What is network security?

The word "network security" refers to a wide range of technology, devices, and processes. In its most basic form, it is a combination of rules and configurations that use both hardware and software technologies to safeguard the confidentiality, integrity, and accessibility of computer networks and data. Every company, regardless of sector, size or infrastructure, needs network security solutions to protect itself from the ever-increasing landscape of cyber threats that exist today.

How does network security work?

An organization can face attacks on many fronts, given the technological advancements over the past decades. The potentially vulnerable areas have been identified and grouped around mission-critical assets or the confidential data to be protected, forming seven layers of cyber security:

• Critical assets security- These are the critical data assets that needs to be protected
• Data Security – Securing the data transfer and storage processes.
• Application Security – Protecting the application and its access control.
• Endpoint Security/System Security – Device-network connection.
• Network Security – Protecting computer networks from cyber threats and intrusion.
• Perimeter Security – Protecting the hardware and digital devices.
• Human Layer – The weakest link between policies, procedures, and awareness.

Onion Model representing Network Security Layers

The network security layers can be compared to that of layers of an onion as shown in the figure below. The mission-critical assets are the bulb of the onion, surrounded by the multiple layers controlled by tools and policies to block unwanted users from accessing sensitive information. These concentric layers act as checkpoints monitoring data access.

Network Security Controls

Any action taken to avoid risks to the given layers and protect sensitive data can be considered a form of network security control. There are three types of controls:

• Physical: Unauthorized physical access to data is prevented using methods like biometric authentication, locks, etc.

• Technical: Data under transit, i.e., data moving out or into a network, is protected from malicious online threats.

• Administrative: Policies that govern user access and behavior concerning the data help control the risk of data theft.

Types of Network Security

Security breaches can cause severe damages to a company's reputation and finances. Organizations must carefully choose network security tools and protection systems and customize them according to their needs. Various types of network security are discussed in detail below.

Network Access Control

This security system follows strict policies that monitor the potential and personnel access to the organization's computer networks and the data communicated through them. For example, it maintains control by offering limited access to confidential files within a network or by restricting external, non-compliant devices like mobile devices.

Firewall

Firewalls are essential, especially when data transfer occurs between the network and an external connection. They act as barriers between the internal and external networks (e.g., the internet) involved in the data transfer via network security rules. With continuous developments, next-generation firewalls are required that can target cyber threats while monitoring data traffic.

Network Segmentation

Data is moved continuously within a network for various purposes, which gives rise to many blockages or bottlenecks. These points cause congestion or network traffic, similar to vehicular traffic on roads. It slows down data transit, implying potential security risks. Reducing network traffic, categorizing essential assets, and establishing defined boundaries for each category help to ensure that the data remains within the network. With additional customization, organizations can monitor data access. They can authorize access based on the job description, location, etc., of the personnel.

Anti-virus and Anti-malware software

Multiple malicious software components can cause catastrophic damage to network systems. Also known as malware, these software attack the vulnerable areas of the network.

• Viruses: These are the files that, when downloaded, can corrupt the code by inserting their own code and perform malicious activities.

• Worms: They can survive independently unlike viruses that depend on a host program. They slow down computer networks and reduces the bandwidth.

• Trojan: It creates a doorway for unauthorized users to access the computer system in the guise of a real program. It can also activate other dormant threats in the computer network.

• Spyware: It acquires personal data and information from the computer network and sends it to third-party companies without the owner's consent.

Anti-virus and anti-malware software work by scanning all imported or downloaded files and removing them from the program upon their detection. The best network security software goes beyond entry checks, tracks down problematic files with anomalies, and ensures their removal.

Virtual Private Network (VPN)

Effective for remote-access operations, VPNs establish a secure, encrypted connection between the external endpoint to the network. Users working from home need to use authenticated software to access the secured network from their home devices (or individual hosts) over the internet. Other features like multi-factor authentication and two-way encryption assure network security.

Intrusion Prevention Systems (IPS)

Detection, monitoring, and prevention of threats constitute the purpose of IPS. These systems operate by shutting off access points upon identifying threats and attacks like denial-of-service and set up firewalls to avoid them in the future.

