Network Security: An Introduction
Network Security is very essential in any organization. Without network security, there is always threat in that organization for information being hacked and cracked. Network security is the protection of information and systems and hardware that use, store and transmit that information, as defined by National Telecommunications Security and Information System Security Committee. So, network security encompasses those steps that are taken to ensure the confidentiality, integrity and availability of data or resources. There are internal and external threats to an organization. So, the main goal of information security is to ensure confidentiality, integrity and availability of information. A simple information security model can be as below,
So, the life cycle of information security includes assessment, policy developement, implementation, training and auditing. Similarly, the security policy should pass different phases like secure, monitor, test and improve.
There are different possible attacks from insiders, ex-employees, competitors, customers, disasters, hackers/crackers and cyber terrorists.
All crackers are hackers, but not all hackers are crackers. This link give difference between hacker and cracker.
Different categories of security are: information security, network security, computer security, internet security. Security attacks are of two types: one is passive attack and another is active attack. Reading the intercepted message only is passive attack whereas manipulating the message before sending is active attack.
Threat agent gives rise to threat by exploiting vulnerabilities in the system. This leads to risk in and could damage in the assets, most probably causing exposure which can be safeguarded by taking counter-measures. We can manage the risk either accepting, transferring or completely avoid or mitigating the risk exposure.
A generic network security model is,
That’s It. Cheers!