The present computer era is all about networking and sharing. Computers, servers, and hardware are all connected to each other on a network for sharing resources, data, information, and for aiding in faster communication. Though internet and networking have opened up incredible opportunities, but proper precautions should be taken so that data is not intercepted or altered and there is no unauthorized access to classified company information.
Here are some ways to address the problem of network security. Usually implementing more than one security measure is a better way to ensure higher level of security.

Authentication

To allow access only to authorized personnel, authentication is often verified through passwords. To provide proper authentication, two or three items from the following list are required:

  • A password or a PIN number specific to a user.
  • User can use SecurID tag, or something similar. The SecurID system generates a 6 bit pseudo-random code every 60 seconds. The user has access to this system through a pin and after the pin has been authenticated, the user can use the generated code to access the network.
  • User authenticity can also be checked for allowing access to a premise through fingerprint or retina scanning.

Routers

Routers are devices which link computers to the internet. Though their primary purpose is to route packets, they can also be used as firewalls to protect the Intranet. Though they are not as effective as firewalls, but still routers can to improve security on a network. The IT administrators should ensure the router software is updated and kept current. It is important to verify the network manager’s password is strong and is changed periodically. Also Telnet access to the router should be allowed only from specific IP addresses. Another useful measure is to maintain a log of the actions of the router and use Access Control Lists (ACL’s) to reject or pass packets based on TCP port number, IP source address or IP destination address.

Firewalls

Firewalls sit on the boundary between an Intranet and the rest of the world, and monitor both incoming and outgoing traffic. They allow only selected, specific incoming and outgoing packets to pass and reject all other packets. On the basis of the port number, contained in the TCP header, a Firewall can be instructed about who can transmit data, to which port they can transmit, and what sort of incoming connections are allowed on the network.

Intrusion Detection Systems (IDS)

Intrusion Detection is a new technology that enables network and security administrators to detect patterns of misuse within their network traffic. IDS systems should not be used as a standalone security device but should be used in conjunction with other filtering devices.

Encryption And Cryptography

Encryption is the process of encoding messages or information so that only authorized parties can read them. Cryptography is the method of turning ordinary text is into unintelligible text or ciphertext through the process of encryption. Encryption does not prevent interception, but prevents interceptor to open or read the files and data.

While we exchