Thursday, 20 January, 2022

Love With 88

Guide For Double 88

single post

  • Home
  • Types Of Network Security
media, Services

Types Of Network Security


Network Security is the next wave which is bound to be sweeping across the software
market. Development of offshore projects, and transfer of data
This wire connection has increased the intensity of the urge to secure the
network. The famous adage says the safest computer is
one that has been disconnected out of the network(making it nearly
useless). Security of the network
is becoming an essential requirement The type of security
the requirements of different businesses is contingent on the nature of the work.
business. Offlate some laws & acts are defined as
identify security breaches, which is a fantastic way to protect yourself from
Access to information through unauthorized use. There are two types of software.
for Network security to prevent it and one which does the
forensic analysis. The primary focus of this article would be
the forensics of network security.

What is Network Security?

security for networks: the
Protection of computer networks and its services from interference by third parties
modification, destruction, or

Security for networks is a self-contradictory idea that you must
Give you complete access and at the same time ensure absolute security.
Any enterprise needs to secure itself from the two possible access points
information/transaction for that matter(ex:ftp,http etc. ) internal
access and access externally. Securing the access of information or
sources from the outside world(WWW) is an extremely difficult task to master, that
This is where firewalls take place. The firewalls act as gatekeepers that
seggregate the intrusive and non-intrusive requests, and permit access.
The process of setting up and maintaining a firewall is by itself a task which
You need experience and know-how. There aren’t any hard and fast rules
to instruct the firewalls to send out firewalls the firewall is
implemented and in what way the business plans to grant access to
information/resources. Therefore, the effectiveness of any firewall depends on
How well or poorly the configuration you make. Make sure you know about the firewalls
are pre-configured rules which are intended to ease the job of
Securing access to information from external sources. In short
firewall gives you information about attacks that originate from
external world.

The most difficult job is to secure information from the internal sources.
In addition to securing it managers should monitor the information flow, to
determine the potential causality. The monitoring of information flow will
will be helpful in the event of legal problems. Because what seemingly may be
Sharing information can be found to be illegal by a court of
law. To make this law more effective, legislation such as HIPAA, GLBA, SOX have been
putforth, to ensure that you are able to ensure that the scam(s) similar to that is that “Enron” does
This will never happen. In the end, tracking audits and information gives you
Information on security breaches and possible internal attack.

There are many attacks on security of networks:

  • Denial of Service
  • Virus attacks
  • Unauthorized Access
  • Infractions to confidentiality
  • Destruction of information
  • Data manipulation

Incredibly, all of these details are accessible across the
business in the form log files. But , to get it read
and making sense out of it, will take a life time. That is where the
“Network Security” monitoring also called “Log Monitoring” softwares
Join in. They do a beautiful
task of making sense of the information dispersed across different
places and provide the system administrators a holistic view of what
What happens in their network, in terms of Network Security. In essence, they
collect,collate,analyze & produce reports which help the
system administrator to keep tabs the Network Security.

“Network Security” -Monitoring

Whatever the best your defense systems are you must have someone
to understand the massive amount of data produced by an edge
devices like firewalls and system logs. The usual logs of an enterprise
around 2-3GB/day, depending on the company, the size may vary. The
main goal of the forensic software is to mine through the enormous amount
of information and highlight of events that need to be considered. The
“Network security” softwares play significant roles in identifying the
security breaches and causatives that are occurring in the

The most significant areas that must be addressed by any network
security product will provide the ability to defend against a variety of viruses
different edge devices in the different edge devices in the. What does this mean for
Enterprise is a comprehensive view, of the attacks happening throughout the
enterprise. It provides a comprehensive overview of the bandwidth
usage, it should also report on access by users. The
The product must highlight security infractions and the misuse of the internet
access, this will permit administrators to access the necessary steps
steps. The edge device monitoring product has to provide different
stuffs like Traffic trends,insight into capacity planning and things like capacity planning, traffic trends and
traffic monitoring, which can assist the administrator discover the cause
to alleviate network to reduce network.

The internal monitoring software has the ability to provide audit information of
security breaches, users, and audit trails of activity (ex remote
access) The majority of administrators aren’t aware of the requirements
for the
Compliance acts, it is better to cross reference the laws that apply to
their company and make sure the product supports reporting for the
compliance acts(please look up here
to learn more about compliance)

In addition, they’ll have to support archiving, scheduling of
report and a full listing of reports. please follow the next
section for more details.

