WHAT IS NETWORK SECURITY?

The networks are computer networks, both public and private, that are used every day to conduct
transactions and communications among businesses, government agencies and individuals. The
networks are comprised of "nodes", which are "client" terminals (individual user PCs) and one or
more "servers" and/or "host" computers. They are linked by communication systems, some of
which might be private, such as within a company, and others which might be open to public
access. The obvious example of a network system that is open to public access is the Internet, but
many private networks also utilize publicly-accessible communications. Today, most companies'
host computers can be accessed by their employees whether in their offices over a private
communications network, or from their homes or hotel rooms while on the road through normal
telephone lines.

Advantages

 Less drag, more processing time . Anti virus software on each machine slows down each machine.
Centralized protection eliminates this cumulative drag.

 Centralized compatibility . Any time you download or install a new program you run the risk of it
being incompatible with your old anti-virus software.

 Updating . Can you count on all individual users in your organization to update anti-virus software?
Centralized network protection eliminates any worries about employee vigilance.

 Time saving . This applies to all of the above. Updating and managing downloads can all be done
from one central location.

Disadvantages of network security

Cost can be a big factor. This being the price to purchase software / getting it installed / any
down time caused by software etc...

Inconvience. Just think of the UAC in Vista. Some networks have software which really takes
the biscuit. For example, heroin, it insists all users have a second password no less than 12
characters. You have to type in this password every time you open / print / save a document on
the network. All passwords expire every 2 months. Password has to be 5 normal letters, 3
capitals, 3 symbols and 1 number.

False sense of security. Alot of admins, because they have implemented some security
precautions stop checking logs, and start getting too confident in the system. Some night the
whole network gets taking down and then going back over the logs the admin sees clear as day,
the attackers probes on the network. Had he have being more security conscious he would have
being checking the logs and spotted the probbings and he would have had time to do something
about it.

Network Security Applications

Network Security / Vulnerability Analysis Applications:

This project team is developing security suites for the enterprise network and a typical intranet.
The application monitors the network with sniffers and generates customised log reports for the
network traffic under analysis. The objectives are to capture the network status during a given
period of time with the service point of view, monitoring for vulnerabilities and identifying
intruders. The application includes an administrative perspective and to generate performance of
the network as a whole.

AU-KBC Sniffer Suite:

A customised sniffer suite will administer ethernet packets in the network. Customisation shall
be addressed based on the need of the enterprise and the business rules, to identify and extract
information on relevant data. A customisable log analyser interfaces with the sniffer application
and generates a variety of  reports. This analyser can be configured to generate alert messages, 
periodic reporting on a priority basis, and a variety of notifications. Current improvements
include sniffers reach to wider networks and enhance the activity log mechanism. This suite is
very useful for administrators monitoring for vulnerabilities in the network,  for law enforcement
agencies enforcing the law, protecting the enterprise resources using service alert calls on
unknown member entry / intruder attacks and others. This is piloted at several government
agencies in India.

Feature of Network Security

By combining proven Cisco IOS® Software functions and industry-leading LAN and WAN connectivity with world-class
network security features, integrated router security solutions offer customers the following benefits:

• Use existing infrastructure to secure branch-office connections: You can take full advantage of your existing network
infrastructure to control security threats at remote sites and conserve WAN bandwidth-without deploying additional
hardware.
• Protect gateways and network infrastructure: You can safeguard your router and all entry points into your network to
defend against attacks such as hacking and distributed denial-of-service (DDoS) attacks.
• Offer perimeterwide security: You have the flexibility to apply security functions, such as firewall, intrusion
prevention system (IPS), content filtering, and VPN, anywhere in your network to maximize security benefits.
• Secure voice and video networks: Advanced VPN and IOS Firewall features deliver secure, high-quality voice and
video and protect against call eavesdropping, toll fraud, and denial of service (DoS).
• Enable advanced teleworking: The solutions provide secure teleworking capabilities, enabling business resilience
during disasters and pandemics.
• Cost-effective with both capital expenditures (CapEx) and operating expenses (OpEx): The solutions reduce the
number of devices, lowering training, manageability, power, and service contract costs. In addition, security bundles
provide significant savings compared to buying the router and security features separately.