Security of networks is key when it comes to protecting data in organizations. This is why more companies are taking interest in securing their company networks in a bid to protect their company secrets. Governments are doing the same in protecting national and government facilities and data.
In this paper, we are going to look at the specific ways in which different types o networks are protected and how they can complement each other. We are also going to look at the ups and downs of each and try to establish whether they can work together or whether they are going to cause conflict.
In securing the network, one has to define policies that govern the network. Security policies in many cases are either formal or informal. Many of the policies that companies adopt are sometimes ineffective and the best way to go about that is having a combination of two or more policies to complement each other in case the pre-dominant one fails.
In defining the policy to use, one has to first assess the kinds of risks that the organization faces, whether they are low risk, medium risk or high risk threats to the network. These risks are graded according to the severity in which they compromise the network system and end up causing legal proceedings to prosecute the perpetrators of the acts. A good example is ATM switches. These are described as core network devices which need to be guarded closely. The probability that they are going to be hacked is quite high so the kinds of policies that are going to be adopted are such that they provide access to administrators with the highest clearance possible (Avolio & Fallin, 2007).
After analyzing the threats, one has to come up with a team that is going to handle the security protocol to be observed in the organization. There are different protocols that are adopted for wired and wireless networks. For example there is the wired equivalent privacy (WEP) that encrypts each 802.11 packet. It does so by encrypting it with an RC4 cipher stream that has been generated by the64-bit RC4 key. The key contains a 24-bit vector called Initialization Vector and it also has a 40-bit key, the WEP key (BulBul, Batmaz & Ozel, 2008).
For wireless we have WPA or the WPA2. WPA stands for Wi-Fi Protected Access which was initially used in 2003 but the WPA2 came later. WPA2 came later to reimburse the deficits that WEP had in a bid to make wireless security tighter and more secure. WPA2 has the following advantages: data encryption was improved, the network requires users to have authentication and integrity of the network (BulBul, Batmaz & Ozel, 2008).
Other security protocol that can be used include IDS is short for intrusion detection systems is used to flag suspicious users who have illegally acquired access to a LAN. Intrusion detection systems also alert the system administrator what and where the intruder is targeting. It is usually the fallback option in case the IPS fails to prevent intruder access (BulBul, Batmaz & Ozel, 2008).
IPS or Intrusion prevention systems come ahead of the IDS. They are used to raise alarms when an unauthorized user is trying to gain access to a private network. This will in turn lead to action being taken against the intruder either by software or by the system admin depending on security protocol or policies (Cisco Validated Design, 2008).
Network access controls or simply access controls are mechanisms deployed by a system administrator to define who accesses what information in a system. It defines privileges or permissions granted to authorized network or system users. Usually higher tier level users have access to their level and the lower ones whereas the lower tier level users have only access to their levels. In technical terms, a lower level tier user can write to a higher level but cannot read higher levels. A higher level user can read the low level but cannot write the lower level (Trapeze Networks, 2008).
Firewalls are software programs located at the gateway of private intranets that connect to the wider WAN or internet. Firewalls scan packets to make sure that unauthorized users do not access internal private networks resources directly. Usually if outsiders are to access the private network, they are usually either previously known via a domain name or IP. In case of dynamic IPs secure log on certificates are issued to these users to ensure they do not have to undergo constant rigorous screening before accessing the private network like new users (Trapeze Networks, 2008).
When using the above network securities to complement each other, wired and wireless networks may be used in such a way that all the security policies will be adhered to. With wired networks, it is easy for companies like National International Service Provider to limit the number of persons allowed to access certain information to those with physical access in the organization and general, less risky information be made available to the general public.
While using this, it will be not possible to have network security compromised and the integrity of the network will always be top notch.
BulBul H.I., Batmaz I. & Ozel M., (2008). Wireless Network Security: Comparison of WEP (Wired Equivalent Privacy) Mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) Security Protocols. Forensics, Adelaide, Australia.
Avolio F. M. & Fallin S., (2007). Producing Your Network Security Policy. Watch Guard Technologies, Inc.
Cisco Validated Design, (2008). Wireless and Network Security Integration Design Guide. Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706, USA.
Trapeze Networks, (2008). Wired and Wireless Security Best Practices. Trapeze Networks, Inc.
(Avolio & Fallin, 2007)