Free Essay

Network Security

In:

Submitted By blob
Words 4285
Pages 18
Network security is the process of protecting the user from things that can potentially ruin a computer or leak information that other people should not have access to.Some things that can attack a network system include viruses,worms, as well as trojan horses, spyware along with adware,attacks called zero hour,attacks by hackers,denied service hacks,data interception and theft,and the last on being identity theft.In order for network security to work it needs to have both hardware as well as software to protect the network which is done with things such as anti virus and spyware software.It also needs a firewall which is responsible for blocking the unauthorized user from gaining access to the network.Intrusion prevention systems which are tasked with identifying attacks such as zero hour.The last thing to make network security work is a virtual local area network which provides secure remote access.

By using these various methods of protecting the network it will benefit the businesses by receiving the customers trust in the company by making sure their privacy is protected in such ways as making sure things like credit card data or sensitive data is stolen and exploited.It also makes sure the network is secure even if it is being used by someone remotely as long as they are authorized to use it.By allowing the employees to use the network from a variety of places it makes the productivity of the employees more so than if at the office.Another benefit of network security is it lessens the amount of time spent having to get rid of things like viruses which slow down the employees work schedule.By having network security in place it allows businesses to run without a huge chance of something going wrong which costs the company money that can go to other places.The last thing having network security is it allows a easier time in the future to add things to the network without having much hassle.

Network security can be put into different categories depending on the type of field it is protecting.For example if in the legal department the network security is there to ensure compliance with regulatory constraints.If working as a product engineer the network security may be in place to protect what it is that you are working on.Regardless of the type of business it is protecting the network security protocols will always follow three steps that include confidentiality which makes it so sensitive information does not reach the wrong people.Then there is integrity which is in place to ensure that the information being obtained is correct.The last step of the network security protocol is availability which is there to prevent as well as keep the people who want to do harm from getting into the systems and either taking or shutting down the systems.

Depending on the location of the network also depends on the amount of network security that will typically be needed.For example a home or a small business may only need the basic firewall or a threat intrusion system along with a basic version of a anti virus software.Also take into consideration if using a wireless network to change the name of the network along with disabling SSID broadcast as it is not needed for home or small businesses.In a home or small business it is also important to enable the mac address which allows it to keep track of all filtering on one router.It is also important to assign a static ip address to networking devices as this will detract potential hackers from intruding on the network.Another thing to do is to make sure that is ICMP ping is disabled on the router.Make sure every once in a while you log into the router to review the logs looking for potential suspicious activity.It is very important to try to use different passwords for everything just in case one of your things were to get hacked into it would not affect the other network devices that have different passwords.If using Windows as the operating system make a account for each individual in the home and also use non administrative accounts for everyday things except bank accounts and medical information.The last thing to do to enhance network security in the home is to talk to children about the importance of it and what they can do to help.

In a medium business structure it is important to have a fairly strong firewall or a unified threat management system.It is also important to use a stronger type of anti virus software along with a strong internet security software.For things that require you to log in make sure that the passwords are long and it is a good idea to change them at least on a bi weekly basis.This is especially important when using a wireless network.When running a medium business it is important to talk to the employees about the physical security when it comes to protecting the sensitive information being used.It is also a good idea to use a network analyzer or a network monitor.It is also good to make sure that the manager in charge is enlightened to what is going on.If wanting to communicate to others that are spread out you should use a virtual local area network as it is very secure and is less expensive to operate.Another important thing to do would be to make sure the employees know the rules when it comes to the internet at the work place.A smart thing with a medium business is to create log in credentials for all employees and add monitoring to it so if something goes wrong the employee can be held accountable.In case of a hardware failure it is a good idea to have backups in place.Make sure that all computers in the business have messenger disabled as that can open the doors to potential hackers.Create a group of workers whose job is to research network security practices and develops training for the employees.

