Skip to content

Slaffcheff's place

System administration / DevOps / Life

  • About

Securing the network v2

Posted on February 25, 2015 - June 23, 2015 by Rosen Slavchev

First let’s start with a diagram of possible IO threats.

 

threats

 

Securing a network involves protocols, technologies, devices, tools, and techniques to secure data and mitigate threats. Many external network security threats today are spread over the Internet. The most common external threats to networks include:

  • Viruses, worms, and Trojan horses – malicious software and arbitrary code running on a user device
  • Spyware and adware – software installed on a user device that secretly collects information about the user
  • Zero-day attacks, also called zero-hour attacks – an attack that occurs on the first day that a vulnerability becomes known
  • Hacker attacks – an attack by a knowledgeable person to user devices or network resources
  • Denial of service attacks – attacks designed to slow or crash applications and processes on a network device
  • Data interception and theft – an attack to capture private information from an organization’s network
  • Identity theft – an attack to steal the login credentials of a user in order to access private data 

    It is equally important to consider internal threats. There have been many studies that show that the most common data breaches happen because of internal users of the network. This can be attributed to lost or stolen devices, accidental misuse by employees, and in the business environment, even malicious employees. With the evolving BYOD strategies, corporate data is much more vulnerable. Therefore, when developing a security policy, it is important to address both external and internal security threats.

So .. What are the security solutions to all these threats?

No single solution can protect the network from the variety of threats that exist. For this reason, security should be implemented in multiple layers, using more than one security solution. If one security component fails to identify and protect the network, others still stand.

A home network security implementation is usually rather basic. It is generally implemented on the connecting host devices, as well as at the point of connection to the Internet, and can even rely on contracted services from the ISP.

In contrast the network security implementation for a corporate network usually consists of many components built into the network to monitor and filter traffic. Ideally, all components work together, which minimizes maintenance and improves security.

Network security components for a home or small office network should include, at a minimum:

  • Antivirus and antispyware – to protect user devices from malicious software
  • Firewall filtering – to block unauthorized access to the network. This may include a host-based firewall system that is implemented to prevent unauthorized access to the host device, or a basic filtering service on the home router to prevent unauthorized access from the outside world into the network.

In addition to the above, larger networks and corporate networks often have other security requirements:

  • Dedicated firewall systems – to provide more advanced firewall capability that can filter large amounts of traffic with more granularity
  • Access control lists (ACL) – to further filter access and traffic forwarding
  • Intrusion prevention systems (IPS) – to identify fast-spreading threats, such as zero-day or zero-hour attacks
  • Virtual private networks (VPN) – to provide secure access to remote workersSo let’s summarize ..Networks must be reliable. This means the network must be fault tolerant, scalable, provide quality of service, and ensure security of the information and resources on the network. Network security is an integral part of computer networking, regardless of whether the network is limited to a home environment with a single connection to the Internet, or as large as a corporation with thousands of users. No single solution can protect the network from the variety of threats that exist. For this reason, security should be implemented in multiple layers, using more than one security solution.

    The network infrastructure can vary greatly in terms of size, number of users, and number and types of services that are supported on it. The network infrastructure must grow and adjust to support the way the network is used. The routing and switching platform is the foundation of any network infrastructure.

Posted in Cyber securityTagged attack, cisco, cyber, DDoS, DoS, hacker, malware, network, phishing, security, tojan, viruses, worm, zero-day

Post navigation

Securing the network v1
Firewall enterprise architecture v1

Recent Posts

  • Segmentation fault on openSUSE Leap 15.0
  • Подпишете петицията ПРОТИВ чл. 13.
  • Free image stock and graphical resources
  • Българският mirror на openSUSE
  • openSUSE в България с 2 събитие за този месец!

Archives

  • October 2019
  • November 2018
  • June 2018
  • April 2018
  • March 2018
  • January 2018
  • October 2017
  • August 2017
  • July 2017
  • July 2016
  • September 2015
  • August 2015
  • March 2015
  • February 2015

Categories

  • Automation
  • Cyber security
  • Hacking
  • Linux
  • MySQL
  • openSUSE
  • Phrack
  • Quicks
  • Scripting
  • Uncategorized
  • Up to date
  • Web Freedom
  • Windows Server
Proudly powered by WordPress | Theme: micro, developed by DevriX.