Wireless Security

Wi-Fi security focuses on preventing unauthorized people from accessing a wireless network. Wireless security protocols or network security keys provide the authentication needed to use a Wi-Fi network. The currently available protocols are:

• Wired Equivalent Privacy (WEP)
• Wi-Fi Protected Access (WPA)
• Wi-Fi Protected Access 2 (WPA 2)
• Wi-Fi Protected Access 3 (WPA 3)

Each network security key is more secure than the previous one. Using custom-designed products can elevate the security of wireless networks and prevent their exploitation.

Cloud Security

With the emergence of the COVID-19 pandemic, many organizations resorted to the work-from-home culture, for which remote access and cloud technologies proved very effective. With this, the need for on-premises local data centers has declined, and migration towards the cloud for application workload is favored. 

This area demands a cybersecurity defense system that targets risk factors. Cloud systems introduce new challenges to network security development when the network expands geographically. They allow multiple users to update the core data assets. Secure configuration of such updates is crucial to prevent malware attacks and hacker threats. Protection, in this case, can be provided by cloud security systems like Software-defined Wide Area Network (SD-WAN) solutions. Cloud-hosted services such as a firewall-as-a-service deployment have also gained popularity in recent times.

Ethical Hacking

This part of cybersecurity involves testing and validating the program code to identify the vulnerable and penetrable access points for black-hat hackers, and supplying this information to the concerned organizations. It is done to point out discrepancies in the code and correct them. It bypasses an organization's network security system to detect its loopholes and finds ways to cover them up.

Common Mistakes

People often mistake network security to be similar to cyber security. There are slight differences between the two terminologies. Network security pertains to protecting an organization's network architecture that includes computers, users, and company-related programs. Conversely, cyber security pertains to protecting networks and systems from general digital attacks. It is not restricted to an organization.

Also, you may modify the layers of network security based on the company's operations, and they may not be restricted to seven layers. A single network security measure is insufficient and therefore, a combination of protective measures is used based on the requirements of an organization.

Context and Applications

This topic is significant for the professional exams of both undergraduate and graduate courses, especially:

• Bachelors in Computer Science
• Bachelors in Information Technology
• Masters in Computer Science
• Masters in Cyber Security Management
• Network security concepts are also useful for specialization courses in hacking, cyber security, and other related fields.

Related Concepts

• Cyber security
• Cloud security
• Data loss prevention
• Malware
• Information security
• Cross-platform authentication
• Web technologies and cloud computing

Practice Problems

Q1. There are seven layers to network security that target the potential areas of vulnerability in a program or network. Which model is used to represent these layers? 

(A) Corn

(B) Onion

(C) Rosette

(D) Apple

Correct Option: (B)

Explanation:- The mission-critical assets are the bulb of the onion, surrounded by the multiple layers controlled by tools and policies to block unwanted users from accessing sensitive information.

Q2. Which type of network security acts as a barrier between the internal and external networks among which data is shuffled?

(A) Network Access Control

(B) Network Segmentation

(C) Firewall

(D) VPN

Correct Option: (C)

Explanation:- Firewalls are essential, especially when data transfer occurs between the network and an external connection. They act as barriers between the internal and external networks (e.g., the internet) involved in the data transfer via network security rules

Q3. __________ authenticate access to a wireless network.

(A) Network security keys

(B) VPNs

(C) Iris identification

(D) Signature

Correct Option: (A)

Explanation:- Network security key is an encryption key used for the purpose of protection.

Q4. Which malware can work independently by slowing down the network bandwidth?

(A) Virus

(B) Trojan

(C) Ransomware

(D) Worm

Correct Option: (D)

Explanation:-Worm is a malicious self-replicating program that spread in the entire network.

Q5. ___________ helps to identify the weak or vulnerable points of a program or a network.

(A) VPN

(B) Trojan

(C) Ethical hacking

(D) Segmentation

Correct Option: (C)

Explanation:- Ethical hacking is a process of finding and detecting vulnerabilities in an system or application.