Implementing thorough Network Security (Thesis ) - 2750 Words

Implementing thorough Network Security (Thesis Sample) Content: Topic: Implementing thorough network security measures in a corporate settingFull NamesUniversityIntroductionNetworking is a norm in many corporate- based institutions in modern society. Computerized applications, software, and communication haves been greatly deployed to foster service delivery within the organizations. Despite the many merits tied to networking, it poses some threats that can proveof costly if it is not handled professionally. The gGood news is that there are measures that can be adopted to form a robust computer network system that will ensure minimal or no intrusion by any assailants. This paper willseeks to explore a number of factors indicative of weak computer networking systems, and various measures to plan and enable toughstern security. In addition, the paper will discuss measures that can be employedhandy when dealing with a networking crisis that has befallen a particular organization. All examples and assumptions discussed will assume a p urely corporate business environment.An evaluation of the concept of network security within a corporate setting.Networking in any organization is always tailored to meet specific requirements. The design is set up to ensure total quality service delivery by incorporating the relevant software and databases required byalleged to a corporate body. Communication protocols designed for any network will always assume the TCP/IP or OSI mModels. Computer networking therefore uses a uniform internal pattern and mode of operation to ensure success in networking. This is regardless of the external configuration of computers, routers, hubs, switches, and other networking devicses. Network security cuts across every system in the organization. Currently, firms are on highhighly alert due toconcerning an increasing number of cases of rising network insecurity (Ayday, Delgosha, Fekri, 2007). In their 2007 work, Ayday et al., Delgosha and Fekri (2007) further illustrated that security concerns n ot only arise from external attacks, but also include internal threats to an organization. Because of thisIn this regard, the researchers highlighted the need to be especially vigilant for any security weaknesseskeep vigil on any security loopholes to prevent unwanted cases of attack or breakdown. For instance, if onea member of a corporate organization accesses the content of anotherthe other illegally, this is a security breach; and necessary procedures must be in place toare necessary to prevent such scenarios. Other forms of threats include attacks from anonymous persons, craushing and loss of information, attacks from viruses and malware, system complexity, and instances of unknown parameters among others.Exposure to the iInternet, a local area network, or a larger networking environment hasve been a leading factorplayer in creatingenhancing insecure networks for many corporate organizations. According to Ayday et al., Delgosha and Fekri (2007), companies experience major chall engesing times in trying to ensure their networks remain secure. The researchers argue that this has even stoppedbarred some from adopting virtualization techniques such as cloud computing, for fear of intrusion. It is always costly for an organization to deal with instances of cyber-attackcyber-attack.A computer networking systems needs to be individually tailoredbespoken to tackle any cases of security failure. A nNetwork can be defined as an interconnection of computers that share information (Bulusu, Heidemann, Estrin, Tran, 2004). The researchersy latter believe that all components in the network need to be free from all sorts of attacks. This is because failure at one point is likely to hamper delivery forof the entire system. In response, the systems need to be regularly monitored to prevent instances of breakdown. Network security includesentail all techniques adopted to prevent instances of loss of data; such security allows the organization to feel confident. and thus con fidence to an organization. To begin, bBeefing up security has to cover the most basic components, all the way up tocommence from the basic level to complex levels of networking models. This is particularly in particular applicable in cases where the Iinternet is a major source of information or communication for an organization. Also, there should beis need to induce a centralized administration of the network to ensure quick detection of any security breaches unwanted instances of insecurity.The main areas in any corporate networking setting that have to be watched closely include: * The internal local area networks and all devices that use the same protocols in this network. This may be extended to wide area networks or metropolitan area networks if available. * Internet usage and the websites occasionally used. * Dial-up connections and modems. * Extended connections to other corporate business partners or clients.The design of any network has to meet the following discussed at tributes to be declared safe. 1 Authentication: T - this will ensure any information channeled via this network reaches its rightful destination and that only allowed persons in a network receive the information. It also enables valid messages and reduces instances of spam messages. 2 Access control: T - this will involve setting up user accounts for all members of the organization to ensure only valid users access information via the private corporate network. 3 Nonrepudiation: T- this technique is applied in instances where communication has to run both ways,be dual way and it ensures that both parties will receive messagespossibility of both parties receiving a message. 4 Availability: T - this parameter defines existence of a network at all instances. A good network should register the least cases of time-outs during working hours of any organization. 5 Integrity: T- this prevents possible hacking or manipulation of the sent messages. In any networking environment, security tech niques should be employed to repel hackers keep off hackers at all costs.The above discussed parameters are the core elements of any secure networking environment. Steps forto meeting them will be discussed in the appropriate sections of this paper.An explanation of the requirements that would be necessary to adequately respond to any threat, including to include a planned attack, natural disaster, or accidental equipment failure.During configuration and setup of computer networks, effective and sufficient security techniques, policies, and practices must be implemented if attacks are to be kept at bay. Such technologies used to mitigate networking attacks should include entail firewalls; software updates and patches installations;, threat detection;, encryption;, penetration testing;, and authentication methods; among others.The technologies used are discussed below: * Firewalls: * A firewall is the key technology used to filter out unwanted communication and access to any system. In athe computer networks, it can either be installed as a hardware device, software device, or both. The firewall system limits traffic to and from a system and gives room for pre-defined activities and resources to communicate through the filter wall. The firewalls can be used by the company to define the kind of operations that are allowed from the customer end, thus reducing the risk of experiencing computer network attacks. * Secure Socket layer: * This defines encryption between a host and a client, for our case, between the customers situated in different locations and the companyà ¢Ã¢â€š ¬s web server. This will safeguard the customersà ¢Ã¢â€š ¬ information and ensure that it does not they do not fall into the wrong hands of fraudsters. For instance, customersà ¢Ã¢â€š ¬ confidential informationà ¢Ã¢â€š ¬ (whenever a site is visited and the information used) like credit card numbers, Social Security Numbers, or p and Personal addressesà ¢Ã¢â€š ¬ isare encrypted before be ing transmitted over the computer network. This technology ensures that even if packets containing the confidential data falls into the wrong hands, they cannot be accessed and confidential data cannot be retrieved. This alone, gives customers more confidence to use the companyà ¢Ã¢â€š ¬s network to a great extent. * Brute Force Alert Detection Software: * Such software is able to detect when an intruder is trying to gain illegal access to the server by sending multiple log in requests using trial technique. The software, in such a case, will mark the offending IP address and block server access from them. This will prevent brute attacks and ensure that the companyà ¢Ã¢â€š ¬s network runs smoothly. * Transport Layer Security: * Transport Layer Security functions just like the Secure Socket Layer. Its main job in a network is to bar attackers from accessing confidential information. This technology ensures that message forgery, eavesdropping, or tampering is absolutely not possible . * * XSS Fixing using Scanner Software and Secure Customer Authentication * XSS Fixing using Scanner Software and Secure Customer Authentication: As a further means of preventing unauthorized installation and distribution of malicious software on the server, any loop hole in cross-site scripting should be analyzed, fixed, and controlled. Moreover, during the web network configuration, more investment should be directed at firmly securing the customer authentication process using security protocols like SSL certificates. * Antivirus and updates:Antiviruses help monitor and eliminate any potential threat in a system. An active antivirus program, therefore, when installed in the distributed networking environment, will ensure that malicious software isare kept off the network and distribution of information within the network is kept as secure as possible.An eva...