Is the process of taking physical preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment.
We can Secure Networks by many approaches and different implementation methods by hardware or software. These Things MUST have in order to secure the network: Firewalls, VPN, IDS/IPS, etc…
Network Security consists of these procedures:
- Protection: You should configure your systems and networks as correctly as possible.
- Detection: You must be able to identify when the configuration has changed or when some network traffic indicates a problem.
- Reaction: After identifying problems quickly, you must respond to them and return to a safe state as rapidly as possible.
Network Security Models
There are a variety of specialized techniques and types of network security you will want to roll out:
- Access control: You should be able to block unauthorized users and devices from accessing your network. Users that are permitted network access should only be able to work with the limited set of resources for which they’ve been authorized.
- Anti-malware: Viruses, worms, and trojans by definition attempt to spread across a network, and can lurk dormant on infected machines for days or weeks. Your security effort should do its best to prevent initial infection and also root out malware that does make its way onto your network.
- Application security: Insecure applications are often the vectors by which attackers get access to your network. You need to employ hardware, software, and security processes to lock those apps down.
- Behavioral analytics: You should know what normal network behavior looks like so that you can spot anomalies or breaches as they happen.
- Data loss prevention: Human beings are inevitably the weakest security link. You need to implement technologies and processes to ensure that staffers don’t deliberately or inadvertently send sensitive data outside the network.
- Email security: Phishing is one of the most common ways attackers gain access to a network. Email security tools can block both incoming attacks and outbound messages with sensitive data.
- Firewalls: Perhaps the granddaddy of the network security world, they follow the rules you define to permit or deny traffic at the border between your network and the internet, establishing a barrier between your trusted zone and the wild west outside. They don’t preclude the need for a defense-in-depth strategy, but they’re still a must-have.
- Intrusion detection and prevention: These systems scan network traffic to identify and block attacks, often by correlating network activity signatures with databases of known attack techniques.
- Mobile device and wireless security: Wireless devices have all the potential security flaws of any other networked gadget — but also can connect to just about any wireless network anywhere, requiring extra scrutiny.
- Network segmentation: Software-defined segmentation puts network traffic into different classifications and makes enforcing security policies easier.
- Security information and event management (SIEM): These products aim to automatically pull together information from a variety of network tools to provide data you need to identify and respond to threats.
- VPN: A tool (typically based on IPsec or SSL) that authenticates the communication between a device and a secure network, creating a secure, encrypted “tunnel” across the open internet.
- Web security: You need to be able to control the internal staff’s web use in order to block web-based threats from using browsers as a vector to infect your network.