Unit 3

NETWORK SECURITY AND TRAFFIC MANAGEMENT

Learning Objectives
At the end of the session, the students should be able to:
1. Define Network Security and Traffic Management
2. Define Network Policy
3. Discuss the role of Network Policy
4. Explain security policies that are the basis of security for your company's
technology infrastructure.

Activating Prior Knowledge

I. From the image below, identify specific actions that must be taken to
ensure the safety of your data over the network.

________________________________________________________
________________________________________________________
________________________________________________________

Introduction

The protection of the computer network consists of steps taken by corporations or some
organizations to track and avoid unauthorized access by external attackers.

Depending on the scale of the computer network, distinct approaches to computer network
security management have distinct criteria. A home office, for example, requires basic
network security, while large organizations need high maintenance.

The Network Administrator manages access to the network's data and applications. A
network administrator assigns the approved person the user ID and password.
 Presentation of Contents

What is Network Security?

Network security is a broad term that covers a multitude of technologies, devices and
processes. In its simplest term, it is a set of rules and configurations designed to
protect the integrity, confidentiality and accessibility of computer networks and data
using both software and hardware technologies. Every organization, regardless of
size, industry or infrastructure, requires a degree of network security solutions in
place to protect it from the ever-growing landscape of cyber threats in the wild today.

Today's network architecture is complex and is faced with a threat environment that is
always changing and attackers that are always trying to find and exploit
vulnerabilities. These vulnerabilities can exist in a broad number of areas, including
devices, data, applications, users and locations. For this reason, there are many
network security management tools and applications in use today that address
individual threats and exploits and also regulatory non-compliance. When just a few
minutes of downtime can cause widespread disruption and massive damage to an
organization's bottom line and reputation, it is essential that these protection measures
are in place.

Computer Network Security

Computer network security consists of measures taken by business or some
organizations to monitor and prevent unauthorized access from the outside attackers.
Different approaches to computer network security management have different
requirements depending on the size of the computer network. For example, a home
office requires basic network security while large businesses require high
maintenance to prevent the network from malicious attacks.
Network Administrator controls access to the data and software on the network. A
network administrator assigns the user ID and password to the authorized person.

Aspects of Network Security:

Following are the desirable properties to achieve secure communication:
Privacy: Privacy means both the sender and the receiver expects confidentiality. The
transmitted message should be sent only to the intended receiver while the message
should be opaque for other users. Only the sender and receiver should be able to
understand the transmitted message as eavesdroppers can intercept the message.
Therefore, there is a requirement to encrypt the message so that the message cannot
be intercepted. This aspect of confidentiality is commonly used to achieve secure
communication.
Message Integrity: Data integrity means that the data must arrive at the receiver
exactly as it was sent. There must be no changes in the data content during
transmission, either maliciously or accident, in a transit. As there are more and more
monetary exchanges over the internet, data integrity is more crucial. The data integrity
must be preserved for secure communication.
End-point authentication: Authentication means that the receiver is sure of the
sender? identity, i.e., no imposter has sent the message.
Non-Repudiation: Non-Repudiation means that the receiver must be able to prove
that the received message has come from a specific sender. The sender must not deny
sending a message that he or she send. The burden of proving the identity comes on
the receiver. For example, if a customer sends a request to transfer the money from
one account to another account, then the bank must have a proof that the customer has
requested for the transaction.

What Is Network Policy?

Network policy is a collection of rules that govern the behaviors of network devices.
Just as a federal or central government may lay down policies for state or districts to
follow to achieve national objectives, network administrators define policies for
network devices to follow to achieve business objectives.
Benefits of network policy
A network that runs on policies can be automated more easily and therefore respond
more quickly to changing needs. Many common tasks, such as adding devices and
users and inserting new applications and services, can now be easily accomplished.
Well-defined policies can benefit a network in the following ways:
 Align the network with business needs
 Provide consistent services across the entire infrastructure
 Bring agility through greater automation
 Make performance dependable and verifiable
An even bigger advantage to enterprises is the security gains from policy. By
granularly defining policies that give users and devices the least amount of access to
resources that they need to do their jobs, you can better protect sensitive data.
Violations can be caught and mitigated quickly. Such zero-trust security measures
reduce risk, contain threats, stop lateral movement of malware, and help verify
regulatory compliance.
Why is it important for a network to follow policies?
A network that follows well-defined policies capably fills business needs that it is
designed to support. Think of network policies as objectives or goals. Without clear
objectives, your network can't be set up to deliver optimally, and without goals, its
performance can't be measured.
Business intent and agility
Network policies reflect business intent. Network controllers ingest business intent
and create policies that help achieve the desired business outcomes. Policies are
enforced and carried out by network equipment such as switches, routers, wireless
access points, and wireless LAN controllers. Networks operated in an ad hoc fashion,
without guiding policies, will likely fail to deliver optimally.
Consistency of experience
Well-executed policies in the network provide consistency of service throughout it,
regardless of locations, means of connectivity, or devices in use. This means users and
things can use the network from anywhere and still have the same access privileges
and quality of network experience.
Network automation
Network devices and their operations can be better automated when guidance exists.
With policies, configurations can be automated and orchestrated so that each device
does what's required to achieve the larger objectives.
Performance monitoring
Once well-understood goals are defined, metrics can be established to measure how
the network is delivering. Continuous analysis of performance helps ensure that
policies are being followed and business objectives are being met.