For a large business it is important to have a strong firewall along with a proxy which will keep potential hackers out of the network.It is also a good idea to make sure you have a very strong anti virus software along with a internet security package.For a large business that utilizes in log in information it is important to change the password on a weekly basis to prevent hacks.When using a wireless connection make sure the password being used is very long and not something that a potential hacker can easily figure out.In the large business environment it is also important to talk to the employees about the physical features in place to protect the network from unauthorized users.It is also good to make use of a network monitor and use it as needed.In the large business environment it is important to add extra security like close circuit cameras to watch the entry ways of restricted areas.Another good thing to do would to add fencing around the property so people know if they are entering a restricted area.In the server rooms along with security rooms it is important to have fire extinguishers in the sensitive areas.If needed another physical way to ensure the area is protected is to invest in hiring security officers to patrol the sensitive areas.

In a place like a school it is important to have a flexible system that will allow authorized access both inside and outside of the building.You also want to ensure there is a strong anti virus along with a internet security package.Also would be wise that all wireless connections have to go through the firewall.If in the United States the school also has to make sure that it follows the children’s internet protection act compliance.It is also wise to hire someone to continually supervise the network so all updates are installed as soon as possible.It is very important to have a set of policies that pertain to both the school property as well as personal property.If it is for a higher education or institute network it has to follow what is known as the FERPA compliance.

In a government network it is extremely important to have a strong firewall and proxy to keep unauthorized people from getting in the network.It is also very important to make sure you have a strong anti virus as well as internet security suites.You also need to make sure all sensitive data is encrypted to prevent people from easily getting the information.It is also wise to block any unknown connections to the network and only allow the ones that are used by the company.It is important to make sure all the hardware is located in a secure area and locked.The host should be located on a hidden network that is invisible on the outside.Put fencing up and make arrangements so the wireless network only will go so far.One of the last things to do would to be have a inventory system of all hardware along with the software being used in the building.

In order for these steps to work there are different types of controls that help protect the data or anything else that needs to be protected which include administrative controls which are a set of procedures or policies for the security protocol to follow.The physical security control is responsible for anything physical such as a lock or a fence to deter the process of unauthorized access to the particular network components.The technical controls are put in place to do different things such as controlling access to the network,Placing sensitive data on a server that has added security,controls the actions of malware as well as unauthorized intrusion activity,controls the access to critical network structure.One of the main things done on the perimeter side of the defense is gives access computers that are authorized to be on the particular network.The perimeter security is also responsible for letting users that allowed to gain remote as well as local access to the network.Perimeter defense is also going to be responsible for monitoring the network for unusual behavior which could be a sign of a network intrusion.

The firewall is the device used to store all the information that is allowed to go through the particular network and the intrusion prevention system is tasked at filtering the traffic looking for data that may have been compromised along with files that may be linked to known malware.The intrusion prevention system is also going to keep a eye out for port scanning which is a sign that a network attack may take place.The best way for the network to stay protected is to ensure the encryption keys are strong as well as traffic is encrypted.

There are also common controls which are in place to support and include segmentation which is responsible for separating the sensitive data from the data that is available to general users on the network.The most used form of segmentation is virtual local area networks which are made in a enterprise switch configuration.Another common control is called host anti malware and intrusion prevention which is a final defensive line to prevent malware or unauthorized personal from getting through the system.The other thing it does is isolates the behavior that it sees as unwanted.Another form of common controls is access control which is log in systems for users authorized to get into system.It also does system to system authentication which verifies the certificates of the two computers trying to connect to.Another thing is network segment access control which is tasked with only allowing the authorized user access to information and is accomplished with a combination of the security controls.The last part of access control is restricting the physical access to the critical infrastructure systems because regardless of much network security is in place it would be harder for unauthorized access with things such as security guards as well as cameras.Secure configuration is another form of common control and is used to harden the devices which is done by only using the ports along with services that are needed.Making sure that the security patches are installed as they are made available.Another thing is to only open the traffic that is required for the business.The last thing to do when securing a configuration is to follow the vendors directions for setting up the devices such as routers and modems.The last common control is the monitoring,alerting,as well as the reporting which is accomplished by creating a log of all the activity on the network.

