There are network security control devices that facilitate filtering and routing of data in both directions. They are designed to interfere with or reject data that is in the direction of the network in order to provide the user with a private (interactive) experience or to hinder, block or interfere with the other network users. As such they can be implemented in many places. These include:
In addition to the physical security measures such as firewalls, the installation of intrusion detection and prevention systems is also necessary. This enables network security personnel to monitor and manage the activity of employees on company networks. Some of these include:
Enable Control Of Various Computer Software Application
On a more local level, network security control devices and hardware enable control of various computer software applications. For example, network access software that is either a firewall or router is used for controlling access to internal network data and applications. A firewall can perform both preventive and corrective functions. The two types of firewalls are the open source and the closed source.
The open source firewall is often termed the traditional firewall, since it allows both ICMP Echo Request and ICMP Echo Relay messages to be forwarded to the destination machine while the closed source firewall intercepts and forwards ICMP Echo Relay and ICMP Echo reply packets. A third type of firewall is the content-filtering firewall that only allows non-intrusive content (such as HTTP) traffic on the Internet while accepting ICMP Echo Request and ICMP Echo Relay packets that originate from trusted sources.
Protect Corporate Data From Unauthorized Access
Network security devices can also be deployed to protect corporate data from unauthorized access by controlling access to various network resources. Common examples include: a WAN options LAN filter that is installed between a WAN router or access point and internal switch or a wireless access point (WANAP) that is attached to a router or access point. Some companies also use intrusion detection and response systems to detect intrusion attempts before they succeed. In some cases, network security control devices are built into the system while in other cases they are implemented with software modules. Some of these software modules have been sold to the end-user market.
Once a network security device is in place, it must be properly configured according to the chosen scenario for which it is intended. The most common scenario for which these devices are used is to protect a small network that hosts a small number of computers. We briefly describe some of the steps required to configure security policy rules for a small network in the following text.
Protected And Secure The Least Privileged Information Security Policy
The first step is to identify the logical systems that need to be protected and secure the least privileged information security policy. For our purposes here, we will assume that the selected scenario for this discussion is a home computer. For each logical system in this scenario, we will identify the port that is vulnerable to attack and select an intrusion detection system that supports port scanning for each port. We will then select a firewall that supports port blocking for each port on each logical system.
Now, we will configure a policy based on the IP addresses, ports, and the type of firewall for each port. In the above selected scenario, the IP address is a network adapter and the port is either a modem port or a phone port. For the policy based on these IP addresses and ports, the security policy will include anything that can be remotely controlled or is accessible over a network. This will include anything that is in range of the router or access point and anything that is accessible from a computer that is not the user of the computer that is doing the monitoring. For information systems, the security policy should include anything that is secure and protected.
In the previous scenario, it would also include anything that is protected by Secure Access and includes anything that is physically located within the perimeter of the enterprise. It would also include anything that is protected by Virtual Private Network (VPN) and any other external information systems. In both of the above cases, the firewall will match the IP address and the port to determine what is allowed access. The VPN will match an internal network adapter with an external firewall to provide a layer of integrity for the enterprise’s data and communications. These firewalls will allow traffic to move between applications while providing a layer of encryption and authentication so that everything is protected in case of a disaster.