Network security has become a hot topic. While protecting your small home network is relatively straight-forward, keeping large networks safe is a completely different story. Firewalls can handle most of the attacks that come from the outside world but you also need to be able to handle attacks coming from the inside. Here is a short network security overview, explaining the basics.
Computer networks have become vital parts of many companies, any disruption can quickly become expensive. Redundancy solves most hardware issues but attacks can not be solved with just redundancy. Network security must take care of attacks, protecting from attacks both from the outside and as well as from the inside.
Firewalls are good protecting against intruders trying to get into the network. But protecting against coordinated denial of service attacks is much more difficult. The Internet protocols were developed without much concern about security. After all, the research networks were quite friendly places. Today’s Internet is a completely different beast. Security has been added but a lot of problems are caused by the fact that most TCP/IP protocols in general expect the participants to be nice guys who don’t try to exploit the lack of security. Here you have more information about firewalls
But for many organizations, firewalls are a good solution against outside threats. Apart from relatively few high-profile organizations, coordinated Denial-Of-Service attacks are seldom a problem. Firewalls are good at protecting networks, gone are the days when outsiders could easily discover the main servers in a network and try to break into them using basic brute-force attacks.
VPN, Virtual Private Network, can be used to give authorized users secure access to the internal network. VPN uses tunneling protocols and encryption, giving remote uses a secure connection to the company network. Various VPN solutions exist, many of them require a securID token. This requires that VPN users both know a password and have a specific device. This is known as two factor authentication, based on something you know and something you have. This makes it very difficult for outsiders to gain access. Even if they manage to steal a securID token, they need to find out the password associated with this token. If a securID token has been stolen, it can be disabled, preventing it to be used for gaining VPN access. All in all, it is considered as a very safe solution.
Insiders are often bigger concern. After all, they are already inside the firewall and can often create a lot of serious problems without having many hurdles to worry about. Insider attacks are difficult to prevent but with the right security design, the damage can generally be limited. Intruder detection systems are generally deployed so that insider attacks can be detected early. But the subject is one of the most important in computer and network security, the solutions for preventing threats from the outside have proven to be very efficient.Threats from the inside has proven to be a much tougher challenge. Here you can read more about insider attacks.
With the success of the Internet, the TCP/IP protocols have become the de facto standard in networking. In the early days of data communications, there were a lot of different protocols. Some of them are still in use but TCP/IP is generally the protocol used on public networks.
New security flaws are found all the time in network equipment, or more exactly, in the software running on these devices. This means that network devices such firewalls and routers need to be patched regularly. Fortunately, this can often be done without taking the devices offline. Servers often have to be rebooted after patching, something that can be difficult to do in today’s 24×7 world. Network equipment can often be configured so that patching can be done without affecting the service.