Firewalls have gone through quite a bit from the time they were first introduced to what companies have at the moment.The first firewalls were referred to as access control list and were very basic as they were only able to read the packet headers which means that they could not understand all the traffic coming in.The next iteration was proxy firewalls which were responsible for processing the traffic after it reaches the destination and that is when it makes the decision of either letting the traffic through or not.The next one is called stateful inspection firewall which monitored all traffic connections until a connection was closed.After that the next iteration was unified threat management solutions and it was responsible for consolidating firewall,the anti virus,and ips into a single piece of hardware.They also typically would have the ability to include multiple network security capabilities.The newest is called next generation firewalls and were designed to bring advanced firewalls,ips/ids,url filtering along with threat protection.These new solutions ensure higher security than previous firewalls because they are all implemented as one single product.

The anti virus software is able to detect these different viruses due to a complex dictionary of known viruses along with being able to identify suspicious behavior from a computer which can be a indication of a infection on the computer.The virus dictionary approach is handled by taking a file and running it through a long list of known viruses which the developer of the anti virus software has acknowledged as being a virus it is either deleted,put into a quarantine area for the user to decide what to do with it or repair the file.In order for this method to work the user has to keep the software updated with all the new known viruses.The other approach is the suspicious behavior approach although it does not identify the viruses it is there to monitor the incoming as well as the outgoing traffic.Another detection method is known as the sandbox and it emulates the operating system and looks for any changes which could indicate a virus.

In the near future there may more companies susceptible to attacks because more and more companies are using the cloud to store data along with numerous other things that could harm a individual or the entire company.Because of the advancements made to improving the network security it forces cyber criminals to take more from a smaller group of people than previously done.Cyber criminals will continue to exploit android devices through malware to get monetization.There will also be more attacks on things such as mobile applications as well as different social networks.There is likely going to be new weapons that are utilized by the cyber criminals to carry out the attacks on the various things.Also with most companies switching to the newer 64 bit systems we will likely see malware that is not able to run on the newer systems.

At the moment there are roughly about ten companies that are playing a huge role in network security which include Cisco which was founded in San Francisco California in 1984 by its two founders Leonard Bosack as well as Sandy Lerner.Cisco is still believed to be the top leader when it comes to network devices.International Business Machines Corporation which is also known as IBM for short was founded in Endicott,New York in the year 1911 by its founders Thomas J. Watson along with Charles Ranlett Flint and is to be considered the second most common company in network security.The third most common company that works with network security is Microsoft which was introduced in Albuquerque,New Mexico in 1975 by two founders which are Bill Gates along with Paul Allen and is currently headquartered in Redmond, Washington.Hewlett Packard or HP for short is considered to be the fourth largest when it comes to network security and was founded in 1931 by Bill Hewlett as well as Dave Packard and is currently headquartered in Palo Alto, California.Dell was founded in Austin, Texas in 1984 by its founder Michael Dell and is considered to be the fifth largest company in network security.The sixth largest company that is involved in network security is Intel which was founded in 1968 by the two founders who are Gordon Moore along with Robert Noyce and is currently headquartered in Santa Clara, California.Verizon is the seventh largest supplier in network security and was founded in 1983.EMC corporation was founded in 1979 by its two founders Richard Egan along with Roger Marino and is currently headquartered in Hopkinton, Massachusetts where it is the eighth largest in network security.Symantec is the ninth largest supplier of network security and was founded in Sunnyvale, California in 1982 by Gary Hendrix and is currently headquartered in Mountain View, California.At&t is considered to be the tenth largest company involved in network security and was founded in 1983 and the main headquarters is located in Dallas, Texas.