“Network Security” -Forensics

The most essential aspects you must consider
lookout, when you are shortlisting the network security forensics products is the
to save the raw records. This is an important issue when it comes
law and acts. In a court in law the first record has to be
It is a proof document, not an exact format as specified by the vendor. The
Another thing to watch out for is the capability to generate alerts, i.e the
the ability to notify when certain condition occurs. For example, if 3
unsuccessful login attempts mail me stuff unsuccessful login attempts, or even worse, if
there is a threat of virus for from an identical host more than once, inform
me etc. This will reduce the lot of manual intervention needed in
maintaining the security of the network. Furthermore, the ability of scheduling
Reports are a huge benefit. You don’t have to check the reports every day. Once
you’ve completed your ground work as to configure an initial set of alerts.
some scheduled reports. It’s going to be a breeze beginning at that point. All
you need to do is check out the information(alerts/reports) you get in
your inbox. It is suggested that you make reports available on a regular basis.
basis. This way, it’s never too late to react to any threat that could be threatening.
A comprehensive report listing is a crucial element for
be on the lookout for. Here’s a listing of information that could be useful
for any business:

Reports to expect from edge devices like a firewall:

  1. Live monitoring
  2. Security reports
  3. Virus reports
  4. Attack reports
  5. Traffic reports
  6. Protocol usage reports
  7. Web usage reports
  8. Reports on the use of mail
  9. FTP reports on usage
  10. Telnet usage reports
  11. VPN reports
  12. Inbound/Outbound traffic reports
  13. Intranet reports
  14. Internet reports
  15. Trend reports

Reports to expect from compliance and internal monitoring
( refer to the sub-heading on compliance for the reports on compliance)

  1. User Audit reports (successful/unsuccessful login attempts)
  2. Audit policy changes (ex: change in privileges etc)
  3. Passwords are changed
  4. Account Lockout
  5. Changes to user accounts
  6. IIS reports
  7. DHCP reports
  8. MSI reports( lists the products installed/uninstalled)
  9. Group policy changes
  10. RPC reports
  11. DNS reports
  12. Active directory reports

The primary factor in deciding on a monitoring product is the cross-check
whether the devices you have in your network are supported by the
vendor you choose. There are many of items that
address this market, you might want to try searching for “firewall analyzer”
“eventlog analyzer” and “eventlog analyzer” in domain.

“Network Security” -Compliance

A majority of the industries such as health care or financial
institutions are required to stay fully compliant with HIPAA and SOX acts.
These regulations enforce stringent standards across all areas of the business
This includes physical access to information, including physical access. (This section
It focuses on the requirement for software of the acts) There are many
number of agencies that offer the compliance as a service to several agencies offering the service.
enterprise. It all depends on how you intend to manage compliance
yourself or employ a third-party vendor to ensure compliance to the

HIPAA Compliance:

HIPAA is the definition of Security Standards for monitoring and auditing system
activity. HIPAA regulations require an investigation of all logs,
including OS
and application logs, including as well as perimeter devices, such as IDSs
and insider activity. Here are some crucial reports that
There must be a plan in the right place:

  1. Log-in report: Logon Report: HIPAA requirements (164.308 (a)(5) Log-in/log-out monitoring) clearly specify that users’ accesses to the system be documented and monitored for potential abuse. Keep in mind that the goal is not just to catch hackers but also to document the information that is accessed from legitimate patients. In many cases, the very fact that the access is recorded is sufficient to stop malicious activity as is having a security camera inside a parking space.
  2. User Logoff report: HIPAA requirements clearly state that the access of users to the system must be recorded and monitored for abuse. It is important to remember that this is not just to catch hackers, but also to record the medical details that are accessed for legitimate clients. In many cases the mere possibility of having the access recorded is deterrent enough for illegal activity, like an in-car surveillance camera inside a parking lot.
  3. Logon Failure report Security Logon feature includes logging all unsuccessful login attempts. The username, date, and time are all included in this report.
  4. Audit Logs access report: HIPAA requirements (164.308 (a)(3) Review and audit access logs) requires that procedures be implemented for reviewing records regularly of information system operations such as audit logs.
  5. Security Log Archiving Utility:Periodically, the system administrator will be able to back up encrypted copies of the log data and restart the logs.

