|
Network security is a sub-field of networking and is the responsibility of the network administrator. The objective of network security is to detect and prevent unauthorized access of the network and any potentially damaging activities. Network attacks could include denial of service (DoS), port scans, or attempts to crack computers. Networks can be made increasingly secure when more layers of various security utilities are added to a system. The first layer of network security is usually authentication. This is when a user commonly must provide credentials, such as a username and password to access the network and various resources. Authentication can be classified as “one factor,” “two factor,” or "three factor." One factor authentication involves one credential that you know by memory, such as a password. Two factor authentication involves a credential that you know and a credential that you physically have, such as an ATM card. A three factor authentication would include credentials such as a fingerprint or retinal scan. The more factors you have in authentication, the more secure the system will be. After authentication, the next layer is the firewall. This utility enforces the rules of the network while you’re inside and keeps unauthorized entities out. It basically acts as a filter for incoming communications from outside computers that want to talk to the network. Users can only access what their credentials allow when they are inside the network and the firewall is the regulator between users and the network’s services and resources. However, firewalls are not perfect. Some firewalls might not notice certain types of malware such as computer worms or Trojans that are trying to enter the network. Another layer of security, such as anti-virus software or an intrusion prevention system (IPS), is highly recommended to assist the firewall and authentication layers. Anti-virus software is helpful for homes and for small to large businesses because they can be updated frequently by the vendor and they are designed to recognize a wide variety of malware. One of the best tools for implementing strong network security is a Network Intrusion Detection System (NIDS), which is a type of computer intrusion detection system that monitors the traffic on a network to look for malicious activity. A NIDS detects attacks by listening to all of the available network packets and looking for common intrusion patterns, such as cross-site scripting or denial of service attacks. The items scanned include incoming and outgoing packets. Communication encryption between two hosts using a network is another effective security layer that can be employed. It makes it very difficult for an intruder to break encryption patterns and recognize the private communications. One final layer of security could be the “honeypots” strategy. A “honeypot” is a nickname for decoy resources on the network that are intended to be early-warning surveillance tools. Normal users will know not to access the “honeypot” so when attackers try to break into a “honeypot,” it will be noticed by the network administrator and the attack will be analyzed. This analysis will help the network administrator understand the attack and develop a method for tightening security against that type of attack.
(comments are locked)
|
