NETWORK SECURITY

What is Networking:-

A computer networking is a process of connecting two more than two computers with the purpose to share data, provide technical support, and to communicate (especially for the business purpose. Internet is the technology that is used to connect different computer systems (located in different geographic location).

What are Protocols and their various Types?

Network protocols define the rules and conventions for communication between network devices. In the absence of network protocols, devices lack the capability of understanding the electric signals they send to each other over the network. There are many computer network protocols designed for specific purposes and environments. Modern protocols include packet switching techniques, where are messages are subdivided and reassembled at their destination.

The Internet Protocol (IP) is the address system of the internet with the core functioning of delivering information packets. These packets are picked from a source device and delivered to a target device. IP forms the basis of the internet and is a primary key to network connections. Another functionality, called TCP, is required to handle packet ordering.

Transmission Control Protocol (TCP) works with IP on sending packets of data to each other. TCP is used for organizing data to ensure secure transmission between the client and the server. TCP/IP exchanges data over the internet by using the client-server model of communication.

Wireless Network Protocols

Network protocols that are designed to work on wireless networks include wi-fi, Bluetooth, and LTE. These wireless networks support roaming mobile devices and other electronic devices that are not directly connected with a wire.

Network Routing Protocols

A routing protocol can identify other routers, manage the route between source and destination. It defines the route path to carry network messages and dynamic routing decisions. Examples of routing protocols are OSPF, BGP, and EIGRP. They are designed specially to meet the specific purpose of the network routers on the internet.

What is Meant By Network Security?

Network security is the protection of the layers of security to data, files, and directories against unauthorized access that could lead to data theft or misuse. Sound network security helps organizations reduce the risk of falling victim to such attacks and enables the safe operation of IT systems. Network security includes both hardware and software technologies. Ideally, networks have layers of security starting from application, antivirus, access management, servers, firewalls, physical access, and policies.

Network Security Definition

Network security is a broad term that covers a multitude of technologies, devices, and processes. In its simplest term, it is a set of rules and configurations designed to protect the integrity, confidentiality, and accessibility of computer networks and data.

Every organization, regardless of size, industry, or infrastructure, requires a degree of network security solutions in place to protect it from the ever-growing landscape of cyber threats in the wild today.

What is a Computer Network and its components?

Computer network components comprise both physical and software required to install computer networks. The hardware components are the client, server, peer,

transmission medium, and connecting devices. Whereas, the software components are operating systems and protocols.

What are Network Threats ?

Network threat stands for any threat or malicious activity that intends to take advantage of network vulnerability to breach, harm, or sabotage the information in the network. The threats can also intend to take unauthorized access over the network and then spread to other systems and networks connected to the compromised network.

Networks threats are categorized into two types – passive threats and active threat

What are the Types of Network Security Attacks ?

In the wake of a variety of existing frequent network attacks and the threat of new destructive future attacks, network security has gained prominence in the scope of computer networking. Here are the different types of network security attacks.

Virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code. When this replication succeeds, the affected areas are then said to be "infected" with a computer virus.

Malware is the collective name for a number of malicious software variants, including viruses,ransomware and spyware. Shorthand for malicious software, malware typically consists of code developed by cyber attackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network.

Worm A computer worm is a type of malware that spreads copies of itself from computer to computer. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

A compromised key attack is the use of a key that an attacker has stolen to gain access to a secured transmission. The key allows the attacker to decrypt the data that is being sent. The sender and receiver are usually not aware of the attack.

A botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allows the attacker to access the device and its connection.

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

A man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other.

Packet sniffing is the act of capturing packets of data flowing across a computer network. The software or device used to do this is called a packet sniffer. Packet sniffing is to computer networks what wire tapping is to a telephone network.

DNS spoofing, also referred to as DNS cache poisoning, is a form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver's cache, causing the name server to return an incorrect result record, e.g. an IP address.

IPaddress spoofing or IPspoofing is the creation of Internet Protocol (IP) packets with a false source IP address, for the purpose of impersonating another computing system.

What is Network Security Vulnerability?

Vulnerability in network security is a weakness that can be exploited by an attacker to gain unauthorized access to information systems. Vulnerabilities allow attackers to run code, access a system, install malware, and steal, destroy or modify sensitive data.

What are Network Security Controls?

Network security controls deliver integrity, confidentiality, and availability of the network service. The proper combination of network security controls reduces the risk of network being compromised. The network controls enable organizations to implement strategies of network security. The multiple control layers and the network should be used to minimize the risks of falling victim to attack and ensures defense–in-depth network security.

What are the various network security techniques ?

In order to implement defense in depth strategy, numerous specialized techniques and types of network security are required. There are different ways to secure a network such as –

Access Control

Blocking unauthorized users and devices from connecting with the network. The users’ access should be restricted to the extent authorized.

Anti-malware

Anti-malware identifies viruses, worms, and trojans, and prevents them from infecting the network.

Behavioral Analytics

Observing analytics regularly and understanding variation in its behavior prompts malicious acts.

Application Security

Applications are easy vectors for attackers to get access to their network. Vulnerable apps should be locked by employing hardware, software, and security processes.

Data Loss Prevention

Humans are considered the weakest security link. They should be trained on security policies to learn the significance of the process of sharing sensitive data.

Network Segmentation

Software-based segmentation is crucial to enforce security policies easily.

Firewalls

Firewalls act as a barrier between the network trusted zone and everything beyond it. They are a must-have.

Email Security

Phishing allows intruders to gain access to the network. Email security blocks phishing emails and outbound messages carrying sensitive data.

Mobile and Wireless Security

Wireless devices are potential vectors to the networks and therefore require extra scrutiny.

Intrusion Detection and Prevention

These systems scan and verify network traffic and respond to attacks.

Security Information and Event Management (SIEM)

SIEM pulls information from various network tools that help in identifying and responding to threats from the data collected.

VPN

A virtual private network authenticates the communication between a device and a secure network. It creates secure passage across the open network.

What are Firewalls and its Types?

Traditional firewalls protect the internal network against the incoming traffic.

They have been serving as the first line of defense in network security for almost the past three decades. A firewall can be defined as either a hardware or a software program, designed to block all unwanted incoming traffic while allowing authorized communications to flow freely.

Types of Firewall

Proxy firewall – A proxy firewall filters out flagged messages at the application layer to protect the resources of a private network.

Stateful Inspection Firewall – A firewall blocking incoming traffic based on state, port, and protocol is known as stateful inspection firewall.

Unified Threat Management (UTM) Firewall – A UTM firewall combines the features of a traditional firewall with various other security aspects.

Next-Generation Firewall (NGFW) – Next Generation Firewalls are designed to block modern-day cyber threats, such as advanced malware and application-layer attacks.

Threat-Focused NGFW – Apart from the functions of a traditional NGFW, threat-focused NGFW offers advanced threat detection and remediation

Summary

In a sense, security in networks is the combination and culmination of everything we know about security

A network's security depends on all the cryptographic tools at our disposal, good program development processes, operating system controls, trust and evaluation and assurance methods, and inference and aggregation controls.