What is Network Security
Network Security, as defined by the renowned SANS Institute, is “the process of taking physical and software preventive measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform the critical functions within a secure environment”. Or in other words, the set of rules designed to protect the sincerity, privacy, and accessibility of a computer network and its data.
Stephen Northcutt, the CEO of SANS Institute, wrote about the basics of network security. His idea of protection, detection, and reaction is the underlying framework for many network security strategies today.
- Protection - the network needs to be designed as correctly as possible.
- Detection - you must be able to recognize if a configuration has changed or if there is a problem with some network traffic.
- Reaction - after the problems have been detected you must respond quickly to fix the issue and return your network back into a safe environment.
These 3 main points tie together to have a defense in depth strategy. Defense in depth is a common theme with security, as relying on just one layer of security is dangerous and reckless. Especially with the tools and software now, any single layer of defense can be taken down by a determined opponent. With defense, your network isn’t a line or point: it’s a territory. So even if an attacker has already broken through to part of your network, you still have the means to identify and expel them if your defenses have been properly organized.