• DISCOVER
  • CREATE
IN-FOCUS
CONCEPTS
PROCESS
ROLES
CONTEXT
RATIONALE
HANDS-ON LAB
CHALLENGE
CONTRIBUTING FACTORS
COURSE OF ACTION
Key Concepts:
  • Layered security strategies
  • Layered security for enterprise network resources
  • Practices for hardening systems and networks against an attack
  • Security as a process rather than a goal
  • Security as a process or a life cycle that requires constant attention

Network Security,
Firewalls, and VPNs

Network Security Implementation Strategies

Network Security Implementation Strategies
Network Security Concepts
Irrespective of its size, purpose, or function, network security is applicable to all organizations. Network security includes layered defenses, proper use of protocols, use of addressing for segmentation, communication management, and system hardening.

Think about answers to the following questions related to network security. Then, click each question to reveal its answer.
  • How does layered security improve security?
  • How does layered security improve network security?
  • What are the various types of IP addresses used in a network, and how do they affect security?
  • What are the different types of addresses used in a network, and how do they affect security?
X
A layered security involves multiple levels of defense and, hence, the layered approach is slow, methodical, compartmentalized, and thorough. For example, the first layer of defense for an organization's Web server is a firewall. The next layer is an intrusion detection system (IDS) or an intrusion prevention system (IPS) and then comes the vulnerability assessment. The image shows the various layers of a layered security. Click the image for an enlarged view of various layers in a layered security.
When the layered security is applied to a network, there exists a layered perimeter of defense with two or more firewall, such as internal and external firewalls. This secures the internal networks. In the given image, for the Web server, there is an external firewall that faces the Internet and there is an internal firewall that secures the internal network. Click the image to see the enlarged view.
The two types of IP addresses are public IP addresses and private IP addresses. An organization needs a public address to communicate with the Internet, and private addresses serve as a basic isolating security measure from external public addresses. An organization can use private addresses for internal networks and the public address for external networks.

Click here to know more about each of these IP addresses.
Address management is an important concern of network security. The two types of addresses an organization uses are static addresses and dynamic addresses. When addresses are assigned dynamically, it's possible for a rogue system to come online and receive a valid IP address just by asking. If addresses are assigned statically, the attackers need to discover valid but unused IP addresses and manually configure their systems to use them. Similarly, if DHCP reservations are used, the attacker either manually and statically assigns his own address or spoofs a Media Access Control (MAC) address to "borrow" an IP address from another off-line system.

Click here to know more about each type of address and the related security concerns.
System Hardening
System hardening focuses on improving the security of hosts and nodes. The system hardening process reduces the attack surface of a potential target by removing unnecessary components and adding protections. Review the system hardening methods given below. After going through the system hardening methods, click the ACTIVITY button to attempt a simple activity.

Resources
The system hardening process involves installing application and operating system updates and patches, using strong passwords, restricting or prohibiting anonymous access, removing unneeded services, and separating the production and development environments, among other restrictive techniques.

Click here to know more about the system hardening techniques.

Click the RESOURCES icon to view examples of resources available for hardening systems and descriptions and links to hardening guidelines and standards.
Components of Security
To have a successful network security implementation, an organization should consider not only the bigger picture but also the individual aspects of security. The various components of security are listed below. Click each security component to review the role it plays in securing information systems in an organization. After going through the components of security, click the ACTIVITY button to attempt a simple activity.
  • Node security
  • Network security
  • Physical security
  • Administrative controls
To create security, an organization must start at the lowest level, such as the device level, also known as node, because security of devices creates greater security. The following roles are involved in node security:
  • End-users: Responsible for acceptable use and should have security awareness
  • System administrator: Responsible for security implementation
  • Network administrator: Responsible for networking devices
  • Physical security staff: Responsible for physical controls
Click here to know more about node security strategies.

The main concerns of a network security are:
  • Addressing
  • Topology
  • Communication protocols
  • Communication pathway
  • Redundancy
Click here to know more about each of these components.

In an organization, physical security is important because the physical access of a device bypasses many other controls. Therefore, all the critical devices should be stored in an isolated data center or a locked server room and the organization should provide multifactor physical authentication and limit the number of staff members who have access to critical devices. Fire suppression and closed circuit television (CCTV) installation are also part of physical security. Mobile devices can be physically secured by implementing encryption and antitheft tracking devices.

The main administrative controls used in an organization are corporate objectives, policies, procedures, standards, guidelines, training, and security awareness.

Click here to know more about each of these administrative controls.

Security Concerns for an Organization
An organization includes local, remote, and mobile hosts. Review the following scenario. After going through the scenario, click the ACTIVITY button to attempt a simple activity.

