Network security is the practice of preventing and protecting against unauthorized intrusion into corporate networks. As a philosophy, it complements endpoint security, which focuses on individual devices; network security instead focuses on how those devices interact and on the connective fabric.
A network is secure only when it possesses the components that constitute the “CIA Triad.”
CIA triad is a distinguished model for the development of network security policies within an organization. It deals with the three crucial areas of security, namely, Confidentiality, Integrity, and Availability.
The fundamentals of network security are:
Physical security – Network equipment should be protected from physical harm and should be placed in a protected, designated environment with high security.
- Access Controls –
Users should have limited access on network resources based on their profiles and roles. Every application, network device or resource should have an access control list to ensure only authorized personnel access the resource.
- Authentication –
Every network resource should be protected from unauthorized use. Users or applications requesting access to a network resources should be asked for password as a basic security check. Authentication basically possess the question “Are you who you really say you are”. Authentication could consist of three key features which are:
- “something you know” – Ex. Password
- “something you are” – Ex. Fingerprint, Face scan, Iris Scan
- “something you have” – Ex. Smart Card
- Accountability –
Every user action on the network or infrastructure should be strictly mapped to a department or individual at all costs. This will help track changes and ensure all user actions are accountable.
There are many types of network security devices:
Firewalls put up a barrier between your trusted internal network and untrusted outside networks, such as the Internet. They use a set of defined rules to allow or block traffic. A firewall can be hardware, software, or both. Organizations offers unified threat management (UTM) devices and threat-focused next-generation firewalls
Network Security has many layers of threat detection, including different types of firewall protection such as:
- Packet filtering: A small amount of data is analysed and distributed according to the filter’s standards.
- Proxy service: Network security system that protects while filtering messages at the application layer.
- Stateful inspection: Dynamic packet filtering that monitors active connections to determine which network packets to allow through the Firewall.
- Next Generation Firewall: Deep packet inspection Firewall with application-level inspection.
- Email security
Email gateways are the number one threat vector for a security breach. Attackers use personal information and social engineering tactics to build sophisticated phishing campaigns to deceive recipients and send them to sites serving up malware. An email security application blocks incoming attacks and controls outbound messages to prevent the loss of sensitive data.
- Anti-virus and anti-malware software
“Malware,” short for “malicious software,” includes viruses, worms, Trojans, ransomware, and spyware. Sometimes malware will infect a network but lie dormant for days or even weeks. The best antimalware programs not only scan for malware upon entry, but also continuously track files afterward to find anomalies, remove malware, and fix damage
- Network segmentation
Software-defined segmentation puts network traffic into different classifications and makes enforcing security policies easier. Ideally, the classifications are based on endpoint identity, not mere IP addresses. You can assign access rights based on role, location, and more so that the right level of access is given to the right people and suspicious devices are contained and remediated