Network Security Plan: A Comprehensive Guide to Protecting Your Network
Added on 2024-05-31
54 Pages18957 Words211 Views
|
|
|
Network Security Plan
Table of Contents
Introduction..............................................................................................................................3
Objectives..................................................................................................................................6
Assumptions..............................................................................................................................7
Risk Analysis.............................................................................................................................9
Asset Identification and Assessment......................................................................................9
Risks.....................................................................................................................................10
Threats, Challenges, and Vulnerabilities..............................................................................21
Security Policies......................................................................................................................25
Acceptable Use Policies.......................................................................................................26
Network Security Policies....................................................................................................27
Physical Security Policies....................................................................................................31
Personnel Policies................................................................................................................32
Getting ready methods can moreover be connected as one of the devices for surveying the
accomplishment of the office's undertakings. A half of year after the approach will turn out
to be intense; the training division must confirm the technique..........................................37
Data Policies.........................................................................................................................37
System and Hardware Policies.............................................................................................38
Disaster Recovery and Business Continuity........................................................................39
Security Strategies and Recommended Controls (two pages)............................................45
Residual Risks.........................................................................................................................48
Resources................................................................................................................................49
Conclusion...............................................................................................................................51
References...............................................................................................................................52
1
Introduction..............................................................................................................................3
Objectives..................................................................................................................................6
Assumptions..............................................................................................................................7
Risk Analysis.............................................................................................................................9
Asset Identification and Assessment......................................................................................9
Risks.....................................................................................................................................10
Threats, Challenges, and Vulnerabilities..............................................................................21
Security Policies......................................................................................................................25
Acceptable Use Policies.......................................................................................................26
Network Security Policies....................................................................................................27
Physical Security Policies....................................................................................................31
Personnel Policies................................................................................................................32
Getting ready methods can moreover be connected as one of the devices for surveying the
accomplishment of the office's undertakings. A half of year after the approach will turn out
to be intense; the training division must confirm the technique..........................................37
Data Policies.........................................................................................................................37
System and Hardware Policies.............................................................................................38
Disaster Recovery and Business Continuity........................................................................39
Security Strategies and Recommended Controls (two pages)............................................45
Residual Risks.........................................................................................................................48
Resources................................................................................................................................49
Conclusion...............................................................................................................................51
References...............................................................................................................................52
1
Introduction
We all in today’s world are connected to one network or the other. But are these networks
secured? If yes, then how? What is network security? Anything or any measure which is
taken to secure a network from any known or unknown threats is known as Network Security.
Network security doesn’t deal only with network related aspects but it also deals with the
hardware and software components of the system for proper security. Basically, network
security manages access to the network.
How does it operate? Network security works on the basic principle of layer security, it
has different protected layers at the edge which goes all the way to the network layer. Now,
these various layers allow an authenticated user and block any unauthorized, malicious or
unknown user to access the network.
In a digitalized world, like we live in, it is very important to secure a network as everything
and everyone is connected to that network one way or the other. There are various ways in
which we can secure a network and hence there are various types of network security
available nowadays. Let’s have a look them (Carter, 2012):-
1. Protection from Unauthorized Access:-
Not everyone should have the access to your network or in other words, your network
shouldn’t be open to all. There should be a proper check on all the personals and the
devices which access the network and the network should have the knowledge to
differentiate between an authorized and an unauthorized device or user. By ensuring
the access we can make our network better and stable. This process is known as
Network Access Control (NAC).
2. Application Security:-
Securing a network is an essential thing but it is not the only thing which needs to be
secure. Sometimes the applications we use on the network can have some flaws which
may lead to unknown threats and in the end compromising the network itself.
3. E-mail Security:-
We are all aware of the virus and malware which we sometimes receive through the
E-mail. According to the IT R&D, e-mail is one of the most common and widely used
channels for threatening or compromising a network. There should be a proper check
and monitoring on the e-mails which are received over the network.
4. Firewall:-
As the name suggests the firewall literally acts as a barrier between the outside worlds
2
We all in today’s world are connected to one network or the other. But are these networks
secured? If yes, then how? What is network security? Anything or any measure which is
taken to secure a network from any known or unknown threats is known as Network Security.
