Elements Of Network Security

1625 Words7 Pages
Elements of Network Security Introduction The primary objective of a network security system is to, in a cost effective manner, balance convenient access to legitimate users and inaccessibility to attackers. In a nutshell, the goal is to prevent connectivity to anyone intending to cause harm to the network. The harm to which this paper refers can come in the following forms: 1. Application-level security threats, such as e-mail viruses and attachments. 2. Threats to network infrastructure devices. 3. Theft of network connectivity services. 4. Unauthorized access from internal and external sources. 5. Denial of service attacks. Using a proper network security strategy reduces and, in some cases, even avoids the listed harmful attacks from occurring on a network (Gary, T., et al, Mar. 2002). This paper will discuss such a strategy used by the Los Angeles Department of Water and Power (LADWP), as well as the strategy's three primary elements: prevention, detection, and recovery. Prevention Surprisingly, the most common threat to a company's information assets does not come from the sly and cunning computer hacker that is glamorized by Hollywood movies, but from human error, inappropriate disclosures, and sheer carelessness on the part of the company's employees. Hackers who do intentionally tamper with the company's network often do so because they are tempted by assets they know are poorly protected. Weak security policies present the image that a company does not truly value its assets, which in turn attracts the petty thief and curiosity seeker. Therefore, the preventive element of any network security system should include a strong and enforceable security policy for its employees to follow, re-enforced by a form ... ... middle of paper ... ...y is ultimately in the hands of people, making them the greatest tool in defending the system, or the weakest link that will lead to the systems failure. References: Control Data Systems Inc. (1999). Why security policies fail. [Electronic version] Retrieved Nov. 25, 2005, from http://downloads.securityfocus.com/library/Why_Security_Policies_Fail.pdf Denning, G. (1998). An intrusion-detection model. [Electronic version]. Retrieved Nov. 25, 2005, from http://www.cc.gatech.edu/~wenke/ids-readings/id_model.pdf Gary, T., et al (Mar. 2002). Network security credo. [Electronic version]. Retrieved Nov. 25, 2005, from http://staff.washington.edu/gray/papers/credo.html Stiffler, R. & Carter, E. (Dec. 28, 2001). Intrusion detection: Cisco IDS overview. [Electronic version]. Retrieved Nov. 26, 2005, from http://www.informit.com/articles/article.asp?p=24696&rl=1
Open Document