This blog was written by a third party author.
The modern-day organization is under constant pressure to remain operational and profitable. Both of these pressures are put to the test by cybercriminals daily, who attempt to infiltrate, compromise, navigate, and ultimately act in a threatening manner that can have negative repercussions to productivity, ability to transact, customer privacy, brand reputation and bottom-line revenue.
So, it’s necessary that organizations look to have proper network security in place to address the looming threat of cyberattacks in an effort to maintain and protect the access to and confidentiality of, your organization’s network and data.
What is network security?
Network security is a combination of people, process, policy, and technology used in in a layered approach to create a network environment that allows for organizational productivity while simultaneously minimizing the ability for misuse by both external and internal threat actors.
How is network security implemented?
The people, process, and policy previously mentioned are a key part of the implementation of network security. They work together to take the security goals and create various types of security controls that are used to help establish how network security technologies will be implemented.
The three most common types of network security controls are:
- Physical controls – These controls are used to prevent someone from physically gaining access to any of your organization’s network components. Your data center or server room likely has a keycard system to limit access. That’s a great example of a physical control. Security guards, video surveillance, picture IDs, and biometrics are other types of physical controls.
- Data and access controls – These controls are the process and policy that define how employees can and should act when working with sensitive data, applications, and systems. Password requirements, mobile device usage, and incident response are just a few examples of administrative controls.
- Technical controls – Acting as a safeguard or countermeasure when interacting with critical parts of your network environment, these controls are typically implemented via network security technologies. The remainder of this article will focus on these technologies.
Primary network security technologies
A successful layered approach to network security requires a number of technologies be put in place that each attempt to address the problem of malicious attacks from a different perspective. Some of the more common network security technologies include:
- Secure remote access – Access is the one thing every cybercriminal must have to successfully attack your organization. Access controls limit which users and devices are able to access specific internal or cloud-based resources. Modern implementations of access controls include zero trust network access (which facilitates access to internal and cloud-based resources without logically placing the user or their device on the corporate network), and secure remote access (a mix of technologies that can address endpoint security, authentication, secure remote connections, and elevation of privileges).
- Firewall – Firewalls sit at the logical perimeter of your organization’s network acting as a network security guard, inspecting inbound and outbound traffic and determining whether to allow or deny it in real-time.
- Virtual Private Network (VPN) – VPNs encrypt the connection between a remote endpoint (e.g., your user working from home) and the internal corporate network.
- DDoS prevention / mitigation – Distributed denial of service (DDoS) attacks are designed to overwhelm firewalls, web application servers and other Internet-facing systems by saturating the network connection or consuming system resources with requests. DDoS prevention/mitigation technologies seek to block these types of attacks while allowing legitimate traffic to continue to flow to their intended application or system.
- Application security – Many applications and the hardware and OS they run on have vulnerabilities that need to be secured. Application security technologies seek to identify and remediate those vulnerabilities. While application security can encompass many technologies, here we’re referencing those that are considered true network security technologies, such as web application firewalls.
- Cloud access security broker (CASB) – Worthy of an article of its’ own, CASB is comprised of a number of technologies designed to protect online services, applications, and environments from threats that take advantage of the anytime, from anywhere, from any device nature of the cloud.
- Intrusion Prevention System (IPS) – Unlike a firewall that uses simple protocol rules to allow and deny traffic, IPS scans network traffic and leverages threat intelligence to identify and block potentially malicious traffic.
- Web security – Outbound use of the Internet by your employees can equally result in malicious access. Web security technologies focus on blocking malicious websites and threats found on the Internet.
Common strategies for securing the network
Your organization shouldn’t simply go out and purchase a number of the network security technologies listed above and implement them; there needs to be a strategy around why each is implemented, how they interact, how they support the overarching network security goals, etc.
Many organizations create their strategy using well-accepted security frameworks and principles. A few examples include:
- NIST Cybersecurity Framework – The U.S. government’s National Institute for Standards and Technology has developed a cybersecurity framework that provides you with network security functions, outcomes, activities, and references to help establish and build your network security strategy.
- CIS Security Controls – The Center for Internet Security offers 20 specific controls designed to create an continually secure network environment.
- MITRE ATT&CK Framework – typically focused on attack activity, this framework also provides mitigation guidance to stop cyberattacks.
- Zero Trust – The network security principle based on the idea of “never trust, always verify”, initially coined by a Forrester researcher, has grown into a well-developed architecture with a framework recently developed by the folks at NIST.
One or more of the frameworks above will provide you with enough direction to begin building out your network security strategy, assisting in defining the people, process, policy, and technologies needed to create a proper defense against the ever-changing face of cyberthreats.