by December 2, 2003 0 comments



There are six must know key elements to network security–firewalls, patches and update management, anti-virus/anti-spam, intrusion detection, security policy, and the human factor. The last one may come as a surprise, but is actually the weakest link in network security. Network security therefore, starts by defining policies and educating users of the same.

Once the policies are in place, it becomes easier to work on the remaining elements. These are equally important for an SME as for a large enterprise; differing in level of implementation. Each element applies to the network and individual nodes.

Not all organizations would need firewall at the network level. A small company can implement a personal firewall on each system, and educate users on how to manage it. A medium sized organization would need both a network as well as a personal firewall. Firewalls are available as hardware and software, both commercial and free. 

Next is patch management. Often networks get compromised because the hacker/ malicious code manages to find an unpatched vulnerability on a system. The system could be a server, desktop, or even networking hardware such as firewalls and routers . So devise a strategy for network wide patch roll-out. Smaller organizations can do it manually, but medium sized organizations could do with some automation. Software like Microsoft System Update Services is available to automate patch roll-out on a Windows network. Also, we’ve talked about how small workgroups can do it using free software and some scripting later in this story. 

>>MUST
CHECK
n FIREWALLS.
To protect your network from threats coming from the Internet
n ANTI-VIRUS/ANTI-SPAM
To protect systems from viruses and threats entering through spam
n INTRUSTION DETECTION
SYSTEM. 

To timely detect suspicious activity on your network

What if despite all security, somebody gets into your network? That’s where intrusion detection system (IDS) comes in. An IDS need not be an expensive commercial package, even a simple packet capturing utility like Ethereal or EtherPeek will do.

For instance, the recent Welchia worm threat spread by throwing ICMP packets on the network to find vulnerable systems. If you are aware of this info, then you can easily find the infected machines using a packet capturing utility. At the desktop, you also need some tools such as a personal firewall, spyware and script blockers. Most personal firewalls such as Norton, ZoneAlarm, also have basic intrusion detection built in. We’ve talked about freeuseful network security utilities in a separate article. 

Anti-virus and anti-spam software must be implemented on your servers and workstations against viruses, worms and
spam.

While it’s not possible to completely block viruses and spam, software should be constantly updated to protect against the emerging threats. A medium organization could go for a client/server anti-virus solution, wherein the server would automatically download the updates and push them to the clients. 

Anil Chopra

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

Your data will be safe!Your e-mail address will not be published. Also other data will not be shared with third person.