This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The rapid growth of internet leads to the development of all sectors and in turn the whole society. Many organizations have their own network infrastructure to connect to the internet in order to gain the necessary information through it as internet is the source for any kind of data retrieval. So, this rapid growth of internet lead to the need of network security which is been the major concern today. In this paper the network security I depicted the Network Security Technologies and the precautions or preventions that have to be considered for the enhancement of the network security.
Network Security Concept
The computer security is nothing but, managing the technical and processing aspects to protect the computer hardware and software from malicious viruses and intrusions. For this successful implementation security measures should follow the International Standard Organization or the ISO standards. As there is software and hardware involved with the network of computers, the security should be for both physical and logical kind. Information security is nothing but the logical security which encapsulates data and makes the information reliable. Thus network security is nothing but the protection of the networking information.
Need for network security
With the rapid growth of the internet the economy of the world is increasing to a greater extent. The computer network is growing popular in all sectors of life. Many sectors like education, sales, finance, healthcare etc. enterprises depend on internet today for the daily transactions and for the data resources respectively. This also led to network issues and finance, banking and many other enterprises have confidential information which should be protected from intruders. This is a very major problem that should be considered and here network security plays a vital role .Thus to understand the network threats and to prevent and eliminate it is the major challenge of the network security.
A network attack can be defined as a method or means intended to harm the security of the network. When there are no security measures taken, the data present in the network is subjected to an attack. It is very important to take necessary steps to put the information secure and protect from the attack.
There can be different types of attacks like:
Most of the data in the network communication is in an unsecured format, therefore vulnerable to attacks, and which easily allows the attackers to gain access to the data. There should be strong encryption based on cryptography that has to be used in order to protect the data when it passes through the network.
This is another type of attack which allows the attacker to modify or alter the data once the access is gained. This can be done without the notice of the sender or the receiver.
IP Address Spoofing
Every computer has a valid IP address and most of the networks and operating systems use this address of a computer to identify a valid entity. The attacker spoofs this address and creates a false address indicating same identity. He might create IP packets that appear to come from the original, valid addresses. And once the access is gained, the attacker can modify, delete or reroute the data.
Worms are self- replicating, malicious software programs that can crash hosts or perform other malicious activities. A worm, once gets installed in a host tries to spread itself to other hosts and destroy them too. Basically, the worm tries to send packets to some of the port numbers of IP addresses, and if they are vulnerable they get attacked by the worm. The rate at which the worm can scan for vulnerable hosts affects its speed to spread and infect them. The fastest spreading worms use emails and entries in address books of other infected hosts to have a larger reach of potentially vulnerable hosts.
Phishing, Evil Twins, and Pharming
Phishing is a kind of a security attack wherein the actual users reveal the information on the websites which look like the actual ones. The information such as logins, passwords, credit card numbers etc. might get stored without their notice.
A special form of phishing attack has been noticed where the Wi-Fi access points are placed in areas where legitimate service is being provided. And when the users try to get connected through these access points, they get a page which is similar to the actual page. This is how the personal details are also stolen by the attackers.
Pharming is another dangerous attack. In the case of pharming, DNS caches can be poisoned with fake entries so that a user sees a fake web site even if a legitimate URL is typed in the browser. DNS cache poisoning is possible when name servers use vulnerable versions of software that can be exploited with unsolicited DNS responses.
This is a kind of an attack where the access to computer usage is denied for valid (authorised) users. The attacker, after gaining access to the system can do any of the following:
Send data or information that is invalid which leads to termination or abnormal behaviour of the applications.
Cause shutdown of the computer due to overloaded data in the network or computer.
Can deny access to network resources by the authorised users
Man- in-the-middle attack is another kind of security attack where in there exists a third person between the sender and the receiver who monitors and captures all the information. It would not be known either by the sender or the receiver. The attacker can reroute the data exchange and cause harm. The person at the other end believes he is sharing the information with the right person and does not know it is the attacker.
A key is a code that is used to decrypt the message and get the information. It is one of the secured ways to transfer data. Though it is difficult to get the key, the attacker once gets it, gains access to the secured data and tries to create additional keys to get access to other secured information. The key which he gets is called the compromised key
Most of the users of the computers these days have their own usernames and passwords so that no one else is authorised to use the computer.
But if the attackers can gain access to the system by typing the password, then he gets all the privileges that the authorised user has and can manipulate the data present within too. This means the rights to the system is determined by the username and password. Hence it is very important to protect oneâ€™s own system.
A sniffer attack is another major attack which usually takes place. A sniffer is an application that can read the data present in the packets that are routed through the network. If the packets are not encrypted, it gives a complete view of the data present inside. Even the encapsulated packets can be broken and read unless they are encrypted and attacker does not get the key.
Using a sniffer, the attacker can crash the network by gaining access to information, corrupt the data.
This is another major attack where by the attacker targets the servers and creates a faulty operation. Because of this, he gains access to the systems, the applications and can
Read, delete and modify data
Introduce virus programs
Create sniffer programs and detect the data in the network
Network Security Technology
Network security has a good development scope which uses firewall technology.
Firewall is the barrier between internal and external network.
