Information or data is what keep the world moving. Information or data of a person or company can help an attacker who is against the owner of data, and can be used for the benefit of the same (Richardson & Director, 2008). The essence of ensuring that the networks are secure is to see to it that data being transmitted, or held within the network is secure and no one can interfere with it (Brickell, Hall, Cihula, & Uhlig, 2011).
In the world of computing, and communication, networks can never be avoided as the industry grows. It is because of networks that the world is able to communicate limiting the geographical distance of the globe (Armstrong et al., 2008). Network varies in types we have the local area network(LAN) and wide area network(WAN), these are a clear indication that a network can cover not only a village but also the whole universe.
Network security ensures that policies and practices are adopted to help prevent and control access, modification, misuse and denial of network accessible resources by an unauthorized person. Network security oversees the network itself as well as protect all the operation being run (Conklin, White, Cothren, Davis, & Williams, 2015).
With the merging of voice and data in communication, together with the high dependency of organization to networked application and internet, the need for network securely increases every new day (Goodrich & Tamassia, 2011). Networks have a lot of threats that are regarded as harm. The harms are ether human or non-human. The non-human includes natural disasters, loss of power and failure of components. The human harms are either malicious or not malicious. This harm threatens the aims of security.
Confidentiality: this entails information being transmitted over the network not being able to be accessed by a third party. confidentiality is a legal requirement for any information, either it is customer information in a company or the company itself, or any data signal on transit via the network (M. Li, Lou, & Ren, 2010). Therefore, data on any network should not be accessed by a third part voluntarily or involuntarily. Maintaining confidentiality with the customer’s data the company maintain a relationship based on trust with the customers since their right of privacy is maintained. To maintain confidentiality information on transit should be accessed by the sender and the recipient. the transfer should be so secure any the data should be prevented from using unauthorized access routes (Hudic, Islam, Kieseberg, & Weippl, 2012).
To ensure data confidentiality, there is high training that is required for those privy of such. The training should be accompanied by use of strong passwords and also familiarization with the password related best-practices and also information on social engineering. Data encryption is the best in ensuring confidentiality. Use of IDs and password also help in data protection. Two-factor authentication and other ways of data protection such as use of biometric verifications, security tokens, key fobs and soft tokens. physically the user of the network can limit where the information appears and the number of cycles is to be transmitted so as to achieve the required (Yu, Wang, Ren, & Lou, 2010).
Integrity.This ensures that data is consistence, accurate and its trust-worth of data maintained over the full life cycle of data, that is, it ensures data is not altered or destroyed by any unauthorized manner (Sridhar & Manimaran, 2010). In a communication network a message that is sent should be exactly as the one received. Data should not be altered while on transit and measures put to prevent data from being tampered with by any either malicious, or non-malicious personnel. The measure are file permission and access controls (Jover, 2013). To prevent erroneous changes or accidental deletion by the authorized user the version control can be used. Changes to the data may also occur due to non-human errors that occur during transmission . This may involve electromagnetic pulse, server crash, use of checksums to use in verifying the integrity of data can be used. Keeping of backup or redundancies can help also in restoring the affected data (Chen & Liu, 2012).
Availability: this goal ensures that the network is in continuous operation. this network goal of network security is achieved by maintaining all the hardware, making sure the hardware is repaired in case of failure and maintaining a correctly functioning of the OS and system upgrade (F. Li & Luo, 2012). To achieve this aim there is need to provide enough bandwidth, avoiding bottlenecks occurring. Redundancy, RAID, failover help mitigate the security bleaches that compromise availability. A comprehensive disaster recovery plan is needed that will reduce cases of system failures rendering the service unavailable.
Apart from the many benefits associated with the network, the emerging security issues include data loss, security breaches and other malicious attacks.
The goals of the network security may be compromised by security threats. The security threats are divided into two broad categories passive and active attack. Passive attack includes breaking into the system using observed data. It involves plain text attacks eavesdropping and observing of data communication. Main aim of passive attack is to gather data or get details of the communicating channel, this compromises the confidentiality aim of network security.
