Scribd
Upload
14 views5 pages

Lecture # 6

Uploaded by

Zahid Abbas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
14 views5 pages

Lecture # 6

Uploaded by

Zahid Abbas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Host-Based Security System (HBSS) and Network-Based Security System

Starting from the scratch, let’s see what is meant by HBSS and NBSS before moving on to their
best practices and common issues! Truly speaking, host based and network based security issues
can get tricky to handle

Network security is a system solely made to target all the traffic passing from the Internet to
LAN and vice versa to create a secure infrastructure. It filters out all the users and is found ideal
for the defense of the underlying networking structure from illegal access, misuse, or shoplifting.
For enhanced security purposes of devices, applications, and customers, it guards your data
against intrusions and cyber threats.

A host-Based Security System is an advanced software application, or we can say a collection of


various applications that are installed on a singular server, laptop, or computer. It is made to
offer consistent and fool-proof security by detecting upcoming traffic or new hosts, confirming
signatures, and inspecting firewall strategies. Majorly used in the United States Department of
Defense security system, HBSS analyzes and eliminates minor to major threats via robust
firewall protection.

Placement:

 NETWORK-BASED SECURITY SYSTEM: Customarily installed at the perimeter of


the network such as Internet handoff point for identifying and catching all unlicensed
entries right at the entry or exit point
 HOST-BASED SECURITY SYSTEM: Considering it a 2nd line of defense, it is installed
somewhere inside the systems to detect the unauthorized entry if Network based firewall
fails to block

Hardware or Software Based:


 Network based security system is hardware based
 Host based security system is software based

Work On:

 Network based security system is network level


 Host based security system is host level

Movement:

 Network based security system is not so flexible in terms of mobility. It can only be
moved when all LAN assets are migrated to a new & secure location
 HBSS is mobile-friendly as it is implemented on end machine (Computer/ Laptop)

Protection for the Same VLAN:

 NBSS: Doesn’t offer internal security in end host to end host communication using
similar VLAN
 HBSS: It offers maximum communication security control and protection even if
operating in the same zone

Network Protection:

 NBSS: Stronger defense barrier in comparison to HBSS


 HBSS: Limited defense barrier

Scalability:

 NBSS: Easy to scale whenever more bandwidth is required


 HBSS: Needs hard work and effort to scale up for more installations and features

Cost:
 NBSS: Lower when it comes to huge enterprise
 HBSS: Higher when it comes to huge enterprise

Major Differences Between Host-Based and Network Security


Before choosing a solution for your business, you should be aware of several critical differences
between host-based and network security.
● a primary difference is the level of protection that each solution provides. Host-based security
only protects one device, while network security can protect an entire network.
● another difference is the cost. Host-based security is often less expensive than network
security, depending on your chosen solution.
● Finally, host-based security is usually easier to install and configure than network security.
Network security can be easier to set up if you have the proper tools, but it is often more
complicated than host-based security.

Keep in mind that although host-based and network security are different, they can be used
together to create a more comprehensive security system. Combining these two solutions allows
you to protect more devices than you could with either solution alone.

Issues in the Host-Based Security System (HBSS):

In HBSS, most of the problems are caught in 3 principal areas:

 Application protection – protecting agents from hostile hosts


 Host environment protection – protecting hosts from agents
 Data protection – protecting data in transit

It highlights the problem of this system is less capable and prone to be compromised by any
cyber-attack. Moreover, they need additional computing power to work correctly.

Issues in Network-Based Security:

 The signatures are usually outdated, not advanced, and fail to detect Zero-day attacks
 Packet inspection seems to act blindly towards encrypted traffic. Besides, it gives tough
time to upgrade
 Network monitoring cannot see any host activity or any new processes carried out by the
customer
 The removable media cannot be detected
 They are not capable of handling switched networks
 Network monitoring fails in the department of “log collection”

Best Practices in Network-Based and Host-Based Security Systems:

 To ensure the maximum safety and remove host-based and network-based security issues,
always make your password intense and unique, lengthy and unpredictable
 Keep a close check on customer’s permissions
 Always go for a well-planned and fool-proof security policy
 Prefer using Centralized Logging and never miss out on Immediate Log Analysis
 Allow a restricted number of users/team members to access the accounts and other
services
 To guarantee the best flow of services and task deployment, keep security devices
correctly
 Never practice Disabling the Personal Firewalls upon installing HBBS or NBSS
 Do not forget to change the default or well-known login accounts on the machine
 Quickly disable the accounts or any special services that are not in use anymore
 Make visibility your top priority
 Use Honeypots and Honeynets
 Create and implement the least-privilege principle (feasible for access management and
control)
 Never skip the testing of the system’s backups and disaster recovery plan in a consistent
manner, as it is an efficient solution to host-based and network-based security issues
 The easiest way to maximize the protection is to use VPNs
 Install the IDS (intrusion detection system) correctly
 The preferable option is to opt for an automated response to cyber threats
 Don’t forget to secure your network equipment physically

You might also like