Resources
Elite Corp. is a retail company that deals with consumer products. It has the following types of employees:
  • On-site users: Work primarily in company-owned facilities
  • Field users: Work off-site at multiple locations
  • Teleworkers: Work from home
  • Road warriors: Frequent travelers who work from multiple locations
  • Roaming users: Work primarily in company-owned facilities but not always from the same desk or in the same cubicle
When designing security for these employees, the organization must consider the business needs, job function, and work location. The organization should also consider transport security, on-device encryption, and malware defense for these employees. Click the RESOURCES icon to know more about the security concerns of each of these employees.
Success of Network Security
To have a successful network security implementation, the organization must enforce access control. To effectively defend against threats, the organization should be able to authenticate and authorize users. Additionally, the ability to log and monitor activity is crucial to success.

Think about answers to the following questions related to the success of a network security. Then, click each question to reveal its answer.
  • What is the purpose of authentication in network security?
  • What is the purpose of authorization in network security?
  • What is the purpose of accounting in network security?
  • What is the purpose of encryption in network security?
Similar to a person's identification data (ID) card, authentication is a method of verifying the identity of a user. There are two types of authentication, single-factor and multifactor authentication. The most common form of authentication is single-factor authentication that uses a user name and a password. To provide more security for field users, such as sales employees, an organization can use multifactor authentication, which combines a security token, an automated teller machine (ATM) card, an ID badge, biometrics, or behavioral-based authentication with single-factor authentication such as a user name and a password.
Authorization is a method to verify what kind of resources a user has access to. Authorization is based on the principle of least privileges, which provides the user access to what he or she needs to complete a specific job. Authorization occurs after authentication.
Accounting is the activity of logging, monitoring, and auditing the environment, focusing on users as well as system activities, to check for security policy compliance. Logging involves recording all failed and successful attempts to access data, the user who accessed the data, the data accessed, and the time the data was accessed. Monitoring involves looking for violations and checking for unauthorized access. Auditing involves checking for compliance to ensure appropriate access.
Encryption protects data in many ways. When the data is at rest, organizations use file encryption, database encryption, and disk encryption. When data is in transit, encryption ensures integrity, confidentiality, privacy, and nonrepudiation. For security while data transmission, encrypted tunnels such as Internet Protocol Security (IPSec) and Secure Sockets Layer (SSL) or Transport Layer Security (TLS) are used.

In this section, you will have an opportunity to practice the concepts and processes that you have explored in this lesson.

The Hands-On Lab provides you with an engaging learning experience that is diagnostic and flexible. Following the instructions provided in the Lab Manual, you will be able to practice the steps IT Security Specialists perform on a daily basis and develop the skills required for effective execution and management of IT Security operations.

You have been working on the network project of Corporation Techs. Your manager now wants to brief you about your next task, which is a continuation of the assignment based on the Corporation Techs scenario.

Click the image of the manager to get his instructions.

After you have gone through the challenge, navigate to Contributing Factors from the panel at the top of your screen.
As part of improving the network security of Corporation Techs, you need to identify security concerns and risk mitigation strategies for Corporation Techs. To identify security concerns, you need to identify the networked technology used at home, at work, or as a personal convenience in Corporation Techs. All the best!
Contributing Factors
From where can you gather information on this case? Let's find out by clicking the contributing factors. After you have gone through the contributing factors, navigate to Course of Action from the panel at the top of your screen.

Review Documents
Research the Internet

Select the icon from the top to receive additional
information related to the situation

Click here to view the various devices.
Research the Internet and identify three potential threats to the node security of the device and detail a mitigation mechanism for each threat.
Course of Action
Use the following checklist as a guide to complete this assignment. Note that the tasks that you have completed are already checked in the list.

Tasks

  • Consider the advice of the chief security officer.
  • Identify various devices on the network.
  • Review various devices available on the network.
  • Identify three potential threats to the node security of the device.
  • Detail a risk mitigation mechanism for each threat.
  • Explain why the risk mitigation strategy you suggested will work.
  • Submit the final security concerns and risk mitigation strategy to the instructor.
At the end of this lesson, you should be able to:
  • Identify the security implementation strategies and security concerns of local hosts as well as remote and mobile hosts and describe the role each can play within the security life cycle.
  • Explain layered security and compare public and private addressing as well as static and dynamic addressing.
  • State the importance of system hardening and describe why authentication, authorization, accounting, and encryption are essential for network security.
In this lesson, you will learn about various security concepts, such as layered security. You will explore the methods to harden a system in an organization and learn about various components that play a major role in the overall security of an organization. In addition, you will learn about various security concerns of an organization and how an organization can successfully maintain its security.