Attacks can be from internal or external sources and good security officers should plan and define measure to avoid or at least minimize the effects from either source. Since the appearance of ARPANET and the interconnection of networks, security was in most debates for new network design, existing networks audit or systems design. New methods and tools have been developed and keep getting improved. Some of the tools are very robust and provided a very acceptable and hard to break level of security. However, security experts agree on the fact that none of these tools provide a full security and could be trusted 100%, they just made attacks difficult. In most cases attackers will abort their attacks after couple of tries, whereas in some cases where the target is very important or the attacker determined, the biggest security systems have shown that they can be bypassed.
As defined by (Syngress, 2003), “the term firewall comes from the bricks-and-mortar architectural world. In buildings, a firewall is a wall built from heat- or fire- resistant material such as concrete that is intended to slow the spread of fire throw the structure”. Firewalls provide a robust level of security, the security engineers should be aware of what is running (software and services) and how it gets used within the network (which host connects to it and to which host it connects). The firewalls are very static and generally follow a specific rules’ table for allowed or declined connections. Even, if the firewall can’t have a dynamic behaviour nor adapt its rules based on specific event, however it is one of the basic security mechanism that is mandatory in each network and computer, nowadays, most of operating systems have an embedded firewall. Another security mechanism which can be added to a network or host and which could provide additional protection and more dynamic and adaptable behaviour is the IDS. As described by (Bace, 2000) “intrusion detect has become an integral part of modern network security technology” The IDS in addition to checking the headers of incoming and outgoing packets as firewalls, it can also look for suspicious attacks. Based generally on a database recognized attacks which should be kept up to date, the IDS can provide additional security layer to the network, so will be advised to deploy one in the network.
If the company needs users to work from remote location and get access to internal resources (file shares, intranet …etc.), a VPN can be deployed which simulates a network over the Internet, this is why it is called Virtual Private Network.
“A virtual private network allows the provisioning of private network services for an organisation over a public or shared infrastructure such the Internet or service provider backbone.” (Lewis, 2006). Company’s users will get access to internal resources and interact with systems the same way as if they are physically connecter to the company LAN.
The VPN provides another way of security, and most of companies use a mixture of these technics to increase their security and perform regular security audits by experts to review and improve their networks.
– Syngress, (2003). The Best Damn Firewall Book Period. ISBN: 0080476066.
– Rebecca Gurley Bace (2000). Intrusion Detection. Macmillan technology series. Mtp Series, Technology series. ISBN: 9781578701858.
– Mark Lewis (2006). Comparing, Designing, and Deploying VPNs. Cisco Press networking technology series, Cisco Systems Networking Technology Series. ISBN: 1587051796