Question

1. Describe the basic components of network security and the differences between wired and wireless network security best practices.

Answer 1

Network security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment.

Basic Components of Network Security

1. Network Access Control (NAC)

NAC basically allows the admin to understand and control who can and cannot access the network. NAC identifies what users and devices are allowed on the network. This helps the admin to remain aware of which devices are blocked. Behavioral analytic tools to identify abnormal behavior on a network are modern tools that can help network administrators monitor their networks for anomalous traffic. Once the behavioral analytic tool is applied, it then sends notifications to the user as soon any abnormal activity is found.

2. Firewall Security

A firewall is a network security device that monitors outgoing and incoming network traffic, forming a type of barrier between an untrusted and trusted network. Firewall security decides whether to block or allow specific traffic in the network or not. It is one of the first lines of defense. There are different types of firewall security such as stateful firewall, application-aware firewall, packet filtering firewall, deep packet inspection firewall, and proxy firewall.

3. Intrusion Prevention System or IPS

IPS or Intrusion Prevention System is a threat prevention technology that examines, identifies, and prevents unusual network traffic from exploiting vulnerabilities, such as malicious inputs, target supplication or service to gain control or interrupt a machine or application. The Intrusion Prevention System is positioned right behind the firewall security which provides a complementary layer of analysis. This acts as a direct communication path between the destination and the source. IPS actively analyzes and takes automated actions on all the traffic flows which enter the network. Such actions include:

• Resetting the overall connection
• Blocking unscrupulous traffic from the source address

4. SIEM or Security Information and Event Management

SIEM is an approach towards security management which combines Security Event Management and Security Information Management into one composite security management system. SIEM gathers the relevant and required data from multiple sources to help identify deviations and take appropriate actions.

For example, when a potential issue or threat is detected, SIEM directly logs all additional information and generates an alert so that the security controls stop the activity’s progress on an immediate basis.

Whether an organization has a wireless or wired network, security should be a top priority for the IT administrators who manage it. Today, however, many organizations are replacing wired networks with wireless networks because wireless networks allow remote access and require few cables, cords and hookups.

Wired Network Security Best Practices are as follows

1. Auditing and Mapping of Network

Auditing and mapping are important to understand the entire network’s infrastructure of the network. Auditing and mapping of the network consist process like Network location, Understand the vendor model, and the basic configuration of the firewalls, routers managements, etc.

During auditing and mapping, you will find various ways through which you can increase the security, performance, and reliability of the network. Auditing and mapping are very important for the larger industries who having the larger network.

2. Network Update

After Completion of the auditing and mapping of the network. Check for the network update. Check firmware or software updates for the different network infrastructure components. Login all the components to check the entire default password has been changed or not.

3. MAC Address Filtering

One of the big issue while using the wired network is that lack of quick and easy authentication. But having MAC address can prevent a hacker from doing serious security hole. This will give you more control over the different devices which are connected to the network. So always keep your MAC address list up-to-date.

4. Use of VPNs

VPN (virtual private network) which used to create a secure network connection over the public network or the private network on the Internet. To access the data through this network users must having the unique Id and password. And to gain access PIN is also used which changes according to every after 30 sec. Use VPN to encrypt your server. Through this, you can encrypt all your traffic.

5. Physically Secure the Network

Physical security of the network is an important part because after that you can say that your Internet is facing the firewall. Without having physical security hackers or even your employee can easily break your network connection. Ensure your plan to protect the outsider from entering into your network. Setup your server secure from your employee reach. Use door and cabinet locks. Verify that Ethernet cable can’t be easily accessible and same with the wireless access point.

Wireless Network Security Best Practices are as follows

• Avoid using the default password
  It’s easy for a hacker to find out the manufacturer’s default password for your wireless router and then use that password to access your wireless network. So it’s wise to change the administrator password for your wireless router. When you’re deciding on your new password, try to pick a complex series of numbers and letters and try to avoid using a password that can be guessed easily.
  
• Don’t let your wireless device announce its presence
  Switch off SSID (Service Set Identifier) broadcasting to prevent your wireless device announcing its presence to the world.
  
• Change your device’s SSID name
  Again, it’s easy for a hacker to find out the manufacturer’s default SSID name for your device and then use that to locate your wireless network. Change the default SSID name of your device and try to avoid using a name that can be guessed easily.
  
• Encrypt your data
  In your connection settings, make sure you enable encryption. If your device supports WPA encryption, use that if not, use WEP encryption.
  
• Protect against malware and Internet attacks
  Make sure you install a rigorous anti-malware product on all of your computers and other devices. In order to keep your anti-malware protection up to date, select the automatic update option within the product.