Network security refers to a wide range of technologies and practices that keep internal networks secure.
After reading this article you will be able to:
Copy article link
Network security is a category of practices and technologies that keep internal networks protected from attacks and data breaches. It encompasses access control, cyber attack prevention, malware detection, and other security measures.
A network is a group of two or more connected computing devices. Networks range in size from small personal area networks (PANs) and local area networks (LANs) to large wide area networks (WANs), which connect smaller networks across wide distances.
Almost all businesses today rely on some type of network to be productive, whether it is a LAN that allows their employees to access the Internet, a WAN that connects their various office locations, or a network-as-a-service (NaaS) that performs these functions in the cloud.
Like any important business asset, networks can be compromised in a variety of ways. Threats to prepare for include:
Network security is a broad field. Below are just some of the technologies that an organization can use to protect their network. In order to reduce complexity, most organizations try to rely on as few vendors as possible for network security; many enterprises look for vendors that offer several of these technologies together.
Access control restricts access to data and the software used to manipulate that data. It is crucial for preventing unauthorized access and reducing the risk of insider threats. Identity and access management (IAM) solutions can help with this area. Many enterprises use virtual private networks (VPNs) to control access; however, today there are alternatives to VPNs.
Authentication, or the verification of a user's identity, is a crucial component of access control. Using two-factor authentication (2FA) instead of simple passwords is an important step towards making networks more secure.
Firewalls filter potential threats from network traffic. They can block malware attacks, vulnerability exploits, bot attacks, and other threats. Traditional firewalls run within a business's physical location using a hardware appliance. Today, many firewalls can run in software or in the cloud, eliminating the need for firewall hardware.
Websites and networking infrastructure both need to be protected from DDoS attacks in order to remain operational. In particular, networking infrastructure needs DDoS mitigation at the network layer, rather than the application layer.
While firewalls and DDoS protection keep external attacks from coming into a network, data loss prevention (DLP) stops internal data from being taken outside of a network.
Accessing the Internet from within a network introduces risk because web browsing involves executing code from external untrusted sources (e.g. various web servers) on user devices. Browser isolation eliminates this risk by executing code outside of an organization's internal network, often on a cloud server.
While it is not possible to be completely secure from attacks, these steps can further reduce risk:
Maintaining data backups: Even the most well-defended network can fall to an attack. Losing partial or full access to internal data and systems can be devastating to a business; keeping backup copies of data helps to mitigate the impact of such an attack.
User education: Many data breaches and malware infections occur because a user simply made a mistake, whether by accidentally opening an unsafe email attachment, providing their login credentials as a result of a phishing attack, or allowing outside access in some other way. Internal employees and contractors should be made aware of how to stay safe and protect the network.
Applying a 'zero trust' philosophy: Zero trust security is the principle that no user or device should be trusted by default.
In addition to securing their networks, many enterprises today need to protect cloud computing resources as well. Learn more in How does cloud security work?