researchHQ’s Key Takeaways:
- Network security is the practice of securing a network (two or more connected computational systems) from its core to the perimeter’s edge.
- The goal of network security is to protect against threats such as cyberattacks, malware and unauthorized access without disrupting daily workflows.
- Organisations must develop a network security policy that is driven by its unique culture so as to support employees daily routines and enable commonly used tools.
- By securing the network in layers, a ‘defence in depth’ model helps organisations enforce protections around the principles of confidentiality, integrity and availability.
- The four key components of network security are firewalls, IPS, network access control (NAC) and security information and event management (SIEM).
A network comprises two or more computational systems connected by physical and/or wireless connections. Networks broadly use peer-to-peer or client-server architecture apart from a number of networking protocols for the connected systems to communicate with each other.
Network security is a subgroup of networking. It involves securing the connected network infrastructure from the core to the edge of the network perimeter. Typically managed by a network administrator, network security involves implementing IT security policy and deploying network software and hardware to:
- Protect the network, its infrastructure and all its traffic from external cyberattacks
- Protect all IT assets and resources available via the network from unauthorized access
- Ensure authorized users have adequate access to these network IT assets and resources to effectively perform work
What Types of Threats Does Network Security Prevent?
Some of the most common threats to network and computer systems are:
- Distributed denial-of-service attacks (DDoS)
- Computer worms
- Trojan horses
How Does Network Security Work?
An IT security policy identifies the rules and procedures for all authorized individuals accessing and using an organization’s IT assets and resources. It is the principle document for network security. Its goal is to outline rules for ensuring the security of organizational assets.
Employees today often use several tools and applications to conduct business productively. Policy driven by the organization’s culture supports these routines and focuses on safely enabling these tools for employees. Enforcement and auditing procedures for any regulatory compliance to which an organization is subject must be mapped out in the policy as well.
Enforcement concerns analyzing all network traffic flows and should aim to preserve the confidentiality, integrity, and availability of all systems and information on the network. When it comes to enforcing protections, network security operates on a defense-in-depth model and follows the principles of the “CIA” triad:
- Confidentiality – protecting assets from unauthorized entities
- Integrity – ensuring the modification of assets is handled in a specified and authorized manner
- Availability – maintaining a state of the system in which authorized users have continuous access to said assets
Strong enforcement strives to provide CIA to network traffic flows. This begins with a classification of traffic flows by application, user and content. As the vehicle for content, all applications must first be identified by the firewall regardless of port, protocol, evasive tactics or encryption. Proper application identification provides full visibility into the content it carries. Policy management can be simplified by identifying applications and mapping their use to a user identity while inspecting the content at all times for the preservation of CIA principles.
The concept of defense in depth is observed as a best practice in network security, prescribing for the network to be secured in layers. These layers apply an assortment of security controls to sift out threats trying to enter the network: access control, identification, authentication, malware detection, encryption, file type filtering, URL filtering and content filtering.
These layers are built through the deployment of firewalls, intrusion prevention systems (IPS) and antivirus components. Among the components for enforcement, the firewall (an access control mechanism) is the foundation of network security.