Network Security

Securing your company network can seem like a daunting task. Ten years ago, security professionals focused on installing firewall systems to create a hardened shell around a company’s internal systems. In this era, little effort was expended to secure computers and other devices inside of the company network. The mantra of the day was, “we have a firewall, so we are secure.” While today’s notion of security is much different, network security is still one of the most important components of a company’s Cyber Security program.

With the sheer volume of threats to protect against, one would think that you would need the latest and greatest security tools in order to adequately protect your network. This is really not the case. While those tools are certainly effective, you can still achieve a significant level of security by ensuring that you have basic network security solutions in place. In most cases you can do this without spending your first year’s profits.

In order to provide a reasonable level of network security, small businesses should ensure that they deploy business class networking equipment in their environments, change all administrative passwords on these devices from the default passwords, and place the internal network behind a firewall. Firewalls are used to segment your company’s internal network from the Internet. In addition to internal and external segmentation, the internal network can be further sub-divided to reduce the damage of an intrusion or worm outbreak. Generally this is done by creating a segment for the most critical servers to separate them from the rest of the organization’s computers, printers and other devices.

Many of today’s small business firewalls include Unified Threat Management (UTM) functionality. In addition to the traditional firewall capabilities, a UTM may include a number of extended capabilities like Intrusion (attack) detection and prevention, virus scanning, internet filtering and remote access capabilities. This can be a cost effective way to introduce an array of security controls while eliminating the need to manage and support multiple product deployments.

Make sure your network security includes Threat defense, which includes:
• Defending the edge-Using firewalls and intrusion prevention systems (IPSs) to fortify the network edge against intrusion and attack.
• Protecting the interior-Placing safeguards at important points to protect the network against emerging internal attacks.
• Guarding the endpoints-Proactively defending against infection and damage to hosts
• Trust and identity, which means ensuring that you always know who is on the network and can control what they have access to
• Secure communications, including secure internal and external voice and data communications