Network security
With policies in place, any violations can be easier to detect. Security is more easily
enforced, threats more quickly contained, and risk rapidly reduced with security-
related policies.
Role of the Security Policy in Setting up Protocols
Following are some pointers which help in setting u protocols for the security policy
of an organization.

 Who should have access to the system?

 How it should be configured?
 How to communicate with third parties or systems?
Policies are divided in two categories −

 User policies
 IT policies.
User policies generally define the limit of the users towards the computer resources
in a workplace. For example, what are they allowed to install in their computer, if
they can use removable storages.
Whereas, IT policies are designed for IT department, to secure the procedures and
functions of IT fields.
General Policies − This is the policy which defines the rights of the staff and
access level to the systems. Generally, it is included even in the
communication protocol as a preventive measure in case there are any
disasters.
Server Policies − This defines who should have access to the specific server
and with what rights. Which software’s should be installed, level of access to
internet, how they should be updated.
Firewall Access and Configuration Policies − It defines who should have
access to the firewall and what type of access, like monitoring, rules change.
Which ports and services should be allowed and if it should be inbound or
outbound.
Backup Policies − It defines who is the responsible person for backup, what
should be the backup, where it should be backed up, how long it should be
kept and the frequency of the backup.
VPN Policies − These policies generally go with the firewall policy; it defines
those users who should have a VPN access and with what rights. For site-to-
site connections with partners, it defines the access level of the partner to your
network, type of encryption to be set.
Structure of a Security Policy
When you compile a security policy you should have in mind a basic structure in
order to make something practical. Some of the main points which have to be taken
into consideration are −

Description of the Policy and what is the usage for?

Where this policy should be applied?
Functions and responsibilities of the employees that are affected by this
policy.
Procedures that are involved in this policy.
Consequences if the policy is not compatible with company standards.
Types of Policies
In this section we will see the most important types of policies.
Permissive Policy − It is a medium restriction policy where we as an
administrator block just some well-known ports of malware regarding internet
access and just some exploits are taken in consideration.
Prudent Policy − This is a high restriction policy where everything is
blocked regarding the internet access, just a small list of websites is allowed,
and now extra services are allowed in computers to be installed and logs are
maintained for every user.
Acceptance User Policy − This policy regulates the behavior of the users
towards a system or network or even a webpage, so it is explicitly said what a
user can do and cannot in a system. Like are they allowed to share access
codes, can they share resources, etc.
User Account Policy − This policy defines what a user should do in order to
have or maintain another user in a specific system. For example, accessing an
e-commerce webpage. To create this policy, you should answer some
questions such as −
 Should the password be complex or not?
 What age should the users have?
 Maximum allowed tries or fails to log in?
 When the user should be deleted, activated, blocked?
Information Protection Policy − This policy is to regulate access to
information, hot to process information, how to store and how it should be
transferred.
Remote Access Policy − This policy is mainly for big companies where the
user and their branches are outside their headquarters. It tells what should the
users access, when they can work and on which software like SSH, VPN,
RDP.
Firewall Management Policy − This policy has explicitly to do with its
management, which ports should be blocked, what updates should be taken,
how to make changes in the firewall, how long should be the logs be kept.
Special Access Policy − This policy is intended to keep people under control
and monitor the special privileges in their systems and the purpose as to why
they have it. These employees can be team leaders, managers, senior
managers, system administrators, and such high designation-based people.
Network Policy − This policy is to restrict the access of anyone towards the
network resource and make clear who all will access the network. It will also
ensure whether that person should be authenticated or not. This policy also
includes other aspects like, who will authorize the new devices that will be
connected with network? The documentation of network changes. Web filters
and the levels of access. Who should have wireless connection and the type of
authentication, validity of connection session?
Email Usage Policy − This is one of the most important policies that should
be done because many users use the work email for personal purposes as well.
As a result information can leak outside. Some of the key points of this policy
are the employees should know the importance of this system that they have
the privilege to use. They should not open any attachments that look
suspicious. Private and confidential data should not be sent via any encrypted
email.
Software Security Policy − This policy has to do with the software’s
installed in the user computer and what they should have. Some of the key
points of this policy are Software of the company should not be given to third
parties. Only the white list of software’s should be allowed, no other
software’s should be installed in the computer. Warez and pirated software’s
should not be allowed.