Introduction Network security involves all activities that organizations, enterprises, and institutions undertake to protect the value and ongoing usability of assets and the integrity and continuity of operations. An effective network security strategy requires identifying threats and then choosing the most effective set of tools to combat them. P@$$W0RD
Threats to network security include: Viruses : Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event Trojan horse programs : Delivery vehicles for destructive code, which appear to be harmless or useful software programs such as games Attacks : Including investigation attacks (information-gathering activities to collect data that is later used to compromise networks); access attacks (which exploit network vulnerabilities in order to gain entry to e-mail, databases, or the corporate network); Data interception : Involves eavesdropping on communications or altering data packets being transmitted Social engineering : Obtaining confidential network security information through nontechnical means, such as posing as a technical support person and asking for people's passwords
Network security tools include: Antivirus software packages : These packages counter most virus threats if regularly updated and correctly maintained. Secure network infrastructure : Switches and routers have hardware and software features that support secure connectivity, perimeter security, intrusion protection, identity services, and security management. Dedicated network security hardware and software-Tools such as firewalls and intrusion detection systems provide protection for all areas of the network and enable secure connections.
Network security tools include: Virtual private networks : These networks provide access control and data encryption between two different computers on a network. This allows remote workers to connect to the network without the risk of a hacker or thief intercepting data. Identity services : These services help to identify users and control their activities and transactions on the network. Services include passwords, digital certificates, and digital authentication keys. Encryption : Encryption ensures that messages cannot be intercepted or read by anyone other than the authorized recipient.
Two Approaches to Security Open Door Is a type of security, in which you grant everyone access to everything by default and then place restrictions just on those resources to which you want to limit access. Close Door Is a type of security, in which you begin by denying access to everything and then grant specific users access to the specific resources that they need.
Physical Security: Locking Your Doors The first level of security in any computer network is physical security. Physical Guide Lines to Protect the Server ✦ Lock the computer room. ✦ Give the key only to people you trust. ✦ Keep track of who has the keys. ✦ Disable the floppy drive on the server.
Securing User Accounts Properly configured user accounts can prevent unauthorized users from accessing the network, even if they gain physical access to the network.
Here Are Some Ways In Which You Can Strengthen Users Account Your usernames Using passwords wisely
Summary Of Passwords Passwords must be at least five characters in length. A mixture of numbers and letters provides the greatest security; however, this is not required. Passwords must be unique. You cannot use the same password twice. Passwords must be changed every 60 days. The computer will prompt you and allow for grace logons
Securing the Administrator account At least one network user must have the authority to use the network without any of the restrictions imposed on other users. This user is called the administrator. Anyone who knows the default administrator username and password can access your system with full administrator rights and privileges, thus bypassing the security restrictions that you so carefully set up.
Hardening Your Network Using a Firewall Disabling unnecessary services Patching your servers
Securing Your Wireless Network Use encryption Use anti-virus and anti-spyware software, and a firewall Turn off identifier broadcasting. Allow only specific computers to access your wireless network.
The Impact of Network Security Improved productivity Enhanced control Improved usage of IT resources Utmost protection as well as security of data. Acceptance of a good network security system also ensures that only right personnel have the right level of access.
VLANs: Virtual Local Area Network VLANs support logical grouping of network nodes to reduce broadcast traffic and allow more control in implementing security policies.
Characteristics of VLANS Reduce the amount of broadcast traffic a network Each VLAN operates as separate local area network Members of a VLAN can only talk to other members of the same VLAN Traffic that needs to go between different VLANS is processed through a routing function in the managed switch.