security for fututre network
TRANSCRIPT
-
7/31/2019 Security for Fututre Network
1/9
FACULTY OF COMPUTER SCIENCE AND
INFORMATION TECHNOLOGY
TITLE : [ CYBER SECURITY ]
SECURITY FOR FUTURE NETWORK
NAME : GUNAWATHY A/P GANESAN
(3112032981)
RAVINTHIRA KUMAR A/L BALACHANDRAN
(3112031341)
MAGESHVAREN A/L ARISATHAGAVELOO
(3112035621)
PROGRAM : DIPLOMA IN INFORMATION TECHNOLOGY
-
7/31/2019 Security for Fututre Network
2/9
What is network security?
Network securityconsists of the provisions and policies adopted by a network
administrator to prevent and monitor unauthorized access, misuse, modification,
or denial of a computer network and network-accessible resources. Network
security involves the authorization of access to data in a network, which is
controlled by the network administrator. Users choose or are assigned an ID andpassword or other authenticating information that allows them access to
information and programs within their authority. Network security covers a
variety of computer networks, both public and private, that are used in everyday
jobs conducting transactions and communications among businesses, government
agencies and individuals. Networks can be private, such as within a company, and
others which might be open to public access. Network security is involved in
organizations, enterprises, and other types of institutions. It does as its title
explains: It secures the network, as well as protecting and overseeing operations
being done. The most common and simple way of protecting a network resource
is by assigning it a unique name and a corresponding password.
http://en.wikipedia.org/wiki/Policieshttp://en.wikipedia.org/wiki/Network_administratorhttp://en.wikipedia.org/wiki/Network_administratorhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Network_administratorhttp://en.wikipedia.org/wiki/Network_administratorhttp://en.wikipedia.org/wiki/Policies -
7/31/2019 Security for Fututre Network
3/9
Network Security Defined
So what is the definition of network security? That depends on where you stand.
For the Legal department, network security is the set of controls required to
maintain compliance with regulatory constraints. For product engineers, it may be
the processes and technology to protect intellectual property. Business
management will probably tell you that, while they are concerned with legal and
intellectual property concerns, they also want to make sure critical business
systems remain available.
It can get a little confusing when trying to sort all this out. However, from a
security professional's perspective, all these requirements make sense. They are
covered under the three pillars of information security:
Confidentiality - concerned with making sure the wrong people can't see
sensitive information
Integrity - ensuring all data, whether medical, business, or financial, is accurate
Availability (continuity) - keeping the bad guys from access they can use to take
down a system or entire network (i.e., killing one or more critical business
processes)
-
7/31/2019 Security for Fututre Network
4/9
These three outcomes are the objectives of all network security, including
stopping bad stuff from coming into the network and thwarting attacks which
make it past perimeter controls- and they will eventually make it past your well-
planned and implemented defenses.
In the next installment in this series, we'll explore at a high level how various
layers of controls work to protect your network and the data stored in or moving
through it.
Network security concept
Network security starts with authenticating the user, commonly with a username
and a password. Since this requires just one detail authenticating the user name
examples the password, which is something the user 'knows', this is sometimes
termed one factor authentication. With two-factor authentication, something the
user 'has' is also used example a security token or 'dongle', an ATM card, or a
mobile and with three-factor authentication, something the user 'is' is also used
such a fingerprint or retinal scan.
Once authenticated, a firewall enforces access policies such as what services are
allowed to be accessed by the network users. Though effective to prevent
unauthorized access, this component may fail to check potentially harmful
content such as worms or Trojans being transmitted over the network. Anti-virus
software or an intrusion prevention system (IPS) help detect and inhibit the action
of such malware. An anomaly-based intrusion detection systemmay also monitor
the network and traffic for unexpected or suspicious content or behavior and
other anomalies to protect resources, example fromdenial of service attacks oran employee accessing files at strange times. Individual events occurring on the
network may be logged for audit purposes and for later high-level analysis.
Communication between two hosts using a network may be encrypted to
maintain privacy.
http://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Two-factor_authenticationhttp://en.wikipedia.org/wiki/Security_tokenhttp://en.wikipedia.org/wiki/ATM_cardhttp://en.wikipedia.org/wiki/Fingerprinthttp://en.wikipedia.org/wiki/Retinal_scanhttp://en.wikipedia.org/wiki/Firewall_(networking)http://en.wikipedia.org/wiki/Trojan_horse_(computing)http://en.wikipedia.org/wiki/Anti-virus_softwarehttp://en.wikipedia.org/wiki/Anti-virus_softwarehttp://en.wikipedia.org/wiki/Intrusion_prevention_systemhttp://en.wikipedia.org/wiki/Malwarehttp://en.wikipedia.org/wiki/Anomaly-based_intrusion_detection_systemhttp://en.wikipedia.org/wiki/Deep_packet_inspectionhttp://en.wikipedia.org/wiki/Denial_of_servicehttp://en.wikipedia.org/wiki/Denial_of_servicehttp://en.wikipedia.org/wiki/Deep_packet_inspectionhttp://en.wikipedia.org/wiki/Anomaly-based_intrusion_detection_systemhttp://en.wikipedia.org/wiki/Malwarehttp://en.wikipedia.org/wiki/Intrusion_prevention_systemhttp://en.wikipedia.org/wiki/Anti-virus_softwarehttp://en.wikipedia.org/wiki/Anti-virus_softwarehttp://en.wikipedia.org/wiki/Trojan_horse_(computing)http://en.wikipedia.org/wiki/Firewall_(networking)http://en.wikipedia.org/wiki/Retinal_scanhttp://en.wikipedia.org/wiki/Fingerprinthttp://en.wikipedia.org/wiki/ATM_cardhttp://en.wikipedia.org/wiki/Security_tokenhttp://en.wikipedia.org/wiki/Two-factor_authenticationhttp://en.wikipedia.org/wiki/Authentication -
7/31/2019 Security for Fututre Network
5/9
Honey pots, essentially decoy network-accessible resources, may be deployed in a
network as surveillance and early-warning tools, as the honeypots are not
normally accessed for legitimate purposes. Techniques used by the attackers that
attempt to compromise these decoy resources are studied during and after an
attack to keep an eye on new exploitation techniques. Such analysis may be usedto further tighten security of the actual network being protected by the honeypot.
Security management
Security management for networks is different for all kinds of situations. A home
or small office may only require basic security while large businesses may require
high-maintenance and advanced software and hardware to prevent malicious
attacks from hacking and spamming.
Firewall network
A firewall can either be software-based or hardware-based and is used to help
keep a network secure. Its primary objective is to control the incoming and
outgoing network traffic by analyzing the data packets and determining whether
it should be allowed through or not, based on a predetermined rule set. A
network's firewall builds a brigade between an internal network that is assumed
to be secure and trusted, and another network, usually an external
(inter)network, such as the Internet, that is not assumed to be secure and trusted.
Many personal computeroperating systemsinclude software-based firewalls to
protect against threats from the public Internet. Manyroutersthat pass databetween networks contain firewall components and, conversely, many firewalls
can perform basic routing functions.
The term firewall originally referred to a wall intended to confine a fire or
potential fire within a building. Later uses refer to similar structures, such as the
http://en.wikipedia.org/wiki/Honeypot_(computing)http://en.wikipedia.org/wiki/Decoyhttp://en.wikipedia.org/wiki/Exploit_(computer_security)http://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/Router_(computing)http://en.wikipedia.org/wiki/Router_(computing)http://en.wikipedia.org/wiki/Router_(computing)http://en.wikipedia.org/wiki/Firewall_(construction)http://en.wikipedia.org/wiki/Firewall_(construction)http://en.wikipedia.org/wiki/Router_(computing)http://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/Exploit_(computer_security)http://en.wikipedia.org/wiki/Decoyhttp://en.wikipedia.org/wiki/Honeypot_(computing) -
7/31/2019 Security for Fututre Network
6/9
metal sheet separating the engine compartment of a vehicle or aircraft from the
passenger compartment.
