:Preface

The first question to address is what we mean by “network security.” Several

possible fields of effort come to mind within this broad topic, and each is worthy of a
lengthy article. To begin, virtually all the security policy issues raised in Matt
Bishop‟s book, Computer Security Art and Science apply to network as well as
general computer security considerations. In fact, viewed from this perspective,
.network security is a subset of computer security

Network Security deals with all aspects related to the protection of the sensitive
information assets existing on the network. It covers various mechanisms developed
to provide fundamental security services for data communication. The art and
science of cryptography and its role in providing confidentiality, integrity, and
authentication represents another distinct focus even though it‟s an integral feature
.of network security policy

The Network Security also includes design and configuration issues for both
networkperimeter and computer system security. References in this area include
Stephen Northcutt and colleagues‟ Inside Network Perimeter Security the classic
Firewalls and Network Security by Steven Bellovin and William Cheswick, and too
many specific system configuration texts to list. These are merely starting points for
the interested novice

It seems that every other day there is a story in the newspapers about a computer
network being compromised by hackers. Every organization should monitor its
systems for possible unauthorized intrusion and other attacks. This needs to be part
of the daily routine of every organization's IT unit, as it is essential to safeguarding a
company's information assets

The most reliable way to ensure the safety of a company's computers is to refrain
from putting them on a network and to keep them behind locked doors.
Unfortunately, however, that is not a very practical solution. Today, computers are
most useful if they are networked together to share information and resources, and
companies that put their computers on a network need to take some simple
.precautions to reduce the risk of unauthorized access
It may seem absurd to ask the question. "Why is computer and network security
important?" but it is crucial for organizations to define why they want to achieve
computer security to determine how they will achieve it. It is also a useful tool to
employ when seeking senior management's authorization for security-related
:expenditures. Computer and network security is important for the following reasons

 To protect company assets

 To gain a competitive advantage

 To comply with regulatory requirements and fiduciary responsibilities

 To keep your job

One thing to keep in mind is that network security costs money: It costs money to
hire, train, and retain personnel; to buy hardware and software to secure an
organization's networks; and to pay for the increased overhead and degraded
network and system performance that results from firewalls, filters, and intrusion
detection systems (IDSs). As a result, network security is not cheap. However, it is
probably cheaper than the costs associated with having an organization's network
.compromised

History
The need for network security is a relatively new requirement. Prior to the 1980s
most computers were not networked. It was not due to lack of desire to network
them; it was more a result of the lack of technology. Most systems were mainframes
or midrange systems that were centrally controlled and administered. Users
interfaced with the mainframe through "dumb" terminals. The terminals had limited
capabilities. Terminals actually required a physical connection on a dedicated port.
The ports were often serial connections that utilized the RS-232 protocol. It usually
required one port for one terminal. IBM, Digital Equipment, and other computer
manufacturers developed variations on this architecture by utilizing terminal servers,
but the basic concept was the same. There was nothing equivalent to what we
experience today where hundreds if not thousands of connections can reach a
system on a single network circuit

In the 1980s, the combination of the development of the personal computer (PC),
the development of network protocol standards, the decrease in the cost of
hardware, and the development of new applications made networking a much more
accepted practice. As a result, LANs, WANs, and distributed computing experienced
.tremendous growth during that period
When first deployed, LANs were relatively secure-mainly because they were
physically isolated. They were not usually connected to WANs, so their standalone
.nature protected the network resources

WANs actually preceded LANs and had been around for some time, but they were
usually centrally controlled and accessible by only a few individuals in most
organizations. WANs utilizing direct or dedicated privately owned or leased circuits
were relatively secure because access to circuits was limited. To connect two
locations (points A and B) usually required a point-to-point (A-B) circuit. If you
wanted to connect a third location (point C) to both A and B, it required two more
.circuits (A-B, A-C, B-C)