Interception: attacks confidentiality such as eavesdropping and middleman attacks.
Traffic analysis: it focuses on compromising confidentiality and anonymity, it may involve tracing back on a network, and on CRT radiation.
The attacks involve modifying the communication media or bits of data being transmitted via channel. this include;
Masquerade: this is using another the logins of a legitimate entity with the aim of abusing and accessing resources that the user has the privileges to access
Replay: it entails the retransmission of existing and data which has already been transmitted so as to produce an authorized effect.
Service denial: it is all about preventing and reducing the quality of the legitimate services, this attack targets the entire network or just the host. It attacks availability
Fabrication affects authenticity.
To avoid this kind attacks, the following management issues, need to be put in considerations, having a pre-defined security policies and methodology that need to be enhanced on people and process. There is need adopt technologies which are effective and have low cost of maintenance so as to monitor day to day operation of a network. Scale up the network infrastructure as well as ensuring that the entire network is secure. people, processes and technology need to be combined so as to achieve the security blueprint. The personnel in charge of the network security and the network administration should be up-to date with the new inventories in network world (Verma, Makwana, & Khan, 2015).
Currently these are the methods that are being used to help maintain network security.
Cryptography – this is the use of cipher (encoded text) to encode or encrypt a message. The message is encrypted by the sender and the cipher is shared with the recipient, at the destination the recipient decode/decrypt the message.
Use of firewall: a firewall is a group of components that barrier between the network. There are three types of firewall, the first one is application gateway. This type of firewall is also called the proxy gateway which act as a server. This software at the application layer of the OSI model. The users behind the firewall are categories and are given privileges on what to access over the internet. It secure since it does not allow anything passing through by default. The second one is packet filtering; in this case the routers have access control lists (ACL)turned on. This method of security is less complex simply because the access control is at the lower level of the OSI. The third one is hybrid systems, this one involves combining the application gateway and the packet filtering gateways. In the systems new connections must be authenticated and approved at the application layer, the remainder is passed down to session layer, where packet filtering is done ensuring that only packets which are ongoing are authenticated and approved.
In this age of network security, the following can be adopted to help improve the network security.
The network security policy is a written document that inform the users of the network of the best practices, i.e. who can access the network, what limitation and the privileges they have when handling the network. The policy is all about identifying important data assets, carrying out risk assessment tests and also create the disaster recovery plan. password, when to logoff your session and many more .
Use of very complex password enhance network security and ensuring that the passwords are changed every 90 days. The Microsoft active directory helps in such and give the recommended password protocols, where by if you change the password every quarter you are turned off (Bulgurcu, Cavusoglu, & Benbasat, 2010).
The network should be kept infallible against any hazardous attacks, the operating system, the antivirus, firmware, device drivers, other software and other end user devices should be kept up to date. After the update they should be checked and reviewed so as to change the defaults security setting so as to match the network policy
Setup network privileges, and educate the staff on cybersecurity and the value of data privacy. This will help the staff comply to the security rule set.
The IT strategy key part is the use of secure backup plans. The secure backup help one survive all sort of eventualities like file deletion, nature caused destruction like hurricanes and fire. It also helps in the surviving cyberblackmail, the backup data should be very secure where it is stored, in a remote location and it should be away from the primary business place.
These protections include firewalls, spam filtering, phishing blocking, malware locking, virus protection and intrusion detection software. The protection helps a company not to lose data or avoid the company not to be attacked with the aim of gaining information (Liu, 2011).
The current strategy used network security is the compliance to the set standards on network security. The main aim of the standards is to make them become compliant standards like to the newer PCI-DSS.
Artificial intelligence (AI) is an emerging technology which will serve as a future solution to network security in the near future. When AI is integrated and run with the security space virtually and physically will help identify patterns much quicker than human being (Russell & Norvig, 2016).
