Network security covers quite a broad spectrum of skill sets and network devices, education and policies. In order for any enterprise to have a strong network security plan in place, they have to understand all of the issues that are covered.
The protection of an enterprise network is important and it requires systems administrators to implement a variety of different security measures.
Hackers are not the only threat that a network faces; other threats to the system, to data and to network devices include:
- Employees who feel put upon or against the enterprise;
- Poor processes and procedures;
- Ignorance of security policy;
- Lack of awareness about security;
- Inappropriate physical systems access
All of these increase the risks to personnel, data and devices and, to be effective, the security measures have to overlap within the entire network.
Physical security should provide full protection from unauthorized access, fire, and natural disasters. Physical access to routers, systems, and firewalls, etc., should be a combination of a high quality lock system, backed up by a secondary system of verification, like a biometric scanner, for example.
Other forms of security are video-monitoring systems, security guards and alarms, used to keep specific areas safe and secure from access.
Systems should be password protected to make sure that only this with authorized access can gain access to the data. Fire detection system should be in place to protect equipment and data from damage, including waterless fire suppression systems.
Perimeter protection is designed to protect the enterprise network from the outside world. The most common security device used for perimeter protection is the firewall, used to block certain data from access to the network and from leaving the network.
This is done through the use of a set of filters, standard ones and those defined by the user. Most wireless routers have bolt-in firewalls already but these are basic and not always sufficient to provide the level of protection needed.
This means that IT systems administrators need to use more detailed application/application-based firewalls. Another part of perimeter security is encryption and the use of protocols to stop unauthorized access to the network.
Network monitoring can take many forms, including the use of analysis tools, sniffers, and scanners. These give the administrator access to a great deal of insight regarding vulnerabilities and is often known as a vulnerability assessment.
Some of these tools are also used by hackers to find those vulnerabilities and exploit them.
Port scanner are used to detect open ports and these can lead to finding compromising applications or services. Content filters are used to stop users from accessing websites that are not appropriate to work or that may contain malicious code.
Adware/malware scanners and anti-virus solutions can protect both hardware and data from undesirable applications.
Vulnerability assessments or monitoring keeps systems administrators up to date on what is happening on the network and allow them to determine any compromise or deviations from normal activity.