Network security is very important in this modern area organization relay on networks to share data and information among them in an efficient and productive manner. Organizational computer networks are now becoming large day by day assuming that each staff member has a dedicated workstation a large scale company would have few thousand workstations and server on the network it is likely that these nodes not have been centrally managed nor have pyramids of security. They have a verity of operating systems hardware software and protocols with different levels of cyber awareness to the user imagine these thousands of workstations directly connected to the internet. The sort of unsecured network becomes a target of an attack that holds valuable information and data.
Now network security consists of policies and practices adopted to prevent and monitor unauthorized access miss-use modification or denial of a computer network or network-accessible resources. Network security is an activity designed to protect the usability and integrity of network and data. It includes both hardware and software technologies. Effective network security manages access to the network it targets a variety of threats and stops them from entering or spreading on the network.
Only network security can protect you from the approach of harsh virus’s network security involves authorization of access to the data and network which is controlled by the network administrator. Network security covers transactions and communications among businesses government agencies and individuals too. Networks can be private such as within the company and others which might be open to the public access and network security involve in organizations enterprises and the other types of organizations it does as its title explains.
TCP/IP Protocol Vulnerabilities
TCP/IP is a package of protocol it is the major protocol which is used for communication on the network created in the 1980s as an inter-networking solution with very little concerns of security aspects. It was developed for communication in the limited trusted network however or repeated it became De facto standard for the unsecured communication. There are some of the common vulnerabilities of the TCP/IP protocol.
- Http is an application layer protocol and TCP/IP suite is used to transfer the file that makes web pages for the web servers. These transfers are done in the plain network security for test and an intrados can easily read the data packet that exchanges between the server and the client.
- Http another vulnerability is weak authentication between the client and the webserver while initialization of the session this vulnerability can lead to the session hijacking attack.
- TCP protocol vulnerability is a three-way handshake connection establishment an attacker can launch a denial of service attack to exploit this vulnerability he can establish a lot of half-open sessions without completing the handshakes and these lead to the server overloading and eventually a crash.
- IP layer is susceptible to many vulnerabilities due to IP spoofing attacks that can be a serious problem to your business in TCP/IP family many other vulnerabilities are possible to accept these four. In TCP/IP, one layer is hacked the other layers are not aware of this hack and entire communication is compromised.
Application Layer Security
Now various business services are offered online based on client-server applications the most popular form is our web applications and emails in both applications the client communicates to the designated server and obtained services while using the services from any server application client and server exchange a lot of information on underline intranet and internet. We are aware of that these information transections are vulnerable to various attacks now network security deals with securing data against various attacks when it is transit in the network. To achieve these goals many real-time protocols have been designing such protocols that need to provide at least the following objectives.
- Parties can negotiate interactively to authenticate each other.
- Establish a secret session key before exchanging the information.
- The exchanged information should be in the encrypted form.
These protocols work on a different layer of networking model e.g. the s/mime protocol on the application layer, SSL protocol develop to works on the transport layer and IPsec protocol works at the network layer.
Network layer Security
In the early 1990s internet was just used by few institutes for the academic purpose with the massive growth of the internet combined with the internet security weakness of the TCP/IP protocol, the need was felt for a technology that can provide network security to the internet. Fortunately, these security capabilities defined and implemented with IPV4 and futuristic IPV6.
Security frameworks include IPsec and have been defined as several requests for comments and some RFC specify the portion of the protocol while others address a solution as a whole. The basic goal of the protocol IPsec used for the network security is protected IP packets, provide data signing and provide protection against the network attacks.
IPsec protocol generally has two parts IPsec communication and internet key exchange. The communication part includes encapsulation, encryption and hashing an IP datagram and handling the all data packets processing.it managing the communication according to the available security association established between communicating parties. It used the security protocols security headers and encapsulated SP. It is also important to know IPsec communication is not involving in the creation of keys and their management.
Internet key exchange is the second part of IPsec protocol that is used to manage the key generation automatically technically key management is not essential for IPsec communication and keys can be manually managed and manual key management is not required in the large networks. Internet key exchange is responsible for key generation for IPsec and providing authentication during the key establishment process.
Benefits of the Network security in a Business
Resource sharing: A business can reduce the amount of money spent on hardware by sharing components and peripherals connected to the network.
Streamlined Business Processes: Computer networks enable businesses to streamline their internal business processes.
Collaboration Among Departments: When two or more departments of business connect selected portions of their networks, they can streamline business processes.
Improved Customer Relations: When two or more departments of business connect selected portions of their networks, they can provide better support to their customers.