Network security doesn’t deal only with network related aspects but it also deals with the
hardware and software components of the system for proper security. Basically, network
security manages access to the network.
How does it operate? Network security works on the basic principle of layer security, it
has different protected layers at the edge which goes all the way to the network layer. Now,
these various layers allow an authenticated user and block any unauthorized, malicious or
unknown user to access the network.
In a digitalized world, like we live in, it is very important to secure a network as everything
and everyone is connected to that network one way or the other. There are various ways in
which we can secure a network and hence there are various types of network security
available nowadays. Let’s have a look them (Carter, 2012):-
1. Protection from Unauthorized Access:-
Not everyone should have the access to your network or in other words, your network
shouldn’t be open to all. There should be a proper check on all the personals and the
devices which access the network and the network should have the knowledge to
differentiate between an authorized and an unauthorized device or user. By ensuring
the access we can make our network better and stable. This process is known as
Network Access Control (NAC).
2. Application Security:-
Securing a network is an essential thing but it is not the only thing which needs to be
secure. Sometimes the applications we use on the network can have some flaws which
may lead to unknown threats and in the end compromising the network itself.
3. E-mail Security:-
We are all aware of the virus and malware which we sometimes receive through the
E-mail. According to the IT R&D, e-mail is one of the most common and widely used
channels for threatening or compromising a network. There should be a proper check
and monitoring on the e-mails which are received over the network.
4. Firewall:-
As the name suggests the firewall literally acts as a barrier between the outside worlds
2
our personal network. Firewalls are responsible for detecting any unauthorized access
or breach into the network security. A firewall could be software or a hardware
component both, depending upon the need of the user.
5. Web Security:-
If a system or any device is connected to any network then it is obvious that the user
will use the services of World Wide Web. Now as useful as it is, the Web also needs
to be secured at all times to prevent any harmful intrusions from it as it houses one of
the most damaging threats a network can survive.
6. Network, in any environment, or organization, being a mediator between the internet
and the user, is prone to a lot of threats and security vulnerabilities one can imagine
of. As discussed above securing a network should be a prime concern and the primary
objective of establishing any other component of the system use. But the point is, how
far one can think of taking the network security and what are the future image of this
component, let’s see (Carter, 2012):-.
3
or breach into the network security. A firewall could be software or a hardware
component both, depending upon the need of the user.
5. Web Security:-
If a system or any device is connected to any network then it is obvious that the user
will use the services of World Wide Web. Now as useful as it is, the Web also needs
to be secured at all times to prevent any harmful intrusions from it as it houses one of
the most damaging threats a network can survive.
6. Network, in any environment, or organization, being a mediator between the internet
and the user, is prone to a lot of threats and security vulnerabilities one can imagine
of. As discussed above securing a network should be a prime concern and the primary
objective of establishing any other component of the system use. But the point is, how
far one can think of taking the network security and what are the future image of this
component, let’s see (Carter, 2012):-.
3
Scope
As discussed above, network security is extremely important and a key factor in securing the
confidentiality and the trust of any organization/company. In today’s world, there is a wide
scope of network security and the application are also endless.
A network security should secure the networks from:-
1. Structured and unstructured attacks.
2. Phishing.
3. Dos and DDoS Attacks.
4. IP addresses spoofing.
5. Password attacks and many more.
To further understand the scope of Network Security, let’s take an organization into
consideration and analyze the threats that accompany it.
We are all aware of the E-commerce giant, Wall-mart. Now wall mart operates via physical
stores and online stores as well. On Wal-Mart's site, the organization sells almost all kinds of
products from different brands, to different places around the world. They have the option of
online payments via credit card, debit card or through net-banking. Running all these services
on the World Wide Web requires high encryption payment gateways and a secure network.
This is the part where network security comes into play. The following are the roles which
network security plays while securing Wal-Mart's network:-
• Firstly network security ensures that only authorized users can have access to the wall
mart’s site that means to make a purchase the user must have a registered password
and ID to log in. This makes it easier for the organization to keep track of purchases
and users who purchase it as well.
