1.0 Network Security

1.1 Explain the security function and purpose of network devices and technologies

  • Firewalls

    A firewall is a system or group of systems that enforces an access control policy between two networks. Because it is a mechanism for enforcing policy, it imposes its policy on everything behind it. Firewalls can be configured to protect against unauthenticated logins from the remote devices, and still permit local users to communicate across the internet freely.

    Software firewalls usually work by filtering or blocking information to individual programs and are often integrated with antivirus software while hardware firewalls filter traffic before it reaches your computer and may be integrated within your router or exist as a stand-alone unit.

    By default, a firewall blocks all network traffic coming in to the network it is protecting. To permit traffic through the firewall, exceptions (or rules) are created that allow certain traffic on the network. The rules are defined by the domain names or IP addresses of the sender and receiver of the traffic as well as the type of traffic (e.g. web or SSH).

  • Routers

    Routers are OSI model Network Layer 3 switches that interconnect networks over local or wide areas and provide traffic control and filtering functions when more than one pathway exists between two end-points on the network. Some routers have the capability to connect networks with different physical media and translate between different network architectures.

  • Switches

    A network switch or switching hub is a computer networking device that connects network segments or network devices. The term commonly refers to a multi-port network bridge that processes and routes data at the Data Link Layer (Layer 2) of the OSI model.

  • Load Balancers

  • Proxies

  • Web security gateways

  • VPN concentrators

  • NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic)

  • Protocol analyzers

  • Sniffers

  • Spam filter, all-in-one security appliances

  • Web application firewall vs. network firewall

  • URL filtering, content inspection, malware inspection