1.0 Network Security


1.1 Implement security configuration parameters on network devices and other technologies.

  • Firewalls

    A firewall is a system or group of systems that enforces an access control policy between two networks. Because it is a mechanism for enforcing policy, it imposes its policy on everything behind it. Firewalls can be configured to protect against unauthenticated logins from the remote devices, and still permit local users to communicate across the internet freely.

    Software firewalls usually work by filtering or blocking information to individual programs and are often integrated with antivirus software while hardware firewalls filter traffic before it reaches your computer and may be integrated within your router or exist as a stand-alone unit.

    By default, a firewall blocks all network traffic coming in to the network it is protecting. To permit traffic through the firewall, exceptions (or rules) are created that allow certain traffic on the network. The rules are defined by the domain names or IP addresses of the sender and receiver of the traffic as well as the type of traffic (e.g. web or SSH).


  • Routers

    Routers are OSI model Network Layer 3 switches that interconnect networks over local or wide areas and provide traffic control and filtering functions when more than one pathway exists between two end-points on the network. Some routers have the capability to connect networks with different physical media and translate between different network architectures.

    Home or small-business routers typically come with insecure default configurations. There are steps that should be taken to protect these devices

    Routers are typically configured with a default internal IP address allowing a standardized method of access through a connected web browser. The router's management interface should not be accessible from the internet. If remote management is needed, consider using a VPN (virtual private network) to establish a secure channel to the local network first and then access the router's interface. Most are also configured with a default administrator password which should be immediately changed once you connect to the router’s management interface for the first time.


  • Switches

    A network switch or switching hub is a computer networking device that connects network segments or network devices. The term commonly refers to a multi-port network bridge that processes and routes data at the Data Link Layer (Layer 2) of the OSI model.


  • Load Balancers


  • Proxies


  • Web security gateways


  • VPN concentrators


  • NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic)


  • Protocol analyzers


  • Spam filter


  • UTM security appliances
    • URL filter
    • Content inspection
    • Malware inspection


  • Web application firewall vs. network firewall


  • Application aware devices
    • Firewalls
    • IPS
    • IDS
    • Proxies


Recommended

 





Associates