The firewall is a combination of computer hardware and software. The firewall can be established a security gateway between the Internet and the internal networks to prevent users outside to illegally enter the internal network accessing to internal network resources thereby protecting the internal network from the invasion of illegal users.
According to the technology used in different firewall, we can divide them into three basic types: packet filter-based, agent-based and monitoring-type.
The firewall is nothing but the hardware and software encapsulation which has an established gateway which thus protects from intruders in entering into the internal network from the internet. Firewall technology is of three basic types
Packet filter-based type
Packet filter-based type
Primary filter based type is a network sub transmission based technology which means the network data is encapsulated as a unit known as packet of a certain size and transmitted across the network . Each packet contains specific information such as the source address, destination address of the data, source port and destination port of TCP/UDP etc. The primary duty of the firewall is nothing but it checks the site by examining the data packets and thus confirms the authentication. If the firewall finds that the data packets or not authenticated ones then it avoids the packets treating the site as the dangerous site. System administrators actually manipulate the rules according to the situation. Packet filtering technology is simple and practical and it is cost effective and can be implemented in a simple environment.
Every technology has its own advantages and disadvantages and the packet filtering is no exception for it. As it is wholly based on the network layer security technology and it has only some specific information, it fails to recognize malicious information or the viruses. Expert hackers or intruders can easily intrude by forging IP addresses through the packet filtering firewall.
Agent based firewall or Agent server is more secured than the packet filter based firewall as it also concentrates on application layer. Agent server plays a different role from different point of views as it is the real client from the server side and it is the real server from the client side which means that when the data is requested from the clients then the request primarily moves on to the agent server and then it finally transferred to the original server and the data is retrieved and send back to the client by the agent server itself. This agent server thus prevents the external malicious sources from entering into the network because the original internal and external systems do not have direct channels.
In fact, as the main trend of the current firewall products, most of the agent server (also named application gateway) integrated packet filtering. The mixture application of these two technologies is clearly greater than the one.
Moreover, today the application gateway is incorporated with the packet filtering which is an added advantage that should be considered and this makes superiority over the packet filter based firewalls obviously.
At the same time, the firewalls are generally detectors, which are placed in a variety of application server and other network nodes. It can detect attacks not only from outside the network, but also from the inside vandalism. According to authoritative statistics, a substantial proportion of attacks come from the inside network system. Therefore, the monitoring firewall is not only beyond the traditional definition of firewall, but also exceed the previous two generations in security.
The advanced firewall which went out of context over the original firewall is Monitoring firewall. This technology is very much enhanced in providing the security. The firewalls take the responsibility and real time monitoring for each layer of the data. Monitoring the firewall can effectively depict the illegal intrusion levels during the data analysis process.
These firewalls are placed in several kinds of application servers and other network nodes. These firewalls detect attacks and intrusions from external and internal networks. According to the analysis it is the fact that the major portion of attacks comes from the inside network system. Thus this firewall is a well advanced firewall than compared to the previous firewalls and it contributes enhanced security than any other firewalls.
Computer network security as depicted earlier includes both system and data security which is supported by the firewall technology to eradicate viruses and other worms and for data security uses encryption technology which jumbles the information to make the data protected so that the intruders or unauthorized people will not understand the actual data semantics. The encryption is done in two ways. One is the public key encryption and one is the private key encryption.
Private Key encryption
Private Key encryption is nothing but to change the data format and encapsulate the data accordingly using a key and the data is sent to the receiver through the network. The receiver uses the same key and decrypts the data. This technique is reliable and leads to fast and easy to be implemented in hardware and software respectively. But once the key is disclosed the information security is impacted directly.
Public key encryption
Public key encryption uses two different keys for which one key is used for encryption of the data and the other key is used for decryption of the data. This enhances the security but the major drawback is the public key encryption is very slow and key combination leads to complexities.
Intrusion Detection System
Intrusion detection technology is a preemptive security based technology. It provides real time protection for internal and external malicious intrusions and operation to avoid danger in the network. In the process this technology improved in three different perspectives such as distributed intrusion detection, intelligent intrusion detection and comprehensive security defense program. Intrusion detection system referred (IDS) combinesâ€™ hardware and software and its main objective is to collect and analyze data from the network or system to find if there is violating security policy behavior or attacking behavior which helps the security administrators to deal with the damage easily.
Virtual Private Network (VPN) technology
VPN abbreviation is Virtual Private Network which is a nothing but a separate network which is created on the public communications infrastructure. There is a special and separate protocol dedicated for the transmission purpose and this protocol is an encrypted one. It is a virtual network which incorporates the tunneling, encryption, decryption, and key management and authentication technologies for the enhancement of the network as well as information security.
Network Security Strategy and Conclusion
Network security is a shared engineering concept which is available for several perspectives. If we consider different views and from technical point all the network administrators should be mentally strong enough to take crucial decisions at right time as network security is a frequently changing field. In other view if there is good technology, equipment and no high quality management the result will be negative. From organizational perspective the responsibilities should be rightly fulfilled and management should be effective enough. Monitoring statistics and safety oversight leads to effective network security organization.
Final point of view is to make network regulations stronger and at the same time continuously improve moral standards and policies and enhance awareness among each network use. Through all these principles and its successful implementation network security problems can be easily solved.