SOX Compliance:

Sarbanes-Oxlet defines the collection,retention and review of audit
trail logs from all sources under section 404’s IT process
controls. These logs form the basis of internal controls.
give businesses confidence that their business and financial needs are taken care of
Information is reliable and true. Here are a few of the most important
Look for these reports:

  1. User Logon report: SOX regulations (Sec 302 (a)(4)(C) and (D) Log-in/log-out monitoring) clearly stipulate that user accesses to the system be tracked and monitored for fraud. Be aware that this goal isn’t just to find criminals, but also document the use of medical data for legitimate clients. In most cases the mere fact that access is recorded can be sufficient to stop malicious activity similar to that of having a surveillance camera within a parking garage.
  2. Logoff report for user Logoff report: SOX requirements (Sec 302 (a)(4)(C) and (D) clearly stipulate that the user’s access to the system should be documented and monitored for potential abuse. It is important to remember that the goal is not only to identify hackers, but also to record the use of medical information that legitimate customers have. In most cases the mere fact that the access is recorded is sufficient to stop malicious activity just like an in-car surveillance camera inside a parking space.
  3. Logon Failure reportThe security logon feature includes logging all unsuccessful login attempts. The name of the user as well as the date and time are recorded in this report.
  4. Audit Logs access report:SOX regulations (Sec 302 (a)(4)(C) and (D) – review or audit access logs) requires processes to review regularly the records of system activity, like audit logs.
  5. Security Log Archiving Utility:Periodically, the system administrator will be able to back up encrypted copies of the log data and restart the logs.
  6. Changes to the management of track accounts: Significant modifications to the internal controls, sec 302 (a)(6). Changes in security settings, for example the addition or removal of a user account to a admistrative group. Changes in security configurations can be monitored by looking at logs of events.
  7. Changes to the security audit policy: Internal controls Section 302 (a)(5) by monitoring the logs of events for changes to the policy for security audits.
  8. Monitor individual user actions: Internal controls, sec 302 (a)(5) by recording user activity.
  9. Track application access:Internal controls sec 302 (a)(5) by tracking application process.
  10. Track directory / file access:Internal regulations, sec 302 (a)(5) for any access violation.

GLBA Compliance:

The Financial Services Modernization Act (FMA99) was enacted in
January 1999 (PL 106-102). Commonly referred to as the
Gramm-Leach-Bliley Act also known as GLBA, Title V of the Act determines the rules
banks and other financial service businesses must
take steps to ensure the security and privacy of the customer
information. The Act states that financial service companies
frequently gather Non-Public Personal Information (NPI) from
individuals, and must notify them when they share information with
outside of the company (or affiliate structure) as well, in certain instances,
when using such information in situations not related to the
furtherance of a specific financial transaction.

  1. User Logon report:GLBA Compliance standards clearly require that users’ access to the system is documented and monitored for potential abuse. Be aware that this goal isn’t just to catch hackers , but also to document the accesses to medical details that legitimate customers have. In the majority of cases the fact that the access is recorded is enough to deter malicious activities just like an in-car surveillance camera in a parking lot.
  2. Logoff report for user Logoff report: The GLBA’s requirements specify that user accesses to the system must be documented and monitored for any potential misuse. It is important to remember that the purpose of this isn’t just to catch hackers, but also to record the use of medical data by legitimate users. Most of the time the mere fact that the access is recorded is sufficient to stop malicious activity, much like the presence of a security camera inside a parking garage.
  3. Logon Failure report:The security logon function logs all unsuccessful login attempts. The name of the user as well as date and time are recorded in this report.
  4. Audit Logs access report: GLAB requirements (review and audit access logs) calls for procedures to review regularly the records of system-related information such as audit logs.
  5. Security Log Archiving Utility:Periodically, the system administrator will be able to back up encrypted copies of the log data and restart the logs.


“Network Security” has to be handled both internally as well as
externally, the job of finding the root of the issue is a huge task
which needs expertise and mostly help from softwares such as EventLog Analyzers(compliance and internal monitoring of internal machines) and Firewall Analyzer(virus,attacks
and monitoring traffic on edge devices for traffic monitoring).

0 comment on Types Of Network Security

Write a comment

Your email address will not be published. Required fields are marked *