Security is generally regarded as a cost, rather than a revenue generator. The return on investment is not readily apparent and is often difficult to quantify which generally causes a problem when it comes to budget allocation.
It is often necessary to look at the bigger picture for example, remote authentication enables employees to securely access the network away from the office therefore improving flexibility and in turn the effectiveness and profitability of the organisation.
It is necessary to authenticate the identity of users and computers, maintain an appropriate level of network service operations and optimal network performance.
There are four main security objectives:
Benefits of Security:
Types of network security
Controlling who has access to what data is a central theme of information security. Security built around passwords is too easy to defeat. User authentication becomes even more important when the user is remote. Whether users are dialling in from home into a RAS solution or using a VPN connection these links provide the single most vulnerable link into a network. If an electronic identity can be faked the connection will provide an open path in the system.
Strong authentication addresses any of the vulnerabilities of single authentication. Furthermore, this stops an authorised user accidentally accessing another user's resource and allows that administrator to track all events linked to each individual user where necessary.
Strong authentication can be achieved by incorporating more than one means of authentication: Something you have. Something you know. Something you are.
IDS - Intrusion Detection System
Intrusion Detection Systems are designed to alert system managers to potential trouble whether it is from an internal or external source. Commonly attackers make a tentative probe first, wait to see if it is detected and then home in on a subsequent attempt. IDS is an intelligent system that reads and interprets the contents of log files from routers, firewalls, servers and other network devices to identify the type of traffic on the network and network activity patterns. The IDS responds to alerts by raising an alarm, activating an automatic response action to limit potential damage and attempts to identify the intruder and correlate evidence of activity.
The main types of IDS:
A perimeter security measure permitting only authorised LAN access to and from the Internet. Access can be administered according to job description and user requirements rather than a 'one rule suits all' basis.
The firewall analyses the traffic routed between the network and the Internet, both inbound and outbound, against set access criteria. Non-compliant traffic is stopped.
Firewalls fall into four categories: packet filters, circuit level gateways, application level gateways and stateful multilayer inspection firewalls.
Anti-virus searches for any known or potential viruses. New viruses emerge at an increasing rate and old viruses remain a threat to poorly updated systems.
A good anti-virus will:
Emails present a wide range of risk, notably the leakage of sensitive information and potential legal liability for employee email conduct.
A good email security solution will:
Web access control
To get the greatest business benefit out of the internet users need desktop access. However, personal web browsing and web-based email needs to be managed so as not to compromise the organisation in any way.
To this end web access control is more than just blocking web addresses and protecting from web-borne viruses. It is necessary to administer access rights at user level.
Access can be allowed, denied or limited by time-based quota according to policies applied to users, workgroups, computer or the entire network. Policies may be set for web address, specific file types and are often associated with a database of inappropriate websites such as gambling, chat sites and sites with pornographic content.