In today’s market when it comes to different possible attacks that are possible in network security which can include passive attacks which is where they are looking for unencrypted traffic that can be utilized to carry out other attacks.A active attack is when a unauthorized person is attempting to bypass or break into a otherwise secured system.They accomplish this by using some or all of the following which includes viruses,worms,and trojan horses.When these attacks take place there is modification or loss of files.Another attack is a distributed attack requires the user being hacked to provide code to be able to backdoor the software at a later date.A insider attack is a employee that is unhappy is trying to harm the company they work for.When doing this they typically will restrict access to other employees who normally would have access to the network so they can either steal or damage the information that is on the network.A close-in attack involves someone trying to get information about a particular network so they can find ways of exploiting it to harm a individual or a company.Another type of attack that is popular is a social engineering attack where the attacker is damaging the network through social interaction with the user.A phishing attack is a hacker creates a web site that is fake but looks exactly as the normal web site.When the user clicks on a particular link and enters their log in information it is then given to the hacker that is phishing.A hijack attack is when a hacker takes control of a session and drops the communication that you were talking to although you still believe you are interacting with someone you know.Spoof attacks are when the source address of the packets are modified by the hacker so they can get through the firewalls settings.A buffer overflow is when the hacker is sending more information to a application than is normally expected by the application which will typically allow the hacker to gain administrative access to the particular system being hacked.The exploit attack is when the hacker knows of a loophole in a system such as a operating system or a piece of software and uses it to their advantage.The password attack is when the hacker is cracking the network looking for passwords to get into a password protected file.There are three different types of password attacks which include dictionary attack along with Brute-force and a hybrid attack.

The most important goal when it comes to regulations in network security is to maintain as well as protect the compliance issues.Other important things include establishing along with implementing control.Another important thing is to identify the vulnerabilities along with prevent them from happening.The last thing is to improve on the reporting which can ultimately improve the compliance of the company or organization.All companies do their part in making sure that the employees are working with the current regulations in hand because otherwise tehy would be subject to extremely heavy fines and could potentially go out of business because of it.If the company has stocks then you are responsible to abide by the legal requirements of the Sarbanes Oxley which is named after the two senators who came up with the bill in 2002 to prevent future episodes from happening again.One of the requirements of this bill is that the company executives are required to certify that the financial statements are true.

The implications in today’s network security are always changing due to the hackers always finding new ways to get around even the most complex network security systems in the world and that is why there are always patches for anti virus along with anti spyware software because without the patches it would allow the hackers having a easier time getting into the network.

In today’s market there are three types of wireless network security methods which include wifi protected access which is when the information is encrypted as well as makes sure that the network key has not been modified without permission.The wifi protected access is also responsible for making sure that only authorized users are using the particular network.There re two different types of wifi protected access and they include WPA which is responsible for working with all wireless network adapters although it may not work with older adapters.WPA2 is considered to be more secure than WPA but also will not work with the older network adapters.WEP is another method used and is a older security method but is still in use today.WEP sends the encrypted information from one computer to another computer but is easy to hack into and is not recommended for use anymore.802.1x authentication is there to enhance the security used in 802.11 wireless networks along with wired Ethernet networks.It does so by using a server to validate the users on the network as well as provide the network access to the users.

In addition to all the hardware and software used to protect a user or business from losing information there are steps that can be taken to reduce the chance of having a intrusion from a hacker and they include making sure that the room that all the servers are in have a extremely reliable lock along with making sure that there is a policy set in place to make sure that when the authorized personal are finished that they make sure that the doors are shut and locked properly.The second main step to protect the servers would be to install a video surveillance system as even if a door is locked it will not always stop the intruder from breaking in or gaining entry if there is also some sort of smart card that only authorized people will have access to.The third step is to ensure that the things that are the easiest to get into are locked in a special room because a hacker could use something known as a sniffer to capture the traveling data otherwise.The fourth thing is to use rack mounted servers as they are easy to set up but are also easy to secure from hackers.The fifth main thing to do is to make sure that any unused workstations are locked up as they are a easy entry point for a potential hacker to get into the system.Another thing is to make sure that all computer cases have locks on them because the hard drive in the case is very important to a hacker and is easier to carry than stealing the entire case.Anything that is portable such as a tablet or a laptop should also be locked away in a drawer or could be put in a safe until the authorized user comes back to his or her work area.One very important thing to remember is the backups also have the information on them that could be used by a hacker to damage the company.Another way of protecting data from getting into the wrong hands would be to disable the disc drives of the computer along with any usb slot that can be used to transfer information to.One thing that is important but often overlooked is the printer because someone easily could print sensitive information that was recently printed on that printer.You can prevent that by securing the printer in a secure area and bolting it to the ground so someone can not carry it out of the building.

