Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Share tech news, updates, or what's on your mind.

Sign up to Post

Most people are under the false impression that installing an antivirus package, antispyware package, OS updates/security patches, and firewall are all you need to secure your network resources. Those methods are a good start, but leaves your network open to many additional vulnerabilities. This is why you might have heard of a multi-layered approach to IT security. I am about to discuss multi-layered security with you and give you some things to think about for network security.

Let’s take a quick moment to define the open systems interconnect model (OSI model). Under the OSI model, there are seven layers that encompass all IT networking. They are, in order:
Physical Layer
Data Link Layer
Networking Layer
Transport Layer
Session Layer
Presentation Layer
Application Layer— (Where most IT security products reside, including Anti-virus and Antispyware, and password authentication, {like Kerberos}.)

You might take a moment to familiarize yourself with the OSI model. The OSI model can be used for anything IT related, (especially troubleshooting and IT security). There are alternative models for differing types of systems but this is the most commonly referenced.

This is a pretty good article on the OSI model:
The OSI Layer Model

Before beginning, let's define a couple terms:

Remediation – in this article consider remediation as being a process to clean up malware after being infected.
Prevention
5
Defense in depth is one of the most important security principles that no one disagrees with, it simply states that IT security must be handled at different layers without neglecting any of them relying on other or others.  If I tried to clarify the concept with a non IT related example I would tell you that in large number of organizations access cards are implemented, and there is still security personnel working, so why didn’t we say we deployed access cards that’s a good and efficient way to control access to different areas of the building, let’s fire the security guys!

Simply because more than one security layer are implemented we are not satisfied by one of them we do use two or often more than two to achieve the most secure solution we can.  Back to Information technology, we will discuss briefly the different layers that should be secured and the most common tolls to do so:

Physical security:
Physical security is the most critical part because most people often don’t think of it when planning IT security, access to IT resources must be restricted to the authorized people only after all, if someone has unrestricted physical access to your system, it’s no longer your system, no matter what software and equipment you have deployed, with the appropriate skills, tools and time it will no longer be you system. The most common ways deployed here are security personnel, access cards, biometric access, and keeping logs of who did access the server
0

Network Security

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.