• After giving the access to the authorized user the security must ensure that user
doesn’t perform any unauthorized activity on the network. Meaning, the network
security must ensure the firewall’s integrity even after granting the access. So that no-
one can harm the network from within.
• While logging on the network the user provides sensitive information to the
organization such as name, address, phone details, credit card details, payment
information and a lot more. The analytical data and information security are also
ensured by the network security so as to prevent the interest of both, the user and the
organization(Carter, 2012).
4
As discussed above, network security is extremely important and a key factor in securing the
confidentiality and the trust of any organization/company. In today’s world, there is a wide
scope of network security and the application are also endless.
A network security should secure the networks from:-
1. Structured and unstructured attacks.
2. Phishing.
3. Dos and DDoS Attacks.
4. IP addresses spoofing.
5. Password attacks and many more.
To further understand the scope of Network Security, let’s take an organization into
consideration and analyze the threats that accompany it.
We are all aware of the E-commerce giant, Wall-mart. Now wall mart operates via physical
stores and online stores as well. On Wal-Mart's site, the organization sells almost all kinds of
products from different brands, to different places around the world. They have the option of
online payments via credit card, debit card or through net-banking. Running all these services
on the World Wide Web requires high encryption payment gateways and a secure network.
This is the part where network security comes into play. The following are the roles which
network security plays while securing Wal-Mart's network:-
• Firstly network security ensures that only authorized users can have access to the wall
mart’s site that means to make a purchase the user must have a registered password
and ID to log in. This makes it easier for the organization to keep track of purchases
and users who purchase it as well.
• After giving the access to the authorized user the security must ensure that user
doesn’t perform any unauthorized activity on the network. Meaning, the network
security must ensure the firewall’s integrity even after granting the access. So that no-
one can harm the network from within.
• While logging on the network the user provides sensitive information to the
organization such as name, address, phone details, credit card details, payment
information and a lot more. The analytical data and information security are also
ensured by the network security so as to prevent the interest of both, the user and the
organization(Carter, 2012).
4
• If a user chooses to pay online for the purchase then it is network security’s duty to
direct the details of payment from the site to the gateways and from the gateway to the
site again, no data loss is tolerable when it comes to payment details.
• In the end, the network security must hold and maintain the user's data and
information after it has logged out of the network so that it can be used in the future in
an intact manner (Varshney, 2006).
As seen above, it is not possible to operate a venture or any kind of work which involves the
use of sensitive information without the presence of network security options. Network
security does not only protect the network from outside threats but it also protects the
information and data stored on the network from getting out. Therefore it is evident that the
scope and usage of this component are unparalleled from any other component when it comes
to security and protection. As the network grows and more ventures come online it would be
getting important and prioritized to maintain and use network security on a regular basis. the
If network security is not implemented in any of organization network then anyone can attack
with enough computer skills and knowledge can break into a system and compromise the
network resulting into loss and leakage of data and company’ reputation at the same time.
The duplicity of movies, songs and other things we see on the internet is a result of poor
network security and lack of proper management of the network. To ensure the success and
reputation of any organization is very important to ensure a robust and good working network
security (Mitchell, 2017).
Objectives
Network security is the terms opt for the policies or the rules which are applied to the
network on which browses on. It provides a security against different threats which can attack
the network when you are on it and can breach your data through the attacks and also take
you very personal credentials and misuse it.
So network security is like a lock which provides a wall between the network and your data
or credentials so that no unauthorized person or threat can attack you while you are on the
network.
There 4 main objectives behind network security:
1) Confidentiality- the first objective of the network security specifies very important
rule about the network who or what the people to access information on the network
is. Basically, it means who is authorized and who is not, by keeping it confidential
5
direct the details of payment from the site to the gateways and from the gateway to the
site again, no data loss is tolerable when it comes to payment details.
• In the end, the network security must hold and maintain the user's data and
information after it has logged out of the network so that it can be used in the future in
an intact manner (Varshney, 2006).