Development of packet-switched protocols such as X.25 and Transmission Control

Protocol/Internet Protocol (TCP/IP) reduced the cost to deploy WANs, thus making
them more attractive to implement. These protocols allowed many systems to share
circuits. Many people or organizations could be interconnected over the shared
network. It was no longer necessary to connect systems in a point-to-point
configuration. Vulnerabilities were introduced with the deployment of this
distributed environment utilizing shared, packet switched networks employing
.protocols such as TCP/IP and the concept of trusted systems

Systems on the network "trusted" each other. This situation was frequently made
worse by connecting relatively secure LANs to an unsecured WAN. Basically, an
organization's network connections enter into the cloud of the packet-switched
network. Other organizations share the cloud, and on the packet-switched network
.one company's packets are intermixed with another organization's packets

In this distributed environment the emphasis was on providing ease of access and
connectivity. Security was an afterthought, if it was considered at all. As a result,
many systems were wide open and vulnerable to threats that previously had not
existed
The Internet is the largest and best known of this type of network. The Internet
utilizes TCP/IP and was primarily designed to connect computers regardless of their
operating systems in an easy and efficient manner. Security was not part of the early
design of TCP/IP, and there have been a number of widely publicized attacks that
have exploited inherent weaknesses in its design. One well-known event was the
Internet Worm that brought the Internet to its knees back in 1986. Today, security
.has to be more important than ease of access
:Outline of Ch.2
This chapter (The second chapter) of the project contains fundamental knowledge
on network security and related topics. It provides comprehensive coverage of the
fundamental concepts of network security and the processes and means required to
implement a secure network. Therefore, the goal of this chapter is to provide an
understanding of security engineering processes. The flow of the material is
designed to provide a smooth transition from fundamental principles and basic
.knowledge to the practical details of network security

This Chapter also describes the various network protocols, particularly the specifics
of the OSI and TCP models. The fundamental concepts of wireless communication
and wireless security are explained, including wireless vulnerabilities. In general, this
:chapter addresses the following relevant and important areas
Network Security Background: This first section provides a foundation for the -
current state of network security so you can understand the key issues and areas of
focus. This first section lays the foundation for the rest of the project and for building
.a robust knowledge base on network security
State of Network Security: In order to be able to properly protect an organization -
we need to understand the current state of network security, what is happening, and
what risks an organization needs to be most concerned with. Even though cyber
security is gaining a lot of attention, many organizations have a perception of what‟s
happening that‟s not always directly aligned with reality
Attacks and Threats: The only way to have a good defense is by understanding the -
offense. This chapter looks at the various threats that organizations face and dissect
the threats down into specific attacks that can be launched against an organization.
By understanding the specific attacks, these can mapped against key vulnerabilities
.and be used as a roadmap to securing an organization
Network Protocols: This chapter explains briefly the OSI and TCP models and the IP,
ICMP, TCP, and other protocols. It also reviews address resolution concepts and
.methods and relates them to the general goals of network security

The Future: Just because an organization is secure today does not mean it will be
secure in the future. Risks and the corresponding threats and vulnerabilities are
always changing so organizations need to focus on mission resiliency, making sure
that critical business processes continue to operate regardless of any threats that
.might exist
After this chapter, we would have a solid foundation and a clear roadmap for
implementing effective, proactive security across an organization. Always remember
that security is all about justifying risk to critical assets, so before we spend a dollar
:of our budget or an hour of our time we would ask these three important questions
?What is the risk ■
?Is it the highest priority risk ■
?What is the most cost-effective way of reducing the risk ■

In the next chapters of the project, the topics addressed will include implementing
virtual private networks (VPNs), and applying different protocols to protect
information transmitted over the Internet. Chapter 3 explains the functioning of
virtual private networks (VPNs) and the considerations that must be addressed
before implementing a VPN. It also surveys the various protocols now in use and
.presents an example of a low-cost VPN implementation
As we finish up the project, the last chapters look at putting everything we have
learned together into an integrated solution. Network Security is not about
deploying products or technology; it is about solutions that provide proactive
security to enable mission resilience focusing on reducing risk to an organization's
.critical assets