Opinion
Ten steps to secure networking
By Pamela Warren, Nortel Corp.
September 29, 2005 12:00 PM ET
Computerworld - Secure networking ensures that the network is available to perform its appointed task by protecting it from attacks originating inside and outside the organization.
Traditional thinking equates this to a handful of specific requirements, including user authentication, user device protection and point solutions. However, the move to convergence, together with greater workforce mobility, exposes networks to new vulnerabilities, as any connected user can potentially attack the network.
Application traffic must be securely delivered across the network, avoiding threats such as theft of intellectual property or private data. In addition, the underlying infrastructure must be protected against service disruption (in which the network is not available for its intended use) and service theft (in which an unauthorized user accesses network bandwidth, or an authorized user accesses unauthorized services).
While most organizations focus on securing the application traffic, few put sufficient infrastructure focus beyond point solutions such as firewalls. To protect the total network, security must be incorporated in all layers and the complete networking life cycle.
Secure networking layers
Secure networking involves securing the application traffic as it traverses the network. It should encompass these areas:
- Perimeter security protects the network applications from outside attack, through technologies such as firewall and intrusion detection.
- Communications security provides data confidentiality, integrity and nonrepudiation, typically through the use of Secure Sockets Layer or IPsec virtual private networks (VPN).
Secure networking extends this by protecting the underlying infrastructure from attack.
- Platform security ensures that each device is available to perform its intended function and doesn't become the network's single point of failure. The network security plan should include antivirus checking and host-based intrusion detection, along with endpoint compliance, to ensure that security policies check user devices for required security software.
- Access security ensures that each user has access to only those network elements and applications required to perform his job.
- Physical security protects the network from physical harm or modification, and underlies all security practices. The most obvious forms of physical security include locked doors and alarm systems.
Secure networking life cycle Providing a secure network is not a one-time event, but rather a life cycle that must be continually reviewed, updated and communicated. There are three distinct stages to be considered:
- How can security breaches be prevented? Along with hardening of operating systems and antivirus software, prevention includes processes to regularly review the network's security posture, which is particularly important as new convergence and mobility solutions or new technologies and platforms are added to the network.
- How can security breaches be detected? Although some breaches are obvious, others are much more subtle. Detection techniques include product-level and networkwide intrusion-detection systems, system checks and logs for misconfigurations or other suspicious activity.
- What is the appropriate response to a security breach? A range of preparations must be made to respond to a successful breach, some of which may include the removal of infected devices or large-scale disaster recovery.
Free Insider Guide