Network security consists of the provisions made in an underlying computer network
infrastructure, policies adopted by the network administrator to protect the network and
the network-accessible resources from unauthorized access and the effectiveness (or lack)
of these measures combined together.
Network security starts from authenticating any user. Once authenticated, firewall enforces
access policies such as what services are allowed to be accessed by the network users.
Though effective to prevent unauthorized access, this component fails to check potentially
harmful contents such as computer worms being transmitted over the network. An intrusion
prevention system (IPS) helps detect and prevent such malware. IPS also monitors for suspicious
network traffic for contents, volume and anomalies to protect the network from attacks such as
denial of service. Communication between two hosts using the network could be encrypted to
maintain privacy. Individual events occurring on the network could be tracked for audit purposes
and for a later high level analysis.
Honeypots, essentially decoy network-accessible resources, could be deployed in a network
as surveillance and early-warning tools. Techniques used by the attackers that attempt to compromise
these decoy resources are studied during and after an attack to keep an eye on new exploitation
techniques. Such analysis could be used to further tighten security of the actual network being
protected by the honeypot.
|
|
Student Login
©
2007 Nasson Institute