Similar Documents

Free Essay

Network Security

...Introduction: Network security is a complicated subject, historically only tackled by well-trained and experienced experts. Initial period of computing, when secured mainframes acted as central hosts and data repositories were accessed only by dumb terminal with limited rights, network security was all but irrefutable. As networks have become geographically more distributed and heterogeneous, however, the risk of their misuse has also increased. As more and more people become “wired”, a large number of people need to understand the basics of security in a networked world. Moreover, Network security is one of the most important part of the computer technology now a days. So now people are more aware about this kind of threat than ever before. They are learning about how to compute the security of a network and fix the common issues in order to have a secure network and trusted internet connection. These are few of the things that you should know very well before you deal with network system because it is save you a big pain later if you don’t know how to use. Some of the things that you can implement are the security principles, mange the security network, how to detect the intrusion in the system, windows and web security and also the most important; police security of network. The best way to prevent intrusion on a network is to read all the policies that show up several times on the system. You are downloading a best item, it doesn’t mean it is security risk free unless you...

Words: 272 - Pages: 2

Premium Essay

Network Security

...Nasario Birrueta IT 200: Milestone Three Network Security Network security is one of the most important aspects of implementing a fully functional working network, downtime caused by poor network security can cause major economic loses. The two matters that need to be addressed is the User and Physical equipment. Network security begins with the user. As such would implement a Network Use policy that the employee must sign and adhere to. The company network is to be used for work purposes only. All activity will be monitored and subjected to review by upper management. All users will use strong passwords that are at least 8 characters with upper case and at least one number and not to be shared not even to their immediate supervisors unless OK by IT and or upper management such as a VP or higher. All passwords will be monitored and subject to a monthly review and a password change. Users who do not need internet access will not have access to the internet, a warehouse employee would not need internet access to complete his job duties. But a purchasing employee would need to research for supply vendors that employee would need internet access. In a scenario where a warehouse employee needs internet access a password could be utilized that opens the internet for such these are often called Proxy server or a service that could be used is OpenDNS. At the network level all Personal computers will have the latest and greatest anti-virus software along with all...

Words: 569 - Pages: 3

Premium Essay

Network Security

...Network Security Clint Tipps September 21, 2014 ISSC340/ APUS Prof. Bryan Jensen Abstract This paper will cover several aspects of network security. Numerous different aspects of wired and wireless network security, including protocols applied to secure a network, penetration testing, digital forensics, and network hardening will be covered. There are numerous methods for providing security to a network, and even more to gain access to one. The challenge is to be one step ahead of anyone who may wish to penetrate the network. For this reason, many owners of large networks perform penetration testing in order to identify potential holes in their network. If malicious activity is detected, using digital forensics can help identify where the attack came from. This would, in turn, lead to a network engineer to harden the network against the identified threat. Network Security Over the last decade, computer systems have increased in speed and capacity while decreasing in price. Computers that where once used in corporate environments are now less powerful than a typical household computer. While this sea change occurred, network communications have grown and improved, to allow computers to communicate easily from remote locations, adding vast opportunities for illegal activities. Data can maliciously be changed or destroyed, systems can be made to malfunction and long distance charges can be avoided. One of the biggest challenges today is to control the security of the...

Words: 3488 - Pages: 14

Free Essay

Network Security

...Network Security Network Security The field of network security is a very dynamic, and highly technical field dealing with all aspects of scanning, hacking and securing systems against intrusions. There are many positions related to this, however the most common would be that of a Network Security Engineer, a Security Research Analyst, a Penetration tester, and an Incident Investigator. All four of these jobs have salaries starting in the forty to fifty thousand annually range, and can grow well past the one-hundred thousand mark, depending on skill and experience. A Network Security Engineer is responsible for end-user support for general security related issues, as well as enforcement of the local security policy. They are also typically responsible for performing ongoing security scans to ensure that the System Administrators are keeping their systems up-to-date and secure. A Security Research Analyst is someone who performs research in the field of network security to devise new weaknesses and vulnerabilities, as well as new methods of intercepting and preventing system compromises. They will also typically develop applications to employ the data they have gathered. Another position, the Penetration Tester, is someone who scans networks and/or hosts for vulnerabilities, and then reports on these vulnerabilities to show how they could break into a computer system or network. This information helps the Network Security Engineers to keep their systems secured. The last position...

