3 Major Approaches To Network Security
In my previous articles, I have discussed some of the facts that you need to know about network architectures in organisations. In this article, I want to look at some of the major approaches to network security. Follow me as we look at that together in this article.
Organisations can choose from several approaches to network security. A particular approach or paradigm will influence all other security decisions and set the tone for organisational network security infrastructure.
Network security paradigms can be classified by either the scope of security measures taken or how proactive the system is.
#1 Perimeter Security Approach
In a perimeter security approach, the bulk of the efforts are focused on the perimeter of the network. This focus might include firewalls, proxy servers, password policies, and any technology or procedures that makes unauthorised access to a network less likely.
#2 Layer security approach
A layered security approach is one in which not only is the perimeter secured, but individual systems within the network are also secured. All servers, workstations, routers and hubs within the network are secure.
One way to accomplish this is to divide the network into segments and secure each segment as if it were a separate network so that if the perimeter security is compromised, not all systems are affected. This is the preferred approach whenever possible.
You should also measure your security approach by how proactive or reactive it is. You do this by determining how much of the system’s security infrastructure and policies are dedicated to preventive measures as opposed to how much is devoted to simply responding to an attack after it has occurred.
A passive security approach takes few or no steps to prevent an attack. Conversely, a dynamic security approach, or proactive defence, is one in which steps are taken to prevent the attack before they occur.
One example of a proactive defence is the use of an Intrusion Detection System, which detects an attempt to circumvent the security system.
These systems can tell a system administrator that an attempt has to breach the system’s security but it was not successful. An iDS can also be used to detect various techniques intruders used to access a target system, thus alerting a network administrator to the potential for an attempted breach before the attempt is even initiated.
#3 Hybrid Security approach
In the real world, network security is rarely completed in one paradigm or another. the network generally falls along a continuum with an element of more than one security paradigm. The two categories also combine to form a hybrid approach.
One can have a network that is predominantly passive but layered or one that is primarily perimeter, but proactive.
Considering approaches to computer security along with a cartesian coordinate system, with the x-axis representing the level of passive-active approaches and the y-axis depicting the range from perimeter to layered defence, can be helpful.
The most desirable hybrid approach is a layered paradigm that is dynamic.
Now your take on this argument.
We would also like to hear what you feel about the topic we discussed today. Your feedback is very important to us. Feel free to drop your comments and recommendations. If you have a contrary opinion, you can drop that too.
You can also like our Facebook Page CRMNigeria for more updates. You can do that by clicking on the link or searching for our page on Facebook.
You can also become part of our WhatsApp Group Here.
Enter your email address to get updates when we post our next article. you have to click on the link in the email sent to you to confirm your subscription. If you have been receiving our email updates and it is no longer active, please subscribe again.:
Delivered by FeedBurner
43 total views, 1 views today