This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
When we discuss on networking, the professional area of network security involves all tasks in which companies, enterprises, and institutions carry out various measures to protect the value and ongoing usability of assets and the operations which would continue. The use of various network strategies and tools adopted by the network administrator to prevent and monitor illegal access, exploitation, new adjustments or denial of the computer network and its shared resources are briefly explained in Network Security.
Threats to network security include viruses such as Trojan horse, which is harmful and infect computers, and try to exploit network shared resources and social engineering through nontechnical means.
Due to these prevailing threats a user is able to protect his/her network by using software or hardware protectors. When operating in a network there are various aspects which need to be considered regarding various security issues. These facet can be defined as follows:
Network Access Control
Accessing the internet
Network Access Control (NAC) is a set of procedures to be used as a computer networking solution which helps to define and implement a policy in order to maintain safer access into network nodes, especially allowed only those authorized and unauthorized ones are deprived of access to network.
Various Authentication controls ( Procedures) are deployed to establish the state of confidence and users are privileged to access if the identity matches.
Common examples of access control
It is a way of affirming that a user is able to identify the given string and respond to it correctly, rather than a computer program responds. A CAPTCHA is a type of challenge-response test which enables free secure.
A credential is a physical/tangible object, knowledgeable fact, or a aspect of a person's physical being, that facilitates an individual access mainly to a given computer-based information system. More Often, they are commonly used as access card, keys, etc. There are many card technologies including magnetic stripe, bar code etc. and the latest biometric technologies include fingerprint, facial recognition, iris recognition, retinal scan, voice, and hand geometry.
The use of firewall has a large impact upon preventing malicious acts over a network. user authentication is mainly used to confirm the user identity. This is done by either using the IP (Internet Protocol) address or using user name and password for confirmation. This is a powerful way to be secured from all unauthorized access gained by outsiders.
Authentication is the process of decisive identification of a network user by validating a given set of requirements for identifying the user, mainly a user ID and password. Through user authentication, network is able to determine the resources which are allowed to be shared by a particular user and more often determined by a group connection.
We are able to use three main confirmation methods in which humans can use:
1. A unique feature to be recognized in user
2. Something the user possesses is unique
3. Verification method that user knows (a password or PIN) is unique
Also, combination of methods are used, e.g., a bank card and a PIN, in which case the term "two-factor authentication" can be used.
The restriction act of access to online documents can be done in two main ways: either by the browser hostname, or by using a username and password. The use of Browser hostname is more favorable to restrict the utilization of documents within a company or group of individuals.
Even though people who have accessed to documents stay in various locations, or aces is controlled on an individual basis by the server administrator , it is so much possible to make use of a special username and a password. This is called User Authentication.
In the process of User authentication, a file or a database is created including all the confirmed usernames and passwords, telling the server what sectors are to be protected and the list of users who are eligible to access them.
Tip Individuals might not be aware if their authentication information is used by a third party for illegal access, therefore if the user is connecting to the network through password authentication it is a good practice to change the password once in a while if possible, which applies to both administrator and guest user.
Firewall acts as a fence that protects computers from damaging forces. This may prevent viruses and pop-ups, advertisements, and other programs embedded with them to effortlessly break into a property. A firewall's protection also depends on how the user has set it to be, which usually varies from low to high. Firewall Checks and confirm any user who attempts to obtain access to network by using the IP address and stops any suspicious intruders.
Firewall types which can be used for network security.
Packet filtering : It identifies the individual packet entering or departing the network, whether to accept or reject it based on User defined rules. The main feature of packet filtering is that it works efficiently and transparent to users, but many face difficulties in configuration process.
In addition, it is vulnerable to IP Spoofing.. (which is a technique used to gain unauthorized access to computers, whereby the interloper sends messages, with an IP address representing that the message is coming from a trusted host.)
Application Gateway: Different security procedures are applied for definite applications such as the FTP server.
Circuit-level gateway: Appropriate when a transmission control protocol connection is established. Once the connection has been made, packets are easily flowed between hosts independently without further verification.
Proxy server: Intercepts all messages entering and leaving the network. The proxy server, which sits among a client and a real server effectively hides the true network addresses.
Networks become more exposed to viruses when they work with shared materials and finds it difficult to operate with larger networks. There are a number of ways to keep the computer network safe from viruses. Viruses when infected could slow down the network and its data transmission speed, corrupt system files, steal important information from your computer and send to some other person. crash systems, etc. Any virus of any scope could attack and destroy a whole network; therefore preventive actions should be taken.