As seen above, it is not possible to operate a venture or any kind of work which involves the
use of sensitive information without the presence of network security options. Network
security does not only protect the network from outside threats but it also protects the
information and data stored on the network from getting out. Therefore it is evident that the
scope and usage of this component are unparalleled from any other component when it comes
to security and protection. As the network grows and more ventures come online it would be
getting important and prioritized to maintain and use network security on a regular basis. the
If network security is not implemented in any of organization network then anyone can attack
with enough computer skills and knowledge can break into a system and compromise the
network resulting into loss and leakage of data and company’ reputation at the same time.
The duplicity of movies, songs and other things we see on the internet is a result of poor
network security and lack of proper management of the network. To ensure the success and
reputation of any organization is very important to ensure a robust and good working network
security (Mitchell, 2017).
Objectives
Network security is the terms opt for the policies or the rules which are applied to the
network on which browses on. It provides a security against different threats which can attack
the network when you are on it and can breach your data through the attacks and also take
you very personal credentials and misuse it.
So network security is like a lock which provides a wall between the network and your data
or credentials so that no unauthorized person or threat can attack you while you are on the
network.
There 4 main objectives behind network security:
1) Confidentiality- the first objective of the network security specifies very important
rule about the network who or what the people to access information on the network
is. Basically, it means who is authorized and who is not, by keeping it confidential
5
means not showing the data to everyone only to the authorized one. Some
authorization methods are kept on the network which allows only those authorized
person who has the clearance to see their confidential details.
2) Integrity- it is made by both the confidentiality and availability of the data. The main
feature of the integrity is that not only it’s authorized the data but also checks that the
data which is stored on the network is not changed by any authorized person or saved
in such a way that it is not contaminated.
3) Availability- means that the data which is stored on the website or on the internet can
be only accessed by that person or that person who have the authorization for it.
Availability means that only those have authorization can check its data whereas
others who don’t have authorization would be blocked by the security on the network.
4) Nonrepudiation- is the newest and most and not widely used security option used for
integrity, availability, and confidentiality. It is the security option in which the person
has to give its digital signature for the authorization process rather than using a
password or anything else. It would be the best way to secure your data if it would be
used widely and perfectly. It’s basically used for the business purposes in the e-
commerce section to provide a perfect authorization and authentication (Carter,
2012):-
These were some of the security goals which should be achieved during the business and
technical areas. By achieving these goals it provides full protection against the intruders
or the malicious person or different threats.
There are many business and government organizations in the world which have it
departments. These it department deals with most of the security issues that the
organization is facing. If there is any security breach or any security issues arise in the
organization is being faced solved by this it departments. Solve in that way that it doesn’t
arise again with the same problem about the same security issue.
This was the main objective of the network security behind the business and technical
field (Mitchell, 2017).
Assumptions
It is very important for each and every organization to take some of the assumptions for
the security of those organizations. With the help of these assumptions, it makes it easier
to increase the security need of an organization. By proper surveying about the problems
6
authorization methods are kept on the network which allows only those authorized
person who has the clearance to see their confidential details.
2) Integrity- it is made by both the confidentiality and availability of the data. The main
feature of the integrity is that not only it’s authorized the data but also checks that the
data which is stored on the network is not changed by any authorized person or saved
in such a way that it is not contaminated.
3) Availability- means that the data which is stored on the website or on the internet can
be only accessed by that person or that person who have the authorization for it.
Availability means that only those have authorization can check its data whereas
others who don’t have authorization would be blocked by the security on the network.
4) Nonrepudiation- is the newest and most and not widely used security option used for
integrity, availability, and confidentiality. It is the security option in which the person
has to give its digital signature for the authorization process rather than using a
password or anything else. It would be the best way to secure your data if it would be
used widely and perfectly. It’s basically used for the business purposes in the e-
commerce section to provide a perfect authorization and authentication (Carter,
2012):-
These were some of the security goals which should be achieved during the business and
technical areas. By achieving these goals it provides full protection against the intruders
or the malicious person or different threats.