Words: 305 - Pages: 2

Free Essay

Network Security

...Case Study: Network Security Computer networks of every company have the potential to be exposed to dangers that have the potential to do great harm. Individuals could gain access to Windows and Unix/Linux servers to exploit the company’s vulnerabilities. Computer networks are not only vulnerable to outsiders, but employees also have the opportunity to compromise the system. An unprotected network would open the door for malicious activity that could damage the company’s system, compromise company and customer information, and cost a great amount of precious time and money. A breach in the network could have a negative impact on finances, privacy, and information. Securing the Windows and Unix/Linux servers within a company from shortcomings and vulnerabilities to potential threats by both outsiders and insiders is an absolute necessity. This is achieved by using technical measures and enforcing security policies. One reason it is important to secure the servers is potential of the insider threat. With 1,500 employees, the chance of an attack from the inside is elevated. The threat could come in the form of a disgruntled employee, by someone looking for gain, or by someone who unknowingly compromises the system. Conklin and White (2010) stated the following: One of the hardest threats that security professionals will have to address is that of the insider. Since employees already have access to the organization and its assets, additional mechanisms need to be in place to detect...

Words: 647 - Pages: 3

Premium Essay

Network Security

...this exploitation, companies subject themselves to lawsuits from their own customers. These companies often are ignorant of the simple fact that they have been exploited until customers report the issues to these companies and corporations. Many times, more than thirty days goes by before someone alerts the company of a possible security breech. Cost of an electronic exploit can be greater than a million dollars per incident as reported by the FBI. This information is found in the FBI’s (Federal Bureau of Investigation) report of cyber threats in the United States. In order to help counterbalance this, smaller to midsized companies could spend less than $5,000 to harden their systems and operating systems to put a statefull firewall in place. As stated in this paper, these companies often lack the resources, materials and funds to do so. With the FBI report showing reported incidents, there are thousands of incidents that go unreported. Often these incidents are yet to be discovered. With this number of small to mid-size corporations ignoring or slowly implementing security measures, more and more electronic computer crimes are beginning to take place throughout the U.S. With extortion now moving into the digital age, many corporations do not report intrusions to law enforcement in order to avoid negative publicity. Reports of an intrusion could directly have a negative effect on the company’s sales and position in a global competitive market. Approximately 35% of...

Words: 2166 - Pages: 9

Premium Essay

Network Security

...FLORIDA INSTITUTE OF TECHNOLOGY Proactive vs. Reactive Network Security Making Your Network Unassailable A SHORT PAPER ASSIGNMENT THREE SUBMITTED TO: IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR CYB 5275: ENTERPRISE INFORMATION SECURITY BY CRAIG CANNON MELBOURNE, FLORIDA FEBRUARY 1ST 2013 Information Systems security has never been more critical around the world than it is today. Demand for new improved services has become intense causing enterprises to reinvent their infrastructures by erasing traditional network boundaries. The cyber security threat lurking outside those boundaries is causing security analyst to rethink their views on network security. As the BYOD (bring your own devices) and cloud computing trend becomes more commonplace, security by exclusion by attempting to maintain hard perimeters is no longer a viable option. As the number of network devices continues to increase, the number of vulnerabilities also increases as well. As more and more organizations continue to be overwhelmed by cyber attacks it will become evident that the current strategy of responding to attacks no longer works. To be affective analyst will have to change their strategy from a reactive to a proactive state. References Baker, SA and Dunlap, CJ Jr, (1 May 2012) ‘What is the Role of Lawyers in Cyberwarfare?’ http://www.abajournal.com/m...