The most commonly used virus protection methods are the Anti virus software and online scanning.
Anti Virus Software
The most common method to protect the network from vandalizing viruses is the use of strong anti virus software's which is used to prevent, detect, and remove malware including worms, and Trojan horses. The antivirus software should be fully updated and able to run regular running scans.
Many antivirus vendors retain websites with free online scanning capability of the entire computer especially the local disk, folders or files.
Intrusion-prevention systems can be used to protect company networks. Unlike Predictable antivirus, firewall and interruption detection systems, these proactive tools are deliberately used for protection of the vulnerable computers from harmful threats an unforeseen attack methods.
Internet access refers to the ways and means in which user connect to the internet. Internet is open to variety of security threats, where access control, user authentication, firewalls, virus protection are regarded as different aspects.
Therefore in order to prevent security threats when accessing the internet, user is able to use various precautions such as antivirus software, firewalls, secured authentication.etc
Role of Firewalls in Internet Security
Firewalls enforce restrictions on incoming and outgoing packets within the private network. All
The packets should however get ahead of firewall, but only authorized traffic is allowed. Firewalls are likely to create checkpoints between internal private network public internet and able to impose limitations on network exposure for public internet.
Utilization of public and private key algorithms are implemented within the network security protocols. These procedures are necessary as more companies are operating business activities o the internet and the control of secure payments over the web has become a greater network security problem.
Even though the user uses all of these precautions to secure internet access in networks, there is a chance of being infected by a virus or any other malicious act, because new viruses are developed to penetrate these preventive barriers.
Firewall is a segment of a computer system or a network which is designed to block unauthorized access allowing only authorized communications. It act as a device which acts as a fence that is configured to permit or reject network transmissions based on rules and other standards.
Therefore choosing a firewall that suits the network security is a significant decision which requires in-depth understanding on the currents infrastructure and their functionalities involved.
The following table shows leading firewalls with their functionalities.
Connectra Web Security Gateway 1250
Sonic WALL Pro 3060
Market Leading Security appliance.
Adaptive Security Appliance.
Flexible device management.
Multiple integrated security & networking services.
Easy to manage by a Command Line Interface (CLI) or a graphical user interface.
Virtual Private Network (VPN) connections using the IPSec Standards.
Do not Change rules without requiring restart
GUI and Text configuration modes
No open source license
Changing Default policy to accept or reject by issuing only one rule at most.
Ability to centrally manage all firewalls together
Change TTL (Transparent to trace route)
Filter according to time of day.
Access rights based on security & trust of endpoints.
Provides Both SSL and VPN and integrated Web Security.
Do not Change rules without requiring restart.
supports third-party component to extend functionality
Consist of an Intrusion Detection System
No open Source License
GUI configuration mode
Changing Default policy to accept or reject by issuing only one rule at most.
Content Filtering prevents employees accessing offensive websites and newsgroups.
Helps in logging and reporting and in IP address management.
Designed for mission-critical data & network communications
Comprehensive application control
When comparing the main features of various firewalls products, Checkpoint Connectra Web Security Gateway 1250 can be highly recommended for the above related purpose. Checkpoints ability to manage all other firewalls in a multiple secure networks, protection from virus, spyware & spam and the integration of web content filtering allows better efficiency of firewall in the network. The GUI configuration mode provides the user with significant advantages and support all of the mentioned requirements.
USER SECURITY POLICIES
User policies are required to prevent malicious acts regarding the network and should be produced to allow users manipulate the network independently. Following points out the acceptable use policies that cover three areas of the network usage. The three areas can be defined as follows:
Accessing the WWW (World Wide Web)
Instant Messaging and Chat Rooms
ACCESSING THE WWW
There are many precautions to be taken when accessing the worldwide web.
Use of a Free internet browser (Web of trust) in order to allow visit for any websites which are appropriate to the company.
Establishing a strong password for the administrator account and the user account, which prevents the unauthorized entry of intruders in to the network and hinders the process of cracking passwords.
Not installing any program you are uncertain of, which will be a threat to internet security.
Use proper antivirus software and update regularly, which helps in maintaining security and to get rid of viruses, when accessing the internet.
