Network security consists of the various elements: the provisions made in an underlying computer network infrastructure, network-accessible resources from unauthorized access, policies adopted by the network administrator to protect the network and the effectiveness of these measure combined together.
The network security is a process starting from authenticating any user (most likely a username and a password). From there, once authenticated, a stateful firewall enforces access policies, by example what services are allowed to be accessed by the network users. This component fails to check potentially harmful contents (though it is effective to prevent unauthorized access) such as computer worms transmitted over the network. IPS - Intrusion Prevention System - is an application that helps detect and prevent such malware. This system also monitors for suspicious network traffic for contents, anomalies and volume in order to protect the network from attacks (such as denial of service). To maintain privacy, the communication between two hosts using the network could be encrypted. All the individual events that occur on the network could be tracked for audit purposes and then for a high level analysis.
Honeypots are essentially decoy network-accessible resources. They can be deployed in a network as surveillance and early-warning tools. All attackers use their special techniques that attempt to compromise these decoy resources. These techniques are studied during and after and attack in order to keep an eye on new ways of exploitation. Such analysis are part of the network security process, because they can be used to further tighten security of the actual network that is protected by the honeypot.
|
|
