A Final Word on Network Security

Securing a network and its resources is certainly the greatest challenge a network administrator faces. Even office politics can seem like a stroll in the park compared to the scramble that takes place when the internal network security has been breached by someone with mischief in mind.

Although this chapter certainly is not intended as the ultimate treatise on network security, I hope that you take a couple things away with you after reading it. First, assess the possible security risks to your network. Second, develop a security plan.

Every network needs a security plan that catalogs the possible threats to the network and the measures you plan to take to negate these threats. If the biggest problem on your network is users messing up important files, your security plan needs to lean toward user education. If you have highly sensitive data on your network, such as the cure for the common cold, your network may face attacks from employees bent on stealing corporate secrets and crackers on the outside who want to break into the network and steal your valuable data. This means you need to come up with a security strategy that can fight against internal and external attacks.

So, take my word for it: You need a security plan. Having a plan also makes it easier to justify the purchase of expensive pieces of equipment such as firewalls.

The Absolute Minimum

In this chapter we took a look at how you secure your network and its resources. We discussed issues related to users and groups. We also looked at threats to your network, including viruses and other malware.

  • The first line of defense for network security is user authentication. Users cannot access the network without a valid username and password.

  • User account options such as logon hours allowed and the number of connections allowed for an account can be used to increase network security.

  • Share permissions or rights are used to supply different levels of access to users in relation to a particular resource on the network. User groups can be created on the network and then assigned permissions for various network resources.

  • A virus is malicious program code that can replicate and spread from computer to computer on the network. A worm is malware that spreads itself from computer to computer without activation by a user (which differs from a virus). A Trojan is malware masquerading as a regular software program, such as a game or screensaver.

  • A number of different types of attacks can be launched from outside a network connected to the Internet. These attacks include eavesdropping and IP spoofing.

  • IPSec, a suite of IP security protocols that provide encryption and authentication methods , has been developed to help negate malicious attacks on IP networks.

  • Firewalls are hardware and software devices that can control the flow of data packets between an internal network and an external network such as the Internet.



Absolute Beginner's Guide to Networking
Absolute Beginners Guide to Networking (4th Edition)
ISBN: 0789729113
EAN: 2147483647
Year: 2002
Pages: 188
Authors: Joe Habraken

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net