A properly secured network is contingent upon the proper design methodology, documented policies and procedures, and continuous monitoring and measurement of the design and implementation effectiveness. The primary objective in developing a security program is to render industrial espionage ineffective by implementing appropriate security measures.
The following identifies the main components and concerns as they relate to network and system security:
Physical and Environmental Securities
Physical security identifies the steps that must be taken to physically secure network and system related equipment from various hostile attacks. The objective of this category is to prevent unauthorized physical access, damage or interference to the organization's premises and infrastructure, using controls appropriate to the identified risks and the value of the assets protected. Environmental security includes and protects against power outages, failure of temperature control systems, as well as natural disasters.
A network perimeter is the boundary between the private and locally managed-and-owned side of a network, and the public and usually provider-managed side of a network. Perimeter security has historically been the main, and sometimes only, focus of a company’s security stance. However, in today’s highly sophisticated environment, perimeter security is only one facet of a multiple faceted security approach. Perimeter security includes: firewalls, VPN concentrators and routers. All of these devices are designed to allow certain traffic in while blocking certain traffic out, based on source and destination addresses and ports.
Intrusion Prevention Systems
Intrusion prevention systems are network devices and/or software application sets that monitor network and system activities for malicious content or unusual behavior, and act accordingly. The response can be simply recording or logging the event, up to including dynamically blocking the offending traffic or source. Network-based IPS, for example, will operate in-line to monitor all network traffic for malicious code of attacks. When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass.
Strong network security reduces the loss of information, and increases service availability and confidentiality. Companies that monitor the activities and usage patterns of their network can better adapt to changing conditions, and can better manage productivity. Contact us today to learn how Net-Tech Associates can give you peace of mind.