Computers and Network Security

First, let me also explain what a network is, in particular a computer network. A computer network is a group of interconnected computers. Networks may be classified according to a wide variety of characteristics. This article provides a general overview of some types and categories and presents the basic components of a network. Networks can be
classified according to the topologies. There are a variety of topologies including bus, ring, star, mesh, Star-bus, Tree or hierarchical topology network.

The bus, ring, and star are the ones commonly used when trying to run a corporate company. I would recommend a star configuration when doing so. The purpose behind using the star configuration is based off the fact that a star configuration connects all cables to a central point of concentration. This point is usually a hub or switch. Nodes communicate across the network by passing data through the hub. The reason why I wouldn’t use a ring configuration is mainly due to the fact that the ring configuration is pretty much obsolete in situations like this where we are applying network topology to a huge corporation. The reason why I wouldn’t use a bus configuration is because it does not cope well with heavy data rates, limited cable length and the number of stations, cable breaks to the server disables the whole entire system, and the performance is degraded if additional computers are added. The only other possible would be a tree configuration, but even with that, I think the star would be the best option.

Network security must protect the organization’s ability to function, enable the safe operation of applications implemented on the organization’s IT systems, project the date the organization collects and uses, and safeguard the technology assets in use at the organization. Today’s organizations are under immense pressure to acquire and operate integrated, efficient, and capable applications. The modern organization needs to create an environment that safeguards applications using the organization’s IT systems, particularly those applications that serve as important elements of the infrastructure of the organization including; operating system platforms, e-mail, and instant messaging (IM) applications. Organizations acquire these elements either be outsourcing from a service provider or by building their own. Once an organization’s infrastructure is place, management must continue to oversee it, and not abdicate the responsibility for the entire infrastructure to the IT department.

Like I have emphasized earlier, network security is so essential to many corporations. This is why many companies are starting to increase the level of security and realizing that half-hearted security systems can lead to many different disasters. There are so many different threats you have to worry about when trying to protect a network that holds important information. The 2004 Computer Security Institute/Federal Bureau of Investigation (CSI/FBI) ran a study found that 79 percent of the organizations responding (Primarily large corporations and government agencies) identified cyber security breaches within with the last 12 months, a number that is on the decline. The study also found that 54 percent of these organizations reported financial losses totaling over $141 million, due to computer security breaches. The number of respondents identifying unauthorized computer use was 53 percent, down from 56 percent in 2003. Some threats to be concerned with is accidents, employee mistakes, piracy, copyright infringement, unauthorized access and/ or data collection, blackmail or information disclosure, destruction of systems or information, illegal confiscation of equipment or information, viruses, worms, macros, denial of service, forces of nature, ISP, power, or WAN service issues from service providers, equipment failure, bugs, code problems, unknown loopholes, antiquated or outdated technologies.

Network security isn’t the only important type of security for corporation; information security is also a very important factor. Quality security programs begin and end with policy. Information security is often a management problem, not a technical one, policy obliges personnel to function in a manner that adds to the security of information assets, rather than as a threat to those assets. It is interesting to note that security policies are the least expensive control to execute, but the most difficult to implement properly. They are the lowest cost in that they involve only the time and effort of the management team to create, approve, and communicate. Even if the management team decides to hire an outside consultant to assist development of policy, the costs are minimal compared to those of technical controls. However, shaping policy is difficult because it must never conflict with laws, stand up in court if challenged, and be properly administered through dissemination and documented acceptance. To be effective, a policy must be disseminated by all means possible, including printed personnel manuals, organization intranets, and periodic supplements. All members of the organization must read, understand, and agree to the policies. At the same time, policies should be considered living documents, in that they require constant modification and maintenance as the needs of the organization evolves. Management must define three types of security policy according to The National Institute of Standards and Technology’s Special Publication including general or security program policies, issue specific security polices, and systems-specific security policies.

Like at the beginning of the report we stated that things such as firewalls were necessary to protect a network, but there is actually more than just that to protect a network, one of those things is a security perimeter. A perimeter is the boundary of an area. A security perimeter defines the edge between the outer limit of an organization’s security that protects all internal systems from outside threats. Security perimeters can effectively be implemented as multiple technologies that segregate the protected information from those who would attack it. Within security perimeters the organization can establish security domains, or areas of trust within which users can freely communicate. The assumption is that if individuals have access to one system within a security domain, they have authorized access to all systems within that particular domain. The presence and nature of the security perimeter is an essential element of the overall security framework, and the details of implementing the perimeter make up a great deal of the particulars of the completed security blueprint. The key components used for planning the perimeter are presented in the following sections on firewalls, DMZs, proxy servers, and intrusion detection systems.