Create an account


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Network Security Methods and Tools

#1
Network security is the practice of preventing and protecting against unauthorized intrusion into corporate networks. As a philosophy, it complements endpoint security, which focuses on individual devices; network security instead focuses on how those devices interact, and on the connective tissue between them.

The overall thrust is the same: network security is implemented by the tasks and tools you use to prevent unauthorized people or programs from accessing your networks and the devices connected to them. In essence, your computer can’t be hacked if hackers can’t get to it over the network.

Definitions are fine as top-level statements of intent. But how do you lay out a plan for implementing that vision? Stephen Northcutt wrote a primer on the basics of network security for CSOonline over a decade ago, but we feel strongly that his vision of the three phases of network security is still relevant and should be the underlying framework for your strategy. In his telling, network security consists of:

  • Protection: You should configure your systems and networks as correctly as possible
  • Detection: You must be able to identify when the configuration has changed or when some network traffic indicates a problem
  • Reaction: After identifying problems quickly, you must respond to them and return to a safe state as rapidly as possible


Network security methods:

To implement this kind of defense in depth, there are a variety of specialized techniques and types of network security you will want to roll out. Cisco, a networking infrastructure company, uses the following schema to break down the different types of network security, and while some of it is informed by their product categories, it’s a useful way to think about the different ways to secure a network.
  • Access control: You should be able to block unauthorized users and devices from accessing your network. Users that are permitted network access should only be able to work with the limited set of resources for which they’ve been authorized.
  • Anti-malware: Viruses, worms, and trojans by definition attempt to spread across a network, and can lurk dormant on infected machines for days or weeks. Your security effort should do its best to prevent initial infection and also root out malware that does make its way onto your network.
  • Application security: Insecure applications are often the vectors by which attackers get access to your network. You need to employ hardware, software, and security processes to lock those apps down.
  • Behavioral analytics: You should know what normal network behavior looks like so that you can spot anomalies or breaches as they happen.
  • Data loss prevention: Human beings are inevitably the weakest security link. You need to implement technologies and processes to ensure that staffers don’t deliberately or inadvertently send sensitive data outside the network.
  • Email security: Phishing is one of the most common ways attackers gain access to a network. Email security tools can block both incoming attacks and outbound messages with sensitive data.
  • Firewalls: Perhaps the granddaddy of the network security world, they follow the rules you define to permit or deny traffic at the border between your network and the internet, establishing a barrier between your trusted zone and the wild west outside. They don’t preclude the need for a defense-in-depth strategy, but they’re still a must-have.
  • Intrusion detection and prevention: These systems scan network traffic to identify and block attacks, often by correlating network activity signatures with databases of known attack techniques.
  • Mobile device and wireless security: Wireless devices have all the potential security flaws of any other networked gadget — but also can connect to just about any wireless network anywhere, requiring extra scrutiny.
  • Network segmentation: Software-defined segmentation puts network traffic into different classifications and makes enforcing security policies easier.
  • Security information and event management (SIEM): These products aim to automatically pull together information from a variety of network tools to provide data you need to identify and respond to threats.
  • VPN: A tool (typically based on IPsec or SSL) that authenticates the communication between a device and a secure network, creating a secure, encrypted “tunnel” across the open internet.
  • Web security: You need to be able to control internal staff’s web use in order to block web-based threats from using browsers as a vector to infect your network.

Network security software:

To cover all those bases, you’ll need a variety of software and hardware tools in your toolkit. Most venerable, as we’ve noted, is the firewall. The drumbeat has been to say that the days when a firewall was the sum total of your network security is long gone, with defense in depth needed to fight threats behind (and even in front of) the firewall. Indeed, it seems that one of the nicest things you can say about a firewall product in a review is that calling it a firewall is selling it short.
But firewalls can’t be jettisoned entirely. They’re properly one element in your hybrid defense-in-depth strategy. And as eSecurity Planet explains, there are a number of different firewall types, many of which map onto the different types of network security we covered earlier:
  • Network firewalls
  • Next-generation firewalls
  • Web application firewalls
  • Database firewalls
  • Unified threat management
  • Cloud firewalls
  • Container firewalls
  • Network segmentation firewalls


Indian Cyber Army | Make IT Secure
We Are Indian We are Great
Enjoy…Stay Happy…Stay Secure…
Reply



Forum Jump:


Users browsing this thread:
1 Guest(s)

Forum software by © MyBB Theme © iAndrew 2016