Network security is the process of securing computer networks from attackers whilst keeping the network usable. The need to manage computers networks is a crucial part of modern day enterprise IT. In addition to this, there is also a need to protect the same network from outside attackers with malicious intent. Network security is usually managed by a network or systems administrator.
One of the main aims of network security is to prevent access to unauthorised parties. However, with many attackers skilled enough to gain access covertly, simply using preventative methods is not enough, with networks needing to be able to contain possibly breached nodes. Administrators need to add detection and response preparation to their network security processes in order to deal with such situations. This includes the detection of suspicious behaviour from internal nodes and the ability to contain those nodes quickly whilst keeping the network online.
Networks also need to deal with mobile devices as well as network connected gadgets, many of which will have poor security mechanisms. Network security has to be able to monitor these types of untrustworthy components whilst at the same time maintaining a resilient network.
Secure admin workstations are the only computer from which administrators are authorised to use their elevated credentials, narrowing the number of computers worth targeting for use as part of a beachhead.
Network behaviour analysis is a way of monitoring the ongoing activities of a network by looking for patterns of unusual behaviour, and flagging those actions deemed to be out of the ordinary.
People, process, and techonology — an important trio of concepts for any type of security.
Last updated: 30 October 2017