Firewall technology emerged in the late 1980s when the Internet was a fairly new
technology in terms of its global use and connectivity. The predecessors to
firewalls for network security were the routers used in the late 1980.
Why You Should Care about Network Security for future
Network security hasn't always been as important as it is today. The history of
network security is a story of the evolution of processing power, connectivity, and
the Internet.
When computers first appeared in business, they were large, multi-user devices
locked behind the doors of a data center- a data center jealously protected by
information technology (IT) staff. In many cases, users didn't even have terminals.
They handed a request to a computer operator and received a report in return.
No real security issues here.
In addition to business user restrictions, early computers were rarely attached to
other computers; and the Internet didn't exist. Opportunities for attacker access
to sensitive information were rare, and personal identity information was stilllargely kept on paper in file cabinets.
Eventually, personal computers began appearing in businesses. Of course,
management wanted these systems connected to the data center systems. Thus,
networks appeared. Early Token Ring and Arc net technologies eventually gave
way to wireless and Ethernet connectivity, providing high-speed access. Add to
-
7/31/2019 Security for Fututre Network
7/9
this the current need to connect to the Internet, and opportunities for criminals
across the globe to steal data or hold networks hostage abound.
Previous case studies show below :
Reported network attacked
Type of attack Percentage reportingsuccessful attack
Computer virus/worm 85%
System penetration 40%
Denial of service attacks 40%
web server penetration 38%
-
7/31/2019 Security for Fututre Network
8/9
Reference
Dhillon, Gurpreet (2007). Principles of Information Systems
Security: text and cases. NY: John Wiley & Sons. ISBN 978-0-471-
45056-6.
Allen, Julia H. (2001). The CERT Guide to System and Network
Security Practices. Boston, MA: Addison-Wesley. ISBN 0-201-
73723-X.
Discovering COMPUTER Your interactive Guide to the Digital
World (2012) ,Gary B.Shelly,Misty E.Vermaat,JeffreyJ.Quasney,Susan L.Sebok,Steven M.Freund
http://en.wikipedia.org/wiki/International_Standard_Book_Numberhttp://en.wikipedia.org/wiki/Special:BookSources/978-0-471-45056-6http://en.wikipedia.org/wiki/Special:BookSources/978-0-471-45056-6http://en.wikipedia.org/wiki/International_Standard_Book_Numberhttp://en.wikipedia.org/wiki/Special:BookSources/0-201-73723-Xhttp://en.wikipedia.org/wiki/Special:BookSources/0-201-73723-Xhttp://en.wikipedia.org/wiki/Special:BookSources/0-201-73723-Xhttp://en.wikipedia.org/wiki/Special:BookSources/0-201-73723-Xhttp://en.wikipedia.org/wiki/International_Standard_Book_Numberhttp://en.wikipedia.org/wiki/Special:BookSources/978-0-471-45056-6http://en.wikipedia.org/wiki/Special:BookSources/978-0-471-45056-6http://en.wikipedia.org/wiki/International_Standard_Book_Number -
7/31/2019 Security for Fututre Network
9/9
Conclusion
Because networks are so commonplace within organizations, network security is
Important for all administrators. Maintaining good network security is a full-time
task that has to involve the cooperation of all employees within an organization.
Because network security is so important, and involves all aspects of day-today
Operations, it is important that security policies be communicated from
the top down, and that all managers are involved in the planning of network
Security policies
Many organizations, especially small ones, dont feel that they need to worry
about network security. The truth is, any organization that is publicly connected
to the Internet has to make an effort to secure its border.