Chapter 1 : Network Security (Page 22.214.171.124~126.96.36.199)
Mr.PC管理員Mr.PC 23/04/2018 16:25:48 #1390
Network security is an integral part of computer networking, regardless of whether the network is limited to a home environment with a single connection to the Internet or as large as a corporation with thousands of users. The network security that is implemented must take into account the environment, as well as the tools and requirements of the network. It must be able to secure data while still allowing for the quality of service that is expected of the network.
Securing a network involves protocols, technologies, devices, tools, and techniques to secure data and mitigate threats. Threat vectors may be external or internal. Many external network security threats today are spread over the Internet.
The most common external threats to networks include:
- Viruses, worms, and Trojan horses – malicious software and arbitrary code running on a user device
- Spyware and adware – software installed on a user device that secretly collects information about the user
- Zero-day attacks, also called zero-hour attacks – an attack that occurs on the first day that a vulnerability becomes known
- Hacker attacks – an attack by a knowledgeable person to user devices or network resources
- Denial of service attacks – attacks designed to slow or crash applications and processes on a network device
- Data interception and theft – an attack to capture private information from an organization’s network
- Identity theft – an attack to steal the login credentials of a user in order to access private data
It is equally important to consider internal threats. There have been many studies that show that the most common data breaches happen because of internal users of the network. This can be attributed to lost or stolen devices, accidental misuse by employees, and in the business environment, even malicious employees. With the evolving BYOD strategies, corporate data is much more vulnerable. Therefore, when developing a security policy, it is important to address both external and internal security threats.
No single solution can protect the network from the variety of threats that exist. For this reason, security should be implemented in multiple layers, using more than one security solution. If one security component fails to identify and protect the network, others still stand.
A home network security implementation is usually rather basic. It is generally implemented on the connecting end devices, as well as at the point of connection to the Internet, and can even rely on contracted services from the ISP.
In contrast, the network security implementation for a corporate network usually consists of many components built into the network to monitor and filter traffic. Ideally, all components work together, which minimizes maintenance and improves security.
Network security components for a home or small office network should include, at a minimum:
- Antivirus and antispyware – These are used to protect end devices from becoming infected with malicious software.
- Firewall filtering – This is used to block unauthorized access to the network. This may include a host-based firewall system that is implemented to prevent unauthorized access to the end device, or a basic filtering service on the home router to prevent unauthorized access from the outside world into the network.
In addition to the above, larger networks and corporate networks often have other security requirements:
- Dedicated firewall systems – These are used to provide more advanced firewall capabilities that can filter large amounts of traffic with more granularity.
- Access control lists (ACL) – These are used to further filter access and traffic forwarding.
- Intrusion prevention systems (IPS) – These are used to identify fast-spreading threats, such as zero-day or zero-hour attacks.
- Virtual private networks (VPN) – These are used to provide secure access to remote workers.
Network security requirements must take into account the network environment, as well as the various applications, and computing requirements. Both home environments and businesses must be able to secure their data while still allowing for the quality of service that is expected of each technology. Additionally, the security solution implemented must be adaptable to the growing and changing trends of the network.
The study of network security threats and mitigation techniques starts with a clear understanding of the underlying switching and routing infrastructure used to organize network services.
[Activity – Identify Network Security Terminology]
Denial of Service :
An attack whick shows down or crashes equipment and programes.
Virtual Private Network (VPN) :
Creates a secure connection for remote workers.
Blocks unauthorized access to your network.
Network attack that occurs on the first day that a vulnerability becomes known.
Virus, worm, or Trojan horse :
Arbitrary code running on user devices.