Computer Network Security.
Network security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment.
Network security is implemented by the tasks and tools we use to prevent unauthorized people or programs from accessing our networks and the devices connected to them. In short, our computer can’t be hacked if hackers can’t get to it over the network. Network security works to keep our network safe from cyber attacks, hacking attempts, and employee negligence.
Computer network security consists of measures taken by business or some organizations to monitor and prevent unauthorized access from the outside attackers like hackers, crackers etc. Network Security also plays a vital role in protecting client data and information as well as keeping shared data secure and ensuring reliable access.
Different approaches to computer network security management have different requirements depending on the size of the computer network. For example, a home office requires basic network security while large businesses require high maintenance to prevent the network from malicious attacks.
Network Administrator controls access to the data and software on the network. A network administrator assigns the user ID and password to the authorized person.
Encryption/Decryption:
- Encryption: Encryption means that the sender converts the original information or text into another form by using different cipher techniques and sends this encrypted message over the network.
- Decryption: Decryption reverses the Encryption process in order to transform the message or cipher text back to the original text is caller Decryption.
The data which is to be encrypted at the sender site is known as plaintext, and the encrypted data is known as ciphertext. The data is decrypted at the receiver site.
Cyber-crime usually includes the following −
- Unauthorized access of the computers
- Virus/worms attack
- Theft of computer system
- Hacking
- Denial of attacks
- Logic bombs
- Trojan attacks
- Email bombing
- Salami attacks
- Physically damaging computer system.
Network security methods
There are variety of specialized techniques and methods some are given below:
- Access control:
You should be able to block unauthorized users and devices from accessing your network. Users that are permitted network access should only be able to work with the limited set of resources for which they’ve been authorized.
- Antivirus and antimalware Software:
An antivirus is a tool that is used to detect and remove malicious software. It was originally designed to detect and remove viruses from computers.
Modern antivirus software provide protection not only from virus, but also from worms, Trojan-horses, adwares, spywares, keyloggers, etc. Some products also provide protection from malicious URLs, spam, phishing attacks, DDoS attacks, etc.
- Application security:
Insecure applications are often the vectors by which attackers get access to your network. You need to employ hardware, software, and security processes to lock those apps down.
- Data loss prevention:
Human beings are inevitably the weakest security link. You need to implement technologies and processes to ensure that staffers don’t deliberately or inadvertently send sensitive data outside the network.
- Email security:
Phishing is one of the most common ways attackers gain access to a network. Email security tools can block both incoming attacks and outbound messages with sensitive data.
- Firewall:
Firewalls control incoming and outgoing traffic on networks, with predetermined security rules. Firewalls keep out unfriendly traffic and are a necessary part of daily computing. Network Security relies heavily on Firewalls, and especially Next Generation Firewalls, which focus on blocking malware and application-layer attacks.
- Intrusion detection and prevention:
Intrusion Detection Systems, also known as Intrusion Detection and Prevention Systems, are the appliances that monitor malicious activities in a network, log information about such activities, take steps to stop them, and finally report them.
- Mobile device and wireless security: Wireless devices have all the potential security flaws of any other networked gadget — but also can connect to just about any wireless network anywhere, requiring extra scrutiny.
- Network segmentation: Software-defined segmentation puts network traffic into different classifications and makes enforcing security policies easier.
Network security software
- Network firewalls
- Next-generation firewalls
- Web application firewalls
- Database firewalls
- Unified threat management
- Cloud firewalls
- Container firewalls
- Network segmentation firewalls
