MODERN NETWORK

SECURITY:
 INTRODUCTION
o Network security can be defined as protection of
networks and their services from unauthorized
alteration, destruction, or disclosure, and provision of
assurance that the network performs in critical
situations and have no harmful effects for neither user
nor for employee
o It also includes provisions made in an underlying
computer network infrastructure, policies adopted by
the network administrator to protect the network and
the network-accessible resources from unauthorized
access.
Security Attacks
Passive Attacks Active Attacks

This type of attack requires the attacker

This type of attacks includes attempts to to send data to one or both of the
break the system by using observed data. parties, or block the data stream in one
or both directions.
Network Security Measures

Strong Firewall Antivirus Strong Passwords Physical Security

Network Security Tools

NMAP Wireshark Nessus

SECURITY METHODS
Cryptographic Firewalls

o In cryptography, a key is a string of characters used A firewall is simply a group of components that collectively
within an encryption algorithm for altering data so form a barrier between two networks​. There are three basic
that it appears random. types of firewalls:
o Like a physical key, it locks (encrypts) data so that only
I) Application Gateways
someone with the right key can unlock (decrypt) it
II) Packet Filtering
Application Gateways

o Application-level gateway is also called a

bastion host.
o It operates at the application level.
o Multiple application gateways can run on the
same host but each gateway is a separate server
with its own processes.

o These firewalls, also known as application

proxies, provide the most secure type of data
connection because they can examine every
layer of the communication, including the
application data.
PACKET FILTERING

o It works in the network layer of the OSI Model.

o It applies a set of rules (based on the contents of IP and
transport header fields) on each packet and based on the
outcome, decides to either forward or discard the packet.
o Packet filter firewall controls access to packets on the basis of
packet source and destination address or specific transport
protocol type. It is done at the OSI (Open Systems
Interconnection) data link, network, and transport layers.
Packet filter firewall works on the network layer of the OSI
model.
o Packet filters consider only the most basic attributes of each
packet, and they don’t need to remember anything about the
traffic since each packet is examined in isolation. For this
reason, they can decide packet flow very quickly.
Secure Socket Layer (SSL)

• Secure Socket Layer (SSL) provides security to

the data that is transferred between web
browser and server. SSL encrypts the link
between a web server and a browser which
ensures that all data passed between them
remain private and free from attack. 
Intrusion Detection Prevention Systems
• An IPS combines the best features of firewalls and intrusion
detection system to provide a tool that changes the configurations
of network access control points according to the rapidly changing
threat profile of a network.
• This introduces the element of intelligence in network security by
adapting to new attacks and intrusion attempts.
• Intrusion prevention has received a lot of interest in the user
community.
• Most organization evolves in their use of intrusion prevention
technology.
• Some will adopt blocking in weeks and rapidly expand their
blocking as they see the benefits of accurate attack blocking.
Others will start slowly and expand slowly.
• The key is to reliably detect and stop both known and unknown
attacks real time
 FUTURE WORK

• To keep pace in the current threat environment, network security must go beyond the basics. The future of network
security, to be effective, requires implementing technological advances such as AI, machine learning, deep learning
and automation to ensure teams are prepared to employ the latest threat countermeasures.
• The problem is that hackers are incorporating these technologies as well, creating a cybersecurity "arms race" to
determine which side can use them most effectively.
CONCLUSION

• Security has become important issue for large computing organizations. There are different definitions and ideas for the security and risk measures from the
perspective of different persons. The security measures should be designed and provided, first a company should know its need of security on the different
levels of the organization and then it should be implemented for different levels.
• Security policies should be designed first before its implementation in such a way, so that future alteration and adoption can be acceptable and easily
manageable.
• The security system must be tight but must be flexible for the end-user to make him comfortable, he should not feel that security system is moving around him.
• Users who find security policies and systems too restrictive will find ways around them.