There are many business and government organizations in the world which have it
departments. These it department deals with most of the security issues that the
organization is facing. If there is any security breach or any security issues arise in the
organization is being faced solved by this it departments. Solve in that way that it doesn’t
arise again with the same problem about the same security issue.
This was the main objective of the network security behind the business and technical
field (Mitchell, 2017).
Assumptions
It is very important for each and every organization to take some of the assumptions for
the security of those organizations. With the help of these assumptions, it makes it easier
to increase the security need of an organization. By proper surveying about the problems
6
that can come in the way is not solved by making assumptions and probability that it can
occur.
Some of the assumptions taken in an organization are:
Assumptions that authentication is enough: assumptions are taken that the
security over login condition in the account or in laptops is enough. If there is
security on the authentication is put, it is assumed that no more security
required to put through further. Which is not true, further security is also
needed because only one security over authentication is not enough. There is
much another security breach through which threats can enter the network.
The second assumption that some organization or person take is that firewall is
enough for the security purposes. They think that the firewall which creates a
wall between the network and the user through which security breaches are
made difficult but they do not understand that it not enough for security
purpose that is so not true. It is required for other securities also. Firewall is not
enough for the security purposes because it only protects the organization only
from some of the security threats not all. So it is required to make the security
strong and make sure that all the security threats are concerned but not only
one(Mitchell, 2017).
Reactive posture is one of the best useful assumptions that are taken for the
security purpose. As the user has known that only authentication and firewall is
not enough for the security threats so it uses reactive posture.in a reactive
posture, it takes out the holes in the security and rectifies it before any hacker
or threat attack through it. It is one of the best ways because it takes out before
only what are the things which are remaining in securing the network so that no
lope holes are there. If there is any then it should notify and then rectify the
damage.
The last one and the final one is that whenever a security breach is going to
occur or any threats which are going to occur the security will notify the user
before only through which the user can know what are threats which are going
to attack o him or her during networking. By this notification, the user can
easily outcome this threat and rectify the loopholes which he did not know it
before. It is one of the best assumptions because every time threats are going to
come the user will come to know beforehand and the user can upgrade its
7
occur.
Some of the assumptions taken in an organization are:
Assumptions that authentication is enough: assumptions are taken that the
security over login condition in the account or in laptops is enough. If there is
security on the authentication is put, it is assumed that no more security
required to put through further. Which is not true, further security is also
needed because only one security over authentication is not enough. There is
much another security breach through which threats can enter the network.
The second assumption that some organization or person take is that firewall is
enough for the security purposes. They think that the firewall which creates a
wall between the network and the user through which security breaches are
made difficult but they do not understand that it not enough for security
purpose that is so not true. It is required for other securities also. Firewall is not
enough for the security purposes because it only protects the organization only
from some of the security threats not all. So it is required to make the security
strong and make sure that all the security threats are concerned but not only
one(Mitchell, 2017).
Reactive posture is one of the best useful assumptions that are taken for the
security purpose. As the user has known that only authentication and firewall is
not enough for the security threats so it uses reactive posture.in a reactive
posture, it takes out the holes in the security and rectifies it before any hacker
or threat attack through it. It is one of the best ways because it takes out before
only what are the things which are remaining in securing the network so that no
lope holes are there. If there is any then it should notify and then rectify the
damage.
The last one and the final one is that whenever a security breach is going to
occur or any threats which are going to occur the security will notify the user
before only through which the user can know what are threats which are going
to attack o him or her during networking. By this notification, the user can
easily outcome this threat and rectify the loopholes which he did not know it
before. It is one of the best assumptions because every time threats are going to
come the user will come to know beforehand and the user can upgrade its
7
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Network Security Assessmentlg...
|9
|1749
|483
Network Security Assessment Reportlg...
|9
|1577
|381
Vulnerabilities in Network Security: An Analysislg...
|9
|1749
|130
Importance of Networking and Security in Organizationslg...
|13
|3345
|99
Risks, Threats, and Vulnerabilities in Bank IT Infrastructurelg...
|3
|803
|366
Virtual Networkinglg...
|11
|3019
|90