Use of SDN will improve the network defense. This will be achieved through one, centralized data routing, the SDN will be able to push data packets through a single firewall and make IDS and IPS data capture more effective. Two, it will simplify VLAN configurations, SDN will make it easy to automate configurations and also improve the traceability of the configurations. Three, it will make it easy to pressure off of a perimeter, using the flow based security processing, the SDN will offer dynamic way to route traffic via a security appliance and application taking some of the pressure off the perimeter defenses. Four, it will make it more effective to manage the policy. SDN will be able to manage centrally the security policies so as the policies can be operating more efficiently .
Intrusion detection and prevention systems IPS merges the best attribute of firewalls and intrusion detection system so as to provide a tools that change how a network is configured to access control points in reference to the fast changing threat profile of a network. It introduces the element of intelligence in the network security. ASIC based appliance will facilitate the move from software based security to ASIC based appliance just as the routers.
Network security will be affected by the internet of things, cloud computing is affecting the network security as the distributed denial of service(DDoS) attack are getting worse, these is because more and more people are able to access the internet. Therefore, there is need to raise need to raise more network strategies that will help integrate the use of the three together without causing a threat for the same.
The issue of network security cannot be ignored and there is no way that we can evade it as the cybercrimes are increasing day in day out. Networks are the backbone of all communication either wireless and the wired connection. In this era of developing technologies, there is need to keep a close eye on the network security. The network security personnel need to be up to date with emerging threat, vulnerabilities and ways to counter the threats so as to maximize the security of sensitive data assets and also be aware of software that can curb these threat. Research into the network security of should be done in order to develop efficient, robust and adaptable solutions to contemporary network threats while maintaining the security goals of confidentiality, integrity and availability. As we carry one there is no need to put network security at a high note and in total consideration so as to help in maintaining the trust of any business here by any data that is transmitted over the network achieve the goals of the network which are the integrity, confidentiality and availability.
References
Armstrong, B., England, P., Field, S. A., Garms, J., Kramer, M., & Ray, K. D. (2008). Computer security management, such as in a virtual machine or hardened operating system. Google Patents.
Brickell, E. F., Hall, C. D., Cihula, J. F., & Uhlig, R. (2011). Method of improving computer security through sandboxing. Google Patents.
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523–548.
Chen, Y.-F., & Liu, S. R. (2012). Computer security threat data collection and aggregation with user privacy protection. Google Patents.
Conklin, W. A., White, G., Cothren, C., Davis, R., & Williams, D. (2015). Principles of computer security. McGraw-Hill Education Group.
Goodrich, M. T., & Tamassia, R. (2011). Introduction to computer security. Pearson.
Hudic, A., Islam, S., Kieseberg, P., & Weippl, E. R. (2012). Data confidentiality using fragmentation in cloud computing. Int. J. Communication Networks and Distributed Systems, 1(3/4), 1.
Jover, R. P. (2013). Security attacks against the availability of LTE mobility networks: Overview and research directions. In WPMC (pp. 1–9).
Li, F., & Luo, B. (2012). Preserving data integrity for smart grid data aggregation. In Smart grid communications (SmartGridComm), 2012 IEEE third international conference on (pp. 366–371). IEEE.
Li, M., Lou, W., & Ren, K. (2010). Data security and privacy in wireless body area networks. IEEE Wireless Communications, 17(1).
Liu, X. (2011). Antivirus protection system and method for computers. Google Patents.
Richardson, R., & Director, C. S. I. (2008). CSI computer crime and security survey. Computer Security Institute, 1, 1–30.
Russell, S. J., & Norvig, P. (2016). Artificial intelligence: a modern approach. Malaysia; Pearson Education Limited,.
Sridhar, S., & Manimaran, G. (2010). Data integrity attacks and their impacts on SCADA control system. In Power and Energy Society General Meeting, 2010 IEEE (pp. 1–6). IEEE.
Verma, P., Makwana, A., & Khan, S. (2015). Cyber security: A survey on issues and solutions. J. Impact Factor, 6(4), 51–59.
Yu, S., Wang, C., Ren, K., & Lou, W. (2010). Achieving secure, scalable, and fine-grained data access control in cloud computing. In Infocom, 2010 proceedings IEEE (pp. 1–9). Ieee.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download