Network security starts from authenticating any user, commonly with a username and a password. With two factor authentication something you have is also used or with three factor authentication something you are is also used (e.g. a fingerprint or retinal scan). Once authenticated, a stateful firewall enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component fails to check potentially harmful content such as computer worms being transmitted over the network. An intrusion prevention system (IPS) helps detect and inhibit the action of such malware. An anomaly-based intrusion detection system also monitors network traffic for suspicious content, unexpected traffic and other anomalies to protect the network e.g. from denial of service attacks or an employee accessing files at strange times. Communication between two hosts using the network could be encrypted to maintain privacy. Individual events occurring on the network may be tracked for audit purposes and for a later high level analysis.
Honeypots, essentially decoy network-accessible resources, could be deployed in a network as surveillance and early-warning tools. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis could be used to further tighten security of the actual network being protected by the honeypot.
A useful summary of standard concepts and methods in network security is given by in the form of an extensible ontology of network security attacks.
for more information read http://en.wikipedia.org/wiki/Network_security
Subscribe to:
Post Comments (Atom)
Thank you so much for discussing all these network security concepts. As the world is moving towards digital age and all type of information travels online there is an acute demand for security tools.
ReplyDeleteeSignature