Monday, June 22, 2020

Best Practices for Network Security Coursework - 1925 Words

Best Practices for Network Security (Coursework Sample) Content: Best Practices for Network SecurityNameInstitutionDateBest Practices for Network SecurityIntroductionIT security teams are faced with rapid mutating threats at all the possible entries from mobile to cloud and from the perimeter to the desktop. Network security management has become more complex and challenging because of the evolving threat and changes in security and network architecture. In order to protect your computer network, network security teams have to have a better understanding of network fundamentals. Once the essential elements to computer network security are covered, best practices can be implemented to minimize the risk of unauthorized access from attackers (Manshaei, Quanyan, Alpcan, BaÃ…Å ¸ar Hubaux, 2013).ÂSecurity teams must also support external and internal compliance mandates, optimize performance, enable new services, support the possibility to efficiently troubleshoot on demand, and ensure availability with no room for error. The w hole of that is too much to balance in the management of network security. A sound understanding of network best practices will allow individuals and corporations to secure their computer infrastructure better from potential hackers (Manshaei, Quanyan, Alpcan, BaÃ…Å ¸ar Hubaux, 2013). This paper seeks to address the fundamentals of network security and some best practices on how to deter and counter network attacks on their networks.The greatest threat to network security and computer systems originate from humans, through ignorant or malicious actions. The goal of malicious actions is to attack. For example, one may seek to disrupt the normal operations of the business, thus deny data production and availability. Due to these network security possibilities, there have been numerous researches on the best practices for network security and how to safeguard the business operations from malicious actions. The following are among the best practices for network security that have been highlighted in most studies (Dey, Lahiri Zhang, 2012).Designing a Macro View for the Network SecurityEvery organization requires a holistic view of their computer network. With hosts and devices of disparate vendor, security personnel require a comprehensive, normalized view of the network including: access rules, routing rules, VPN, NAT; assets such as asset classifications and groupings; and hosts such as services, all product versions, patches, and vulnerabilities. Where security personnel have a comprehensive view of the network, they can view network hosts, classifications, configurations, and other pertinent information (Dey, Lahiri Zhang, 2012).A network model or map is both a useful diagnostic and visualization tool that provides analysis only possible when the considering the general view. For example, compliance and security personnel can use this macro view to monitoring the manner in which data would move from one point to another on the network. It also illustrat es the missing information such as access control list, hosts, data, and more. It is also possible to conduct sophisticated analytics accurately and quickly without disrupting a live network in a model-based environment. Access path analysis can also help in validating changes, and is able to troubleshoot connectivity and outages issues, improving security processes and enhancing visibility (Chenoweth, Minch Tabor, 2010).Having a Micro View of the daily Device ManagementWhile the macro view is required to monitor the way all network pieces fit together, network teams must also be in a position to capture details for a specific device, access policies, information access rules, and configuration compliance. Such information need to be considered within the broader network framework. The information can include context such as routing, zones or segments, switches, routers, firewalls, and intrusion prevention systems. Information need to be offered in a digestible fashion. The compone nts of the network that impact the device originate from different vendors, creating data of various vendor languages that have to be correlated, deciphered, and optimized to enable network teams to streamline sets of rule (Chenoweth, Minch Tabor, 2010). For example, network teams have to be in a position to view access policy violations and limit or block access by applications.Weekly or even daily device reviews on the network can be attained with a mutual process. Less frequent device configuration review risks network compliance and security. Automating policy compliance can also help in ensuring consistency and compliance, and preserves resources of information technology. Ideally, a modeling tool of any network that allows administrators to have a macro view should also permit security teams to drill down into a micro view of every device. It provides information on users, vulnerabilities, applications, and more through a micro view. It also allows security teams to view the wider network and then focus in on specific devices for security management (Gupta Zhdanov, 2012).Attack simulation for context-aware risk assessmentMerely acknowledging the vulnerabilities of the network and their criticality is inadequate for understanding the actual risk level to the organization. Attacks, today, often incorporate numerous stages that cross many different zones of the network. An isolated view of any of these stages could be innocuous. Technology of attack simulation automatically looks at the holistic network, known vulnerabilities, threats, and business assets. It also identifies any possibility in case the conditions are combined. Simulation of attacks, additionally, evaluates potential options to limit or block an attack, providing intelligence for decision support. The key to assessing what threats and vulnerabilities pose most risk lie on the understanding of the likelihood of an attack and its impact on valuable targets (Ailin, 2014).Through attack simula tion technology, administrators can look at asset criticality, network context, existing security controls, and business metrics when determining the impact of a potential attack. For example, when an asset runs a crucial application to maintain the business and needs continuous availability, a medium-level vulnerability threatening to disable the same asset might be a high-level risk to the business in question. The impact of deploying a specific security control is, therefore, necessary to consider. Maintaining IPS on active mode continually can impact the performance of the network. Tools of attack simulation allow administrators to target the use of their IPS protection, maximizing performance, activating vital signatures, and prioritizing vulnerabilities (Gupta Zhdanov, 2012).Secure change managementThere is a need for a secure change management process, once a network is in compliance, in order to maintain continuous compliance and validate that there is no introduction of ri sk on the part of the planned changes. Secure change management incorporates assessment of risk in a standardized, orchestrated process. It also flags changes outside the structure, troubleshoots where necessary, and enables the security teams to reconcile flagged changes (Security of the Internet and the Known Unknowns, 2012).In addition, secure change management verifies that there was an implementation of the changes just as intended, highlights unapproved changes and recognizes unintended implications of the changes. For example, a process of change management can flag when a firewall change opens access to risky services, when a network change exposes vulnerabilities, or when there is unauthorized access path to an internal zone from a partner. In order to maintain network security, the impact of the proposed change can be determined by the change management process before implementing the change (Security of the Internet and the Known Unknowns, 2012).Implementing these best pr actices for the management of network security can reduce the risk across the network. With adequate visibility on both device and network level, incredible amounts of data are transformed into intelligence, which deciphers complicated network security transactions into actionable, manageable information. With such an insight, attack simulation can prioritize vulnerabilities and eliminate the vectors of the attack that are most crucial to the business, and protect the data and services of the organizations. Nevertheless, change management can optimize and regulate processes of security to reduce the management of security workload and improve security (Ahmad, Sahib Azuwa, 2014).Besides the above-discussed practices for network security, network administrators have been advised to observe guidelines in all their operations in order to prevent security threats and vulnerabilities. Some of the basic guidelines that any business, organization can follow to address security concerns inc lude the following: * Encrypting data: organizations need to encrypt all file systems, stored data, and across the wire transfers. Encryption helps to protect sensitive data and prevent data loss to equipment loss or theft (Ahmad, Sahib Azuwa, 2014). * Implement auditing and DLP: organizations need to use file auditing and data loss prevention to alert, monitor, block, and identify the flow of data out of and into the network. * Using digital certificates to sign all company sites: all certificates need to be saved to hardware devices such as load balancers or routers and not on web servers. These certificates should be obtained from only trusted authorities. * Implement a removable media policy: organizations should limit the use of external hard disks, USB drives, external DVD writers, thumb drives, and any other writeable media. Such devices promote breaches to security leav...