"Network security" refers to any activity designed to protect the usability and integrity of your network and data. It includes both hardware and software technologies. Effective network security manages access to the network. It targets a variety of threats and stops them from entering or spreading on your network.
Network security is the security provided to a network from unauthorized access and risks. It is the duty of network administrators to adopt preventive measures to protect their networks from potential security threats.
Computer networks that are involved in regular transactions and communication within the government, individuals, or business require security. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.
Types of Network Security Devices
Active Devices: These security devices block the surplus traffic. Firewalls, antivirus scanning devices, and content filtering devices are the examples of such devices.
Passive Devices - These devices identify and report on unwanted traffic, for example, intrusion detection appliances.
Preventative Devices - These devices scan the networks and identify potential security problems. For example, penetration testing devices and vulnerability assessment appliances.
Unified Threat Management (UTM) - These devices serve as all-in-one security devices. Examples include firewalls, content filtering, web caching, etc.
A firewall is a network security system that manages and regulates the network traffic based on some protocols. A firewall establishes a barrier between a trusted internal network and the internet.
Firewalls exist both as software that run on a hardware and as hardware appliances. Firewalls that are hardware-based also provide other functions like acting as a DHCP server for that network.
Most personal computers use software-based firewalls to secure data from threats from the internet. Many routers that pass data between networks contain firewall components and conversely, many firewalls can perform basic routing functions.
Firewalls are commonly used in private networks or intranets to prevent unauthorized access from the internet. Every message entering or leaving the intranet goes through the firewall to be examined for security measures.
An ideal firewall configuration consists of both hardware and software based devices. A firewall also helps in providing remote access to a private network through secure authentication certificates and logins.
Hardware and Software Firewalls
Hardware firewalls are standalone products. These are also found in broadband routers. Most hardware firewalls provide a minimum of four network ports to connect other computers. For larger networks - e.g., for business purpose - business networking firewall solutions are available.
Software firewalls are installed on your computers. A software firewall protects your computer from internet threats.
An antivirus is a tool that is used to detect and remove malicious software. It was originally designed to detect and remove viruses from computers.
Modern antivirus software provide protection not only from virus, but also from worms, Trojan-horses, adwares, spywares, keyloggers, etc. Some products also provide protection from malicious URLs, spam, phishing attacks, botnets, DDoS attacks, etc.
Content filtering devices screen unpleasant and offensive emails or webpages. These are used as a part of firewalls in corporations as well as in personal computers. These devices generate the message "Access Denied" when someone tries to access any unauthorized web page or email.
Content is usually screened for pornographic content and also for violence- or hate-oriented content. Organizations also exclude shopping and job related contents.
Content filtering can be divided into the following categories -
Intrusion Detection Systems
Intrusion Detection Systems, also known as Intrusion Detection and Prevention Systems, are the appliances that monitor malicious activities in a network, log information about such activities, take steps to stop them, and finally report them.
Intrusion detection systems help in sending an alarm against any malicious activity in the network, drop the packets, and reset the connection to save the IP address from any blockage. Intrusion detection systems can also perform the following actions -
Syllabus for Network Security Course
Chapter 1 - Network Topology
Chapter 2 - Open Systems Interconnectivity Model
Chapter 3 - TCP/IP In-depth
Chapter 4 - WAP, NAT, DNS and ICMP
Chapter 5 - Internet Routing
Chapter 6 - Advanced Port Scanning
Chapter 7 - Sniffing Attacks
Chapter 8 - Masquerading Attacks
Chapter 9 - Advanced DOS and DDOS
Chapter 10 - Session Hijacking Attacks
Chapter 11 - Network Operations Center - Security
Chapter 12 - Network Traffic Analysis
Chapter 13 - Network Vulnerability Assessment
Chapter 14 - Network Penetration Testing
Chapter 15 - Intrusion Detection System
Chapter 16 - Snort 101
Chapter 17 - OSSEC 102
Chapter 18 - Intrusion Prevention System
Chapter 19 - Firewalls (Installation, Configuration and Usage)
Chapter 20 - OS Hardening for Networks - Linux and Windows
Chapter 21 - Cryptography - Introduction
Chapter 22 - Symmetric Key Encryption
Chapter 23 - Asymmetric Key Encryption
Chapter 24 - Hash functions
Chapter 25 - Trust models
Chapter 26 - VLAN - Security
Chapter 27 - VPN - Security
Chapter 28 - Wireless Networks - Introduction
Chapter 29 - Radio Frequency Essentials
Chapter 30 - Wireless Security - Basics
Chapter 31 - Wireless Threats
Chapter 32 - Attacking Wireless Hotspot and Security
Chapter 33 - WEP Security
Chapter 34 - WPA/WPA2 Security
Chapter 35 - Secure Wireless Infrastructure Deployment
Chapter 36 - DNS Tunneling
Chapter 37 - Network Forensic Methodology
Chapter 38 - Network Evidence Acquisition
Chapter 39 - OS Logs and Splunk
Chapter 40 - Summary