Words: 394 - Pages: 2

Premium Essay

Network Security

...FLORIDA INSTITUTE OF TECHNOLOGY CYBER SECURITY WITHOUT CYBER WAR U.S. Military vs. International Law Perspective A SHORT PAPER ASSIGNMENT TWO SUBMITTED TO: IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR CYB 5275: ENTERPRISE INFORMATION SECURITY BY CRAIG CANNON MELBOURNE, FLORIDA JANUARY 25TH 2013 In her article “Cyber Security without Cyber War”, Mary Ellen O’Connell does a brilliant job in giving the reader an overall view of the debate concerning which government should have primary responsibility of the internet when it comes to the legal authority of cyberspace. She begins the article by citing two major players in this debate: the U.S. Military with its rules and legislation vs. NATO and its international law. According to O’Connell, the USA feels that the military should have primary responsibility over the internet since it has the largest number of technical experts and legal authorities with respect to cyberspace than anyone else in the world. Many in the international community would disagree with allowing the US military to police the internet. They raise the question: What legal rules would be used to guide the military in its supervision of the internet. They believe that using international law is the best way to govern cyberspace usage. (Johnson, 1996) Still others favor the US military’s Cold War strategy of deterrence as a way of patrolling the internet. These that favor...

Words: 1872 - Pages: 8

Premium Essay

Network Security

...Importance of Security The Internet has undoubtedly become the largest public data network, enabling and facilitating both personal and business communications worldwide. The volume of traffic moving over the Internet, as well as corporate networks, is expanding exponentially every day. More and more communication is taking place via e-mail; mobile workers, telecommuters, and branch offices are using the Internet to remotely connect to their corporate networks; and commercial transactions completed over the Internet, via the World Wide Web, now account for large portions of corporate revenue. While the Internet has transformed and greatly improved the way we do business, this vast network and its associated technologies have opened the door to an increasing number of security threats from which corporations must protect themselves. Although network attacks are presumably more serious when they are inflicted upon businesses that store sensitive data, such as personal medical or financial records, the consequences of attacks on any entity range from mildly inconvenient to completely debilitating—important data can be lost, privacy can be violated, and several hours, or even days, of network downtime can ensue. Despite the costly risks of potential security breaches, the Internet can be one of the safest means by which to conduct business. For example, giving credit card information to a telemarketer over the phone or a waiter in a restaurant can be more risky than submitting the...

Words: 3895 - Pages: 16

Premium Essay

Network Security

...[pic] [pic] |School of Science and Technology | |Department of Information Technology | |ISSC361: IT Security: Information Assurance | |3 Credit Hours | |8 Week Course | |Prerequisite(s) :None | |Table of Contents | |Instructor Information |Evaluation Procedures | |Course Description |Grading Scale | |Course Scope |Course Outline | |Course Objectives |Policies | |Course Delivery Method |Academic Services | |Resources |E-Book Links | |Instructor Information ...

Words: 4918 - Pages: 20

Premium Essay

Network Security

...Phase 2 Discussion Board CSS200-14002B-02 Principles of Network Security Chris Balla May 28, 2014 For the scenario provided in our discussion board for this week, I have decided to go with a choke point firewall strategy. This type of firewall seems to be less expensive than the other types of systems. It forces all of the network traffic through a single pathway. It also controls authentication as well as user activity. No data can pass through the choke point without being checked. This type of firewall can provide a single point of contact between our network and the internet; thereby giving the company more control over the data which can be permitted in and out of the internal network. Multiple choke points may also have to be used as well. The drawback to this type of firewall is that the choke point has to be very difficult in order for a hacker to bypass. Routers as well as switches can also be used to monitor the pathway. This type would evaluate and authenticate the network data, which is what the organization wants. I also considered the least privilege type of firewall as well. This would cause more administrative work but would ensure that users would only have the access needed in order to perform their job duties. The best way to accomplish this would be to group all of the users based on their access level or job descriptions. Doing this would also cut down on the amount of administrators needed to control the system. Administrator...

Words: 416 - Pages: 2

Premium Essay

Network Security

...CHAPTER Firewall Fundamentals 2 T o some network administrators, a firewall is the key component of their infrastructure’s security. To others, a firewall is a hassle and a barrier to accomplishing essential tasks. In most cases, the negative view of firewalls stems from a basic misunderstanding of the nature of firewalls and how they work. This chapter will help dispel this confusion. This chapter clearly defines the fundamentals of firewalls. These include what a firewall is, what a firewall does, how it performs these tasks, why firewalls are necessary, the various firewall types, and filtering mechanisms. Once you understand these fundamentals of firewalls, you will be able to look beyond the unschooled opinions, common mythology, and marketing hype surrounding them, and the crucial benefits of effective firewall architecture will become clear. Like any tool, firewalls are useful in solving a variety of problems and in supporting essential network security. Chapter 2 Topics This chapter covers the following topics and concepts: • What a firewall is • Why you need a firewall • How firewalls work and what they do • What the basics of TCP/IP are • What the types of firewalls are • What ingress and egress filtering is • What the types of firewall filtering are • What the difference between software and hardware firewalls is • What dual-homed and triple-homed firewalls are • What the best placement of a firewall is 43 Chapter 2 Goals When you complete...

Words: 15367 - Pages: 62

Premium Essay

Network Security

...1) Construct networks using different types of network devices HUB Hub is one of the basic icons of networking devices which works at physical layer and hence connect networking devices physically together. Hubs are fundamentally used in networks that use twisted pair cabling to connect devices. They are designed to transmit the packets to the other appended devices without altering any of the transmitted packets received. They act as pathways to direct electrical signals to travel along. They transmit the information regardless of the fact if data packet is destined for the device connected or not.   Switches Switches are the linkage points of an Ethernet network. Just as in hub, devices in switches are connected to them through twisted pair cabling. But the difference shows up in the manner both the devices; hub and a switch treat the data they receive. Hub works by sending the data to all the ports on the device whereas a switch transfers it only to that port which is connected to the destination device.  A switch does so by having an in-built learning of the MAC address of the devices connected to it. Since the transmission of data signals are well defined in a switch hence the network performance is consequently enhanced. Switches operate in full-duplex mode where devices can send and receive data from the switch at the simultaneously unlike in half-duplex mode. The transmission speed in switches is double than in Ethernet hub transferring a 20Mbps connection into...

Words: 1799 - Pages: 8

Premium Essay

Network Security

...Cellular Debate Name Course Date Tutor Network Security Issues on Cellular Network One major advantage of Cellular network security is the ability of communication to be done “Wirelessly” (Xiao et al, 2007). This means that the signals do not follow a specific assigned signal path which may be destroyed by vandals or even by nature, as in case of copper conductors or other physical media such as fiber optic. In addition, data security is enhanced by used of packed switched data in which data is send in form of packets and at no particular order only to be reconstructed at the receiver which makes intercepting such messages cumbersome. In addition, user authentication allows only specific users registered to a specific cellular service provider to use their resources thus allow proper billing to be charged according to the usage of the network(Xiao et al, 2007). A security issue that arises from the use of the cellular networks is subscriber authentication. These systems consist of a large number of subscribers who need to be identified and verified before they can enjoy the services offered by the provider. If authentication is not properly done, then the network is vulnerable to misuse by subscribers not entitled to use the network leading to the service provider incurring losses. Confidentiality is another security issue that can be noted in cellular network (Ciampa, 2009). This is because the ‘air’ channel can be intercepted by malicious people and...

Words: 785 - Pages: 4

Free Essay

Network Security

...Client/server Networks Professor: Karen Lederer Trevor Kale 4/16/2011 We shall discuess the difference between Peer-to-Peer networks and the Client/Server networks. First we need to describe how each one operates in order to view the differences between both. First we will describe a Peer-to-Peer network. In the Peer-to-Peer network every computer can communicate directly with every other computer.(2009, Dean, Pg.3) Because of this setup no one computer has more authority then another one on the network. Each person on the network can set their access and restrictions for other users to their computer. These configurations are simple to configure and due to the simplisity they do not require a great technical expertise. They also tend to be cheaper due to lack of need of equipment to establish this network. Some disadvantages consist of not being flexible, that is as they grow they become more difficult to handle. Security on these networks is very lacking due to ease of access of unauthorized access. They are also not very practical due to the lack of centralized resources requires a user to have their terminal on in order to access their resources. That is the basics of a Peer-to-Peer network setup, next we move on to the Client/Server model. In a Client/Server network a centralized computer known as a server facilitates communication between other computers on the network known as clients. For a computer to function as a server they must be running an Network Operating...

Words: 478 - Pages: 2