Network security is a branch of networking that encompasses strategies, policies and standard operating procedures that make the network secure from various threats like unauthorized access or misuse.
These policies are generally adopted and implemented by the network administrator. A decade ago network security was considered to be a very complex domain and few highly skilled people were technically skilled in this area, but as the networks expanded and more and more organizations and companies became connected the demand for network security increased.
When talking about network security we have to address two basic areas: absolute access and absolute security. Ironically both of these terms that are essential for network security are totally contradictory. Absolute security is achieved only by totally disconnecting a computer: that is, if the computer remains connected it remains vulnerable. Absolute access means giving everyone total control and access of your network which is again totally against the concept of network security.
Network security is all about creating a balance between these two objectives. We have to give access to users to our network, but at the same time we must make our network secure. A network which maintains this balance is considered ideal with respect to network security. There are three basic principles known as the D's of network security: defense, deterrence and detection.
Defense is the first layer of network security and is easiest to understand and implement. Defense means you must protect your network and your valuable assets of data and information so that they are less vulnerable to an attack. Usually a good firewall will do the job and most companies rely on firewalls to defend themselves from known and unknown threats.
The second layer of network security is deterrence. Deterrence demands strict laws and disciplines for the users of a network so that they must not violate the company's security laws. It is the basic idea behind laws that are made for cyber security. Deterrence may also refer to measures taken beforehand to repel attacks.
The third and most important principle of network security is detection. Detection refers to the ability of the protective measures to successfully detect an attack. Detection can be achieved by installing anti-spyware and intrusion detection systems. Detection is considered extremely important in finding security breaches and then later on addressing them. When implemented correctly, these three principles guarantee network security.
There are four major threats that a network faces:
1. Malicious programs (Learn about malicious programs): Malicious programs are viruses, spywares, and Trojans that disrupt or try to disrupt the normal functionality of a network. A malicious program or virus can quickly spread through a network, infecting all the computers that are connected to the network. This can result in partial or complete breakdown of the network. Malicious programs can damage data that is stored across the network on various computers and can make some of the resources of network unavailable for some users. To protect your network from malicious programs and ensure network security you must use good antivirus and anti-spyware programs that have high detection rates and are equipped with latest scanning techniques like behavioral detection and heuristics.
2. Denial of Service: One of the most important issues that needs to be addressed in network security is protection against denial of service or distributed denial of service attacks. These attacks are very easy to launch and yet extremely difficult to detect and repel. Network security addresses this issue by implementing a specific procedure through which multiple requests can be sent to a server. No proper solution has yet been identified for this problem.
3. Unauthorized Access: Unauthorized access means access of a network by persons or machines that are not entitled to or eligible to use that network. Unauthorized access may result in illicit command execution, data loss, and breach of confidentiality and identity theft. Network security demands that strict rules must be made and implemented to access a network. All important hardware components must be placed inside a secure premises. Strong passwords must be used to gain access to a network. Strong encryption techniques must be used to protect sensitive data. Encryption must be used if your network uses a wireless medium.
4. Data Destruction: Data destruction means damage to data that is stored across a network. A majority of attacks on networks results in complete or partial data loss. By implementing the three principles of network security we can protect our valuable data from attackers.
Conclusion: Network security is a very complex field. Making a network absolutely secure is almost impossible. While talking about network security an old saying comes into mind: "A chain is as strong as its weakest link." Similarly a network is as secure as its least secure node. An attacker would always try to attack at the weakest node so it's very important to secure all the computers and devices that are connected to a network.More security articles