What is network security?
Wed Feb 17, 2016 12:53 pm
That is quite a large question. I am a CISSP and will do my best to answer. Network security, in general, is locking down your computer network to prevent unlawful or undesired usage of your network resources. Network Security is handled on multiple levels. Usually the first level is through the use of firewalls and filters (e.g. on a router). All network traffic can be funneled through a firewall. The firewall contains a set of rules (based upon the security policies of the network owner) that deny unwanted traffic in or out of the network (e.g. www.pornosite.com) Different firewalls have different capabilities and ways of lookign at the traffic. Some just filter things like web addresses while others do much, much more.
Another device used for network security is called IDS which is intrusion detection system. An IDS box looks for known traffic patterns that are known to be associated with malicious or unwated behaivor such as port scanning. An IDS alerts an administrator when malicious or unwanted traffic is detected. One step up from that is Intrusion Protection (IPS) which can be confiugred to actually shut down the offending data stream automatically.
Good Network Security also includes system security such as passwords, virus checks, educated users, etc.
There are lots and lots of ways to handle network security but the primary model is called defense in depth. This model puts in multiple layers of protection onto the network. Think of a secured building - a secured building has multiple layers of defense such as a perimeter fence, armed guards, dogs, cameras, badge readers, combination locks on exterior and interior doors, etc, etc. Network Secuity can be handled much the same.
In the end, Network Security will start with a sound Security Policy. You must first define what is allowed and what is not allowed behaivor before you can start throwing systems at it.
Another device used for network security is called IDS which is intrusion detection system. An IDS box looks for known traffic patterns that are known to be associated with malicious or unwated behaivor such as port scanning. An IDS alerts an administrator when malicious or unwanted traffic is detected. One step up from that is Intrusion Protection (IPS) which can be confiugred to actually shut down the offending data stream automatically.
Good Network Security also includes system security such as passwords, virus checks, educated users, etc.
There are lots and lots of ways to handle network security but the primary model is called defense in depth. This model puts in multiple layers of protection onto the network. Think of a secured building - a secured building has multiple layers of defense such as a perimeter fence, armed guards, dogs, cameras, badge readers, combination locks on exterior and interior doors, etc, etc. Network Secuity can be handled much the same.
In the end, Network Security will start with a sound Security Policy. You must first define what is allowed and what is not allowed behaivor before you can start throwing systems at it.
- Mark0
- Posts : 76
Join date : 2016-01-28
Re: What is network security?
Wed Feb 17, 2016 12:59 pm
Network security is about ensuring that the network infrastructure:
–preserves the confidentiality and integrity of the data.
–and remains available against attack.
–preserves the confidentiality and integrity of the data.
–and remains available against attack.
Re: What is network security?
Wed Feb 17, 2016 2:54 pm
Network security is a complicated subject, historically only tackled by well-trained and experienced experts. However, as more and more people become ``wired'', an increasing number of people need to understand the basics of security in a networked world.
Cryptography
Cryptography
Permissions in this forum:
You cannot reply to topics in this forum