Secure networking ensures that the network is available to perform its appointed task by protecting it from attacks originating inside and outside the organization.
Traditional thinking equates this to a handful of specific requirements, including user authentication, user device protection and point solutions. however, the move to convergence, together with greater workforce mobility, exposes networks to new vulnerabilities, as any connected user can potentially attack the network.
Application traffic must be securely delivered across the network, avoiding threats such as theft of intellectual property or private data. in addition, the underlying infrastructure must be protected against service disruption (in which the network is not available for its intended use) and service theft ( in which an unauthorized user accesses network bandwidth, or an authorized user accesses unauthorized services).
While most organizations focus on securing the application traffic, few put sufficient infrastructure focus beyond point solutions such as firewalls. to protect the total network, security must be incorporated in all layers and the complete networking life cycle.
Secure networking layers
Secure networking involves securing the application traffic as it traverses the network. it should encompass these areas:
Perimeter security protects the network applications from outside attack, through technologies such as firewall and intrusion detection.
Communications security provides data confidentiality, integrity and non repudiation, typically through the use of Secure Sockets Layer or IPsec virtual private networks (VPN).
Secure networking extends this by protecting the underlying infrastructure from attack.
Platform security ensures that each device is available to perform its intended function and doesn’t become the network ‘s single point of failure. the network security plan should include antivirus checking and host – based intrusion detection, along with endpoint compliance, to ensure that security policies cheak user device for required security software.