Network Security: The Basics
Network security consists of preventing and protecting against unauthorized encroachment into corporate networks. Network security focuses on how devices interact rather than on the actual devices, like endpoint security. Network security and endpoint security go hand-in-hand.
SANS Institute expands the definition of network security:
“Network security is the process of taking physical and software preventive measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment.”
No matter how network security is defined, think of it as the tasks and tools you use to prevent unauthorized users from accessing your corporate network and any of your connected devices.
Types of Network Security
There is an array of techniques and types of network security out there such as access control, application security, email security, firewalls, VPNs, and much more — let’s define them:
Access control systems authenticate and authorize users by evaluating the required credentials — verifying that the person or application is who or what it claims to be, and authorizing the appropriate access levels and permissions associated with the username or IP address. Users are then enabled to connect to the authorized network resources.
Antivirus and Antimalware Software
Viruses, worms, Trojans, ransomware, and spyware attempts spread across a network, sometimes lying dormant on an infected computer for days or even weeks. Antimalware programs should not only scan for malware upon entry, but also continuously track files to find anomalies, remove malware, and fix the damage.
Application security is the use of software, hardware, and procedural methods to protect applications from external threats. Having security in place will minimize unauthorized code manipulating applications to access, steal, modify, or delete sensitive data.
Behavioral Analytics analyzes historical data logs — including network and authentication logs collected and stored in log management and SIEM systems to identify patterns of traffic caused by user behaviors, both normal and malicious. Knowing what normal network behavior looks like is crucial so that you can spot anomalies or breaches as they happen.
Data Loss Prevention
Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. DLP software products help a network administrator control what data end users can transfer. Humans are always the weakest link in security, it is imperative to have systems in place.
Nearly a third of all breaches in the past year involved phishing, according to the 2019 Verizon Data Breach Investigations Report. Phishing attacks are one of the most common ways hackers can gain access to a network. An email security application blocks incoming attacks and controls outbound messages to prevent the loss of sensitive data.
A firewall is a tool used to maintain the security of a private network. Firewalls block unauthorized access to or from private networks — and are often used to prevent unauthorized web users or illicit software from gaining access to private networks connected to the internet.
Intrusion Prevention Systems
These systems inspect network traffic to identify and block attacks, often by correlating network activity signatures with databases of known attack techniques.
Mobile Device Security
With an increasing amount of remote workers and mobile devices essentially being handheld computers, it is important to control which devices can access your network. Configuring their connections to keep network traffic encrypted is equally as important.
Software-defined segmentation puts network traffic into different classifications and makes enforcing security policies painless. When a hacker gains unauthorized access to a network, segmentation or “zoning” can provide effective controls to limit further movement across the network.
Security Information and Event Management
SIEM products aggregate relevant data from multiple sources, identify deviations from the norm and take appropriate action. This would mean when a potential issue is detected, a SIEM might log additional information, generate an alert and instruct other security controls to stop an activity’s progress.
VPN stands for Virtual Private Network. It is essentially a tunnel that allows your information to travel online securely, providing you with a safe way to access a private network or the public internet.
A web security solution will control your employee’s web use, block web-based threats, and deny access to malicious websites. It can protect your web gateway on-premise or in the cloud. "Web security" also refers to the steps you take to protect your organization’s website.
Get Started with OpenVPN
OpenVPN’s business VPN, Access Server, is a network security solution that provides access control, application security, email security, mobile device security, and web security. Access Server is a set of installation and configuration tools designed specifically for businesses.
Securing data communications, Access Server, protects sensitive data on the internet and remote access for employees, secures IoT, and provides secure access to on-premise, data center, or public cloud resources — essentially creating a virtual private network. These tools come in a single package to simplify the implementation of a VPN remote access solution.