Security is one of the most notorious weak points in corporate networks. Most information system managers pay too little attention to network security issues and many misunderstand the concept of network security. In this series, we are going to identify and describe the most pressing network security issues faced by corporations that can be taken care of in a comprehensive risk management plan.
Internet use by corporations is accelerating at a rapid pace. Use ranges from simple access to the Internet to more sophisticated e-business solutions with complex business requirements. This increased reliance on Internet technology, along with the explosive increase in the deployment of corporate intranets and extranets, have not only changed the way organizations do business, but also how they approach network security. While this is a critical requirement to collaborative information sharing, it also exposes corporation's network to new risks and threats.
To minimize enterprise security problems, a comprehensive risk analysis followed by a set of management plans should be put in place. The risk analysis consists of four steps. The risk analyst needs to determine the scope of analysis, the assets to be protected, the risk vulnerabilities and the safeguards to be implemented. Solutions such as firewalls, Intrusion Detection Systems (IDS), scanners and other counter-measures should be used to defend against a host of security problems.
A complete enterprise security solution must provide the ability to grant selective network access to authorized remote and corporate users. Also, it should be able to authenticate network users with strong authentication techniques before granting access to sensitive corporate data. Furthermore, it should ensure the privacy and integrity of communications over unsecured, public networks like the Internet. On the other hand, it should provide content security at the gateway to screen malicious content, such as viruses and malevolent Java/ActiveX applets.
Any solution should detect network attacks and misuse in real time and respond automatically to defeat an attack. It should protect internal network addressing schemes and conserve IP addresses. Further, it should ensure high availability to network resources and applications. Finally, it should deliver detailed logging and accounting information on all communication attempts. Figure 1 below shows the vulnerability points of a typical corporate network.
The most pressing network security issues faced by corporations that are included in a typical comprehensive risk management plan include the following:
- Protecting corporate network resources against internal and external threats.
- Providing worldwide connectivity for mobile and remote employees.
- Using the Internet to lower wide area data communication costs.
- Providing business partners with selective network access through a secure extranet.
- Guaranteeing secure network performance, reliability and availability.
- Defining and enforcing user-level security policies across the network.
- Immediately detecting and responding to attacks and suspicious activity against the network.
- Securely and efficiently managing network's IP address infrastructure.
- Implementing an open security solution that enables integration with industry-leading and custom applications.
- Managing the total cost of ownership across a secure network.
 |
|
Figure 1 - Network vulnerability points |
Protecting Corporate Network Resources Against Internal And External Threats
Enterprise-wide networking means connectivity of anyone, anywhere, internal or external to a corporate network. With all of the advantages of such connectivity come unprecedented challenges to network security professionals. The most important of these is securing corporate vital network resources against everything from inappropriate usage to outright attacks, which could originate from the Internet or from within the corporation.
Network access control provides a fundamental means to protect network resources. With highly granular access control rules, security administrators can define policies that control network communications according to the source or destination of connection requests, the type of network traffic and the time of day.
Internal and external users in most corporations might threaten the network intentionally or accidentally by destroying the network, making it unavailable, or modifying and misusing networks.
Protecting a corporate network is more than just controlling access to specific resources, however. In addition to powerful access control features, a complete network security solution must also be able to verify the identities of network users, encrypt sensitive data in transit, optimize the use of registered IP addresses, apply security to the content of network traffic, detect and respond to attacks in real time and provide complete audit information. These capabilities must be delivered for all of the corporate applications without hindering network performance or restricting connectivity.
Visit this page on Jan. 4 for Part II of this series, where we discuss connectivity for mobile and remote employees, providing selective network access to business partners, and guaranteeing secure network performance, reliability and availability.
Jamal Barmil is the vice president of DACON, Inc., a software consulting company in McLean, VA. He has over 15 years of experience in Information Technology and over seven years of experience managing and directing information system projects. He can be reached at Jbarmil@prodigy.net.