Keep all of your security software's updated to avoid threats which would likely to cause harm.
Make use of active firewall and updates it often to reduce the risk of being identified the network with malicious threats.
Ignore pop ups which may creep in, as in a friendly manner.
The most important precautionary actions which can be taken to reduce malicious threats when using the email are given below.
Use of an email source which is highly compatible in security will not allow threats entrance.
Not using insecure email accounts to send and receive sensitive corporate information of the company and internal communication should be protected.
The passwords used should be not be in simple terms and easy to guess, as hackers use computer programs to enter without any prior permission.
The passwords and the username used by an individual should not be shared with others as loss of privacy is experienced.
Enabling the email spam filter to function properly as it picks up emails which may proves to be harmful.
Scan all attachments as the computer network is likely to affect directly from a virus received from an email and becomes vulnerable to various threats.
log-off from email account after checking and composing emails, otherwise if you keep the mail account logged-on, any intruder with bad intentions can do harmful activities.
Not adding unknown contacts to contact list, in order to reduce spam and unwanted mails.
Prevent email overload, which helps in email efficiency.
Instant Messaging and Chat Rooms
Evaluate security settings - Checking the defaults settings in software and adjusting them. Many chat software's provides with the ability to limit interactions to specific users and most likely to get advantage of these restrictions.
Be mindful of what information you reveal - You should be cautious enough when revealing personal information unless you know who you are really talking to. You should also be careful about discussing anything you or your employer might consider sensitive business information over public IM or chat services.
Trying to verify the identity of the person - In some forums and situations, the identity of the "person" you are talking to may not matter. But having even a little degree of trust in that person helps in sharing information and vital to make sure that we are dealing with a person.
Not believing in everything we read - The information or advice we get in a chat log or by IM may be inaccurate without any validity. Trying to verify the information or instructions from external sources helps in taking necessary actions.
By not sharing the user name and password with others, the misappropriation of user names and pass words can be avoided.
Software should be regularly updated- This includes the browser, chat software, mail user, operating system and especially the anti virus software.
Avoiding from sharing personal details over chat rooms which will help to avoid any sabotage virus attack threats to the company.
SOLVE A PROBLEM IN A NETWORK
Troubleshooting is a structure of problem solving, often applied to mend failed products or procedures. It is a consistent systematic search for a potential problem, so it can be solved and the product or process can be made function again.
A user experienced a problem in logging to email and She was the only one who was using the network at that time, so the network administrator could not determine if the problem is unique to her machine or if the problem affects the entire network. With more research and questioning, we could find out that she's unable to print and decided to trouble shoot from the user's computer.
There are eight steps in troubleshooting any problem, in which initially the problem is divided to various tasks
Define the Problem
Gather Detailed information.
Consider probable cause for the failure.
Devising a plan to solve the problem.
Implement the plan.
Observe the results.( Testing)
Document the changes made to solve the problem.
Devise Preventive measures.
Define the problem
The user is unable to log on to email and she cant print, which can be unique to her machine or can affect the whole network. Often the user reporting the problem is depressed and only knows that the computer is preventing the completion of a task. It is the responsibility of the network administrator to find out what aspect of the user's machine is not working.
A good network administrator is able to explain that more information is required to identify the problem and more details should be acquired in order to solve the problem quickly.
Often, administrators will not receive all the information needed to thoroughly define the problem, so they are more likely to ask various questions to identify the drawback.
Question 1: "Were there any other problem apart from the problem in logging to email and printing?"
Question 2: "Did you use intranet mail server to log onto email?"
Question 3: "Are you using a network printer or a standalone printer?"
Answer: "A network Printer"
Question 4: "Did anything unusual happened when you were working in the computer?"
Question 5: "Earlier were you able to log onto email and take printouts?"
Question 6: "Did you make any changes?"
Consider the possibilities
The next step to be proceeded after the identification of a problem is to consider all of the possible causes. Connectivity issues are complicated to trace to a single point of failure. In most situations, there are various possible causes for a network error and the administrator should identify each likely reason.
It may be due to:
Hardware Failure -
A failure within the electronic circuits or electromechanical components (disks, tapes) of a computer system.
NIC (Network Interface Card) failure.
Software Failure -
Incorrect coding and design in programs.
Network failures -
Unfastened connections in Internet and network cables.
