Network security is broad term used to describe methods and protocols for protecting an organization’s computing infrastructure. The ‘network’ is made up of multiple systems and appliances spread throughout an organization, all interconnected.
Examples of such appliances include Routers, Switches, Firewalls, Logging Systems, Intrusion Prevention/Detection Systems and HoneyPots. These device typically reside inside the network or on the DMZ and are transparent to the end user. Simple solutions such as operating system based firewalls, host intrusion prevention systems and antivirus protection are all excellent software resources which can be utilized in addition to hardware to offer more comprehensive security. Be sure to always enable the firewall on your home machine and regularly update your antivirus software; while not fool proof doing these two simple tasks can eliminate a huge amount of potential risks you might normally encounter.
Good security models are build around the concept of layers. In order to offer the most effective solution, security processes should be enacted at several places within the network. It is important to recognize that no matter what a vendor claims, there is no such thing as an all-in-one solution. Layering security processes and appliances provides greater breadth and depth to the organizations protection overall. If any one layer were to fail or be circumvented, the attacker would then be met with the next obstacle. This offers a kind of fail-safe environment thus reducing the risk factor of any individual component in the network.
Examples of processes which could be enabled within a network for security purposes include:
Access Control Lists Authentication of Routing Protocols Digital Certificates SNMPv3 Port Security VLANs Event Logging Stateful Inspection Network Address Translation Proxy Servers Centralized Log Analysis Anomaly Detection Signature Based Detection Bait / Trap Bastion Hosts Packet Filters Access Control
Enabling the firewall on your home router is a good start however in order to protect your personal information from falling into the wrong hands, good antivirus protection is always recommended on the host endpoint machine. Host Intrusion Prevention Software (HIPS) and anti-malware utilities provide an additional layer of security protecting your system even if the network is compromised. Unfortunately too many people today to not take network security seriously and as a result end up being victimized. Don’t be another statistic, even if you’re not a security expert – understanding simple things (like enabling your firewall & antivirus) you can do to protect yourself go a long way.
