition• Types of data networks: Private Public• Security: Explanation Concepts Types of attacks on networks• Compliance and ‘the problem’• Summary• Source List
A definitionData Networks are… Image by: JoshuaDavisPhotography
Data Networks“A data network is an electronic communications process that allowsfor the orderly transmission and receptive of data, such as letters,spread sheets, and other types of documents.What sets the data network apart from other forms of communication,such as an audio network, is that the data network is configured totransmit data only.This is in contrast to the audio or voice network, which is oftenemployed for both voice communications and the transmission of datasuch as a facsimile transmission.” Wisegeek.com
Types of Data NetworksThere are two basic types of data networks in operation today.1. The private data network“This is essentially a local network that is designed to allow for thetransmission of data between the various departments within a given entity,such as a company.All locations of the company may be included as nodes on the network, andbe able to communicate through a common server that functions as therepository for any and all data files that are used throughout the business.There are also examples of a private data network that allows for datasharing between several companies that are part of the same profession orindustry.Connections to this type of network can be achieved through the creation ofa virtual private network, or VPN that resides on a master server, or byprovisioning the connections through a communications carrier.” Wisegeek.com
Types of Data NetworksThe second is quite different.2. The public data network“In contrast to the private data network, the public data network will be widely accessibleto both residential and corporate clients of a given carrier network.The setup of a public network may involve the utilization of multiple servers andconnection to the network through several different processes.Often, a public data network will require some type of subscription process, such as amonthly usage fee.Upon receipt of the fee, the service provider will allow the creation of access credentialsthat will allow the consumer to access authorized portions of the network and engage inseveral functions commonly involved with data.These include the ability to retrieve stores documents, create backups of important datafiles, and archiving data such as historical information or other data that is understood tobe valuable for future applications." Wisegeek.com
Network Security Data Networks Image by: Freefoto
Network Security Explanation “In the field of networking, the area of network security consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources. Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.” Wikipedia
Network Security Concepts “Network security starts with authenticating the user, commonly with a username and a password. Since this requires just one detail authenticating the user name —i.e. the password, which is something the user knows— this is sometimes termed one-factor authentication. With two-factor authentication, something the user has is also used (e.g. a security token or dongle, an ATM card, or a mobile phone); and with three-factor authentication, something the user is is also used (e.g. a fingerprint or retinal scan). Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS) help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network and traffic for unexpected (i.e. suspicious) content or behaviour and other anomalies to protect resources, e.g. from denial of service attacks or an employee accessing files at strange times. Individual events occurring on the network may be logged for audit purposes and for later high-level analysis. Communication between two hosts using a network may be encrypted to maintain privacy. Honeypots, essentially decoy network-accessible resources, may be deployed in a network as surveillance and early-warning tools, as the honeypots are not normally accessed for legitimate purposes. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis may be used to further tighten security of the actual network being protected by the honeypot.” Wikipedia
Network Security Types of attacksNetworks are subject to attacks from malicious sources. Attacks can be from two categories1. "Passive" when a network intruder intercepts data traveling through the network2. "Active" in which an intruder initiates commands to disrupt the networks normal operation.Types of attacks include:Passive Network 1. wiretapping 2. Port scanner 3. Idle scanActive 1. Denial-of-service attack 2. Spoofing 3. Man in the middle 4. ARP poisoning 5. Smurf attack 6. Buffer overflow 7. Heap overflow 8. Format string attack 9. SQL injection Wikipedia Image by: Gloriamundi.blogsome.com
Compliance Data Networks Image by: thewhizzer.blogspot.com
Network Compliance The Problem“Governments compliance requirements are growingincreasingly complex and federal chief information officers aretasked with securing data and networks, authenticating users,and preparing for disasters — all while continually auditing andreporting on compliance.” Juniper.netWith this problem surrounding the day to day functioning ofsecurity and compliance certain products are needed to ensurethat networks not only abide by government guidelines and rulesbut also ensure that networks can still maximise on functionality.
Summary A data network is an electronic communications process that allows for the orderly transmission and receptive of data and which is defended or made different to another network depending on the type of network that it is: Types of data networks: private or public By understanding network security and the various concepts it pertains to, one can try and protect a network from various types of attacks on networks that are either passive or aggressive Compliance and ‘the problem’ can help network owners or managers to ensure their network is not only compliant with legal rules and guidelines but is safe from attacks and can still function to its full capability.
Credits1. Images: CC from Flickr (click on CC pictures for attribution) and Google CC images2. Information: Please click on source names in slideshow for their original source