Create and implement an action plan
Once the network problem and possible causes have been identified, the creation of a solution is required. When developing a solution, it is more critical to analyze the proposed solution and the potential impacts that the solution may have.
Here are a few of the most important guidelines to follow when implementing a solution:
Try to make one change at a time.
Allow the transparent changes to be made first. Even though there are many potential causes for a problem, the impact on user is really essential in the first stance and able to solve the problem.
Do not create security holes when implementing the changes.
Finally, always be sure you can back out of any changes you make.
Solutions For hardware Failures:
Verify all cables are working and allow proper connection.
Validate if the NIC is working properly.
Make sure all hardware devices are associated with the required drivers.
Solutions for Software Failures:
Verify all programs are coded appropriately and they are working.
Verify the computer is free of viruses.
Solutions For Network Problems.
Confirm that cables are connected in order and work properly.
Verify the routers in the network are working properly.
Implement the Solution
Some modifications may take time to generate.
Hardware solutions can be implemented by:
Changing the cables if used cables are damaged or not in possible way to use.
Check weather all necessary drivers are installed and configured.
Confirm that NIC is properly plugged and change if needed.
Software Solutions Can be Implemented as:
Check and install all necessary software's with proper configurations.
Using an antivirus software check whether her computer is infected with virus. If it is infected try to clear the virus using updated antivirus software.
Formatting the computer and configuration will allow less threats
. Network Solutions can be Implemented as:
Check the proper available cables and change if needed.
Make sure that cables are securely connected.
Substantiate about the workings of the Router and proper connections.
Clearing the Viruses if the computer is affected, using an antivirus software.
After implementing all the possible solutions, test and see whether the problems are solved or not. Afterwards, the user is able to check the corrected problem.
Still if all the possible solutions do not solve the problem, the user needs to contact the service provider to check the issue.
If the tests were successful document all the details and specifications regarding solving the problem for future which can help any user to trouble shoot among themselves.
Devise the preventive measures
Preventive measures for computer hardware failure.
Often make sure that cables and connections are working properly and they are secure.
Once in a while clean the NIC and make sure whether it is properly plugged.
Regular update drivers for hardware devices.
Preventive measures for computer software failures.
Undesirable changes to programs and changes in network configurations should not be done.
Install antivirus software's and update regularly to secure the computer and the network from malicious threats.
Preventive measures for computer network failures.
Check whether the cables are working and in proper order with security.
Make sure that routers get uninterrupted power supply.
Use firewalls or antivirus software's to protect the network from threats.
Microsoft IPSec Diagnostic tool supports Network administrators with troubleshooting network related breakdowns, focusing initially on IPSec. It is mainly applicable on Windows Vista, Windows XP, Windows Server 2003.
It checks for frequent network problems on the host machine and recommend any repair problems are found. Further it collects IPSec information on policies and parses the IPSec logs to presume why a failure may have happened. It also offers trace collection for VPN, NAP client, Group policy updates, wireless and system events and windows firewall.
These logs are self reliant to detect any issues regarding the network. Additionally, logs are required to be shared with network administrators on Microsoft support.
The tool offers two modes of functionality, Local and Remote Mode:
In local mode, the device needs to be run on the system under investigation and can also be used for live troubleshooting. It gathers system information required to detect network issues. IPSec and related information is further parsed and analyzed to arrive at possible reasons for failures.
Remote mode offers failure diagnosis through IPSec logs. Flexibility is offered to the machine other than the one under investigation. Another input to the tool is the IP Address of the remote machine to which connectivity fails.
The main disparity between Local Mode and Remote Mode is that Local can be used for Diagnostic and Remote is used for offline study of logs which were collected. Local mode mainly works with Windows Vista.
IPSec can be used to protect the vital connections between a pair of hosts, between a pair of security gateways, or either between a security gateway and a host. (The tem "security gateway refers to an intermediate system that execute IPSec protocols. (Ex: a router or a firewall applying IPSec is a security gateway.) A "trusted sub network" contains hosts and routers that rely each other not to engage in active or passive attacks and trust that the essential channel isn't being attacked.
The initial step in installation process of IPSec is the selection of configuration method, whether it is Local mode or Remote mode. After selecting an option, user is able to proceed to the next step.
The diagnostic tool- Local mode with Non- IPSec Parameters.
Start Diagnosing the Selected options above.
Diagnostic: in process.
Diagnostics: in process.
The report is generated.