WHAT IS NETWORK SECURITY?
The networks are computer networks,
both public and private, that are used every day to
conduct transactions and communications among businesses,
government agencies and individuals. The networks are
comprised of "nodes", which are "client" terminals (individual
user PCs) and one or more "servers" and/or "host" computers.
They are linked by communication systems, some of which
might be private, such as within a company, and others
which might be open to public access. The obvious example
of a network system that is open to public access is
the Internet, but many private networks also utilize
publicly-accessible communications. Today, most companies'
host computers can be accessed by their employees whether
in their offices over a private communications network,
or from their homes or hotel rooms while on the road
through normal telephone lines.
Network security involves all activities that organizations,
enterprises, and institutions undertake to protect the
value and ongoing usability of assets and the integrity
and continuity of operations. An effective network security
strategy requires identifying threats and then choosing
the most effective set of tools to combat them.
Threats to network security include:
Viruses : Computer programs written by devious
programmers and designed to replicate themselves and
infect computers when triggered by a specific event
Trojan horse programs : Delivery vehicles for destructive
code, which appear to be harmless or useful software
programs such as games
Vandals : Software applications or applets that
cause destruction
Attacks : Including reconnaissance attacks (information-gathering
activities to collect data that is later used to compromise
networks); access attacks (which exploit network vulnerabilities
in order to gain entry to e-mail, databases, or the
corporate network); and denial-of-service attacks (which
prevent access to part or all of a computer system)
Data interception : Involves eavesdropping on
communications or altering data packets being transmitted
Social engineering : Obtaining confidential network
security information through nontechnical means, such
as posing as a technical support person and asking for
people's passwords
Network security
tools include:
Antivirus software packages : These packages
counter most virus threats if regularly updated and
correctly maintained.
Secure network infrastructure : Switches and
routers have hardware and software features that support
secure connectivity, perimeter security, intrusion protection,
identity services, and security management.
Dedicated network security hardware and software-Tools
such as firewalls and intrusion detection systems provide
protection for all areas of the network and enable secure
connections.
Virtual private networks : These networks provide
access control and data encryption between two different
computers on a network. This allows remote workers to
connect to the network without the risk of a hacker
or thief intercepting data.
Identity services : These services help to identify
users and control their activities and transactions
on the network. Services include passwords, digital
certificates, and digital authentication keys.
Encryption : Encryption ensures that messages
cannot be intercepted or read by anyone other than the
authorized recipient.
Security management : This is the glue that holds
together the other building blocks of a strong security
solution.
None of these approaches alone will be sufficient to
protect a network, but when they are layered together,
they can be highly effective in keeping a network safe
from attacks and other threats to security. In addition,
well-thought-out corporate policies are critical to
determine and control access to various parts of the
network.
Bogazici University
Computer Center - 34342 Bebek, Istanbul
(0212) 3594700-3596445 
