Network Security

WHAT IS NETWORK SECURITY?

Network security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment.

What are the specific threats that you should be aware of for the security:

Spam

• Spam is unsolicited junk mail. It comes in the form of an advertisement, and in addition to being a time waster, has he ability to consume precious network bandwidth.

Spyware

• Spyware usually invades computers through software downloads. Shareware and freeware downloads, in addition to peer-to-peer file sharing are typical infection points. The intent is to gather a user's information by monitoring Internet activity and transmitting that to an attacker.

Adware

• Similar to spyware, adware observes a user's Internet browsing habits. But the purpose is to be able to better target the display of web advertisements.

Worm

• A worm is a specific type of virus. Unlike a typical virus, it's goal isn't to alter system files, but to replicate so many times that it consumes hard disk space or memory. Worm victims will notice their computers running slower or crashing.

Virus

• The term "virus" has been used as a catchall phrase for many threats. Essentially, a virus is a computer program that, like a medical virus, has the ability to replicate and infect other computers. Viruses are transmitted over networks or via USB drives and other portable media.

Privilege Escalation

• Software programs often have bugs that can be exploited. These bugs can be used to gain access to certain resources with higher privileges that can bypass security controls.

Trojan

• Trojan horses, commonly referred to as Trojan, are programs. They masquerade as normal, safe applications, but their mission is to allow a hacker remote access to your computer. In turn, the infected computer can be used as part of a denial of service attack and data theft can occur.

Logic bomb

• You may have also heard the term "slag code" to refer to logic bombs. They are bits of code added to software that will set off a specific function. Logic bombs are similar to viruses in that they can perform malicious actions like deleting files and corrupting data.

Rootkits

• Rootkits are some of the most difficult to detect. They are activated when your system boots up -- before anti-virus software is started. Rootkits allow the installation of files and accounts, or the purposes of intercepting sensitive information.

Botnets

• Botnets are created with a Trojan and reside on IRC networks. The bot can launch an IRC client, and join chat room in order to spam and launch denial of service attacks.

Types of Network Security

Antivirus and Anti-malware Software 

This software is used for protecting against malware, which includes spyware, ransonware, Trojans, worms, and viruses. Malware can also become very dangerous as it can infect a network and then remain calm for days or even weeks. This software handles this threat by scanning for malware entry and regularly tracks files afterward in order to detect anomalies, remove malware, and fix damage.

Application Security 

It is important to have an application security since no app is created perfectly. It is possible for any application to comprise of vulnerabilities, or holes, that are used by attackers to enter your network. Application security thus encompasses the software, hardware, and processes you select for closing those holes.

Security Information and Event Management (SIEM)

SIEM products bring together all the information needed by your security staff in order to identify and respond to threats. These products are available in different forms, including virtual and physical appliances and server software.

Virtual Private Network (VPN)

A VPN is another type of network security capable of encrypting the connection from an endpoint to a network, mostly over the Internet. A remote-access VPN typically uses IPsec or Secure Sockets Layer in order to authenticate the communication between network and device.

Network Access Control (NAC)

This network security process helps you to control who can access your network. It is essential to recognize each device and user in order to keep out potential attackers. This indeed will help you to enforce your security policies.


Wireless Security

Wireless networks are not as secure as wired ones and this makes way for hackers to enter. It is thus essential for the wireless security to be strong. It should be noted that without stringent security measures installing a wireless LAN could be like placing Ethernet ports everywhere. Products specifically designed for protecting a wireless network will have to be used in order to prevent an exploit from taking place.

Web Security

A perfect web security solution will help in controlling your staff’s web use, denying access to malicious websites, and blocking web-based threats. It enables protecting your web gateway on site or in the cloud. “Web security” also refers to the steps taken in order to protect your own website.

Firewalls

Firewalls place a barrier between your trusted internal network and untrusted outside networks, like the Internet. A set of defined rules are employed to block or allow traffic. A firewall can be software, hardware, or both. The free firewall efficiently manages traffic on your PC, monitors in/out connections, and secures all connections when you are online.

Intrusion Prevention System (IPS) 

An IPS is a network security capable of scanning network traffic in order to actively block attacks. The IPS Setting interface permits the administrator to configure the ruleset updates for Snort. It is possible to schedule the ruleset updates allowing them to automatically run at particular intervals and these updates can be run manually on demand.

Email Security

Email gateways are considered to be the number one threat vector for a security breach. Attackers use social engineering tactics and personal information in order to build refined phishing campaigns to deceive recipients and then send them to sites serving up malware. An email security application is capable of blocking incoming attacks and controlling outbound messages in order to prevent the loss of sensitive data.