Defence Against Threats – Management, Firewall, Encryption

In defending against network attack, there are four sets of tools that will help you to keep your network secure against unauthorized access, monitoring, and network attacks which is management, firewall, encryption, and endpoint security.

Management

The management is the main set of defense against network attacks. The following actions should be implemented as part of configuration management against network attacks.

Backup, Upgrade, Update, and Patch

The machines in the network should be running up-to-date because the latest update can give more effective defense against network attacks. Whenever new malware is released, the operating systems need the current update with the latest versions of antivirus software. The best way to keep up-to-date against network attacks is to download security updates and patch from the operating system vendor.

The management needs to create a central patch server for critical security patches. All other systems must have access from time to time. Any required security patches that are not installed to a host are automatically downloaded from the server and installed automatically user intrusion.

Backup is very important when defending against network attacks. Each computer should have the latest copy of the backup.  All your configuration files in your Operating Systems or Applications should have enough security.

Authentication, Authorization, and Accounting

Authentication, authorization, and accounting (AAA) network security services provide primary access control on a network device. AAA authenticate and control access to a network, its control the users what they can do while they are login.

Passwords

The password is very important to protect network devices against attacks, it is important to use strong passwords rather than using the default password or to easy password. For password, implementation follows the below steps.

  • Use complex password Including uppercase letters, lowercase letters, numbers, symbols, and spaces, only if allowed.
  • Use minimum 8 characters password, preferably 10 or more characters.
  • Do not use common dictionary words for the password.
  • Avoid passwords based on repetition, number sequences, letter sequences, usernames, relative or pet names, misspell words.
  • Do not use biographical information, such as birthdate, ID numbers, ancestor names, or other easily identifiable pieces of information.
  • Change passwords often.
  • Do not write passwords down and leave them in clear places.
  • Following are the examples of passwords

Weak Password

  • Pakistan
  • Yasir
  • Nokia
  • Khan1975
  • 1234567

Strong Password

  • P@12>fo<ur^1978
  • No ^^&34@fsc^hub

On Cisco routers and switches ignore leading spaces for passwords, but spaces after the first character are the part of the passwords. The passphrase is a password which uses the space bar and creates a phrase of many words. The passphrase is also a strong password. 

Firewalls

A firewall is the most efficient security tools for protecting users from network attacks. The firewalls exist in between two or more networks controlling traffic and prevent unauthorized access between them. End systems also use a personal firewall. Following are different techniques which use a firewall for filtering:

  • URL filtering – Prevents or allows access to websites using Keywords or URLs. Packet filtering – Uses MAC address or IP address to prevent or allows access.
  • Application filtering – Prevents or allows access by specific application types.
  • State full packet inspection (SPI) – Incoming packets must be valid responses from internal hosts. Voluntary packets are blocked unless permitted particularly. SPI also recognize and filter specific types of attacks.

Encryption

The administrator can use encryption against a defense the network attacks. It can give protection against eavesdropping as well as sniffer attacks. Internet Protocol Security (IPSec), Private Key Infrastructure (PKI),  and Virtual Private Networks (VPN) can also secure a network against attacks.

Endpoint Security

Individual computer (host) system or device that acts as a network client, common endpoints are laptops, desktops, servers, smartphones, and tablets. Securing and preventing these devices from network attack is the most challenging task for a network administrator. For securing endpoint must have well-documented policies, and the employees must be aware of these rules. The employees must be trained for proper using the network. The policies also include the use of antivirus software and host intrusion prevention.

Please follow and like us: