Networking and security go hand-in-hand. You cannot have one without the other in today’s business world. So much of our data is passed over a network, especially over the Internet. Without networking security, our data would be fully exposed. That exposure of sensitive data could have devastating effects on your business.
Networking security is a massive topic so let’s get you started with ten terms you must know to be successful in networking security:
CIA – Confidentiality, Integrity and Availability
Yeah, it’s three words, but these three words make up the CIA Triad. These three words make up the pillars of security. Confidentiality means keeping private data private. Integrity means making sure all changes to data are approved. Availability means being able to access data when needed. All of your network security configurations will be to protect one or all of these terms.
ACL – Access Control List
In addition to CIA, we also consider Access Control to be critical in preserving both Confidentiality and Integrity. This is done primarily with an Access Control List. ACLs are rules that either allow or deny data packets, sessions or users from accessing various network resources.
AAA – Authentication, Authorization and Accounting
Access Control is composed of these three elements and we call it AAA. Authentication is proving your identity. Authorization defines your level of access. Accounting is the monitoring of access to ensure accountability.
Taken literally, cryptography means “buried or hidden writing.” Cryptography allows us to hide our data from unauthorized access and ensure that it remains in its original form except by authorized users. Encryption is the process by which data is hidden. This process is controlled by keys.
Firewall is the quintessential networking security device. Firewalls are placed on the edge of a network to regulate the traffic that comes in and out of that network. They can exist as hardware such as a packet filter in a router. They can exist as software such as the Windows Firewall in Windows 10. Access Control Lists are created to establish rules regarding which types of traffic is allowed and which is denied. Firewalls can filter basic packet data, stateful session data, and even the data in a packet.
IDPS – Intrusion Detection and Prevention System
A firewall cannot stop every malicious packet. IDPS monitors networks and systems for any anomalous behavior or any behavior that matches known attack patterns. The D part, Detection, alerts the administrator while the P part, Prevention, attempts to block the attack from continuing. Many implementations only utilize the detection component.
VPN – Virtual Private Network
This is one of the more common types of encryption technologies. VPNs create a secure private tunnel between two systems. This is especially important when data is flowing over an untrusted network like the Internet.
Secure Sockets Layer/Transport Layer Security
So, this one has two names. SSL (Secure Sockets Layer) is the original name and protocol. TLS (Transport Layer Security) is the newest version. They are very different and not compatible with each other. But, a lot of people still call it SSL, even though we don’t use SSL anymore. TLS is made up of two components: encryption and authentication. The authentication utilizes security certificates which are verified by your web browser. Once the server is authenticated by its server, the data is then fully encrypted. This technology is used any time your personal data will be transmitted across an insecure connection. Organizations like the government, banks and ecommerce sites rely on this encryption to protect their private data.
E-mail is a way of life. It’s the way businesses and organizations communicate about very important things. However, e-mail has one major weakness: authentication. You can’t be sure who is sending the e-mail. Attackers take advantage of this and attempt to convince users to take action such as reply with private data, open attachments to download malware, or click malicious links. Networking security professionals must be aware of this threat so proper protections can be put in place.
There is a lot of malware out there. But the one that strikes fear into the heart of any network security professional is ransomware. Ransomware penetrates your network (usually due to user negligence like clicking a malicious link) and begins to encrypt all of the data on the network. Once the data is encrypted, the attacker holds the key hostage preventing you from accessing your data until you pay the requested ransom. The only hope of recovery without paying is if you happen to have a current backup of all the affected data. Without this, the data is as good as gone.
So there you have it. There are obviously many more terms in networking security but these ten are core security concepts that you cannot do without. These terms form the foundation for other security concepts and will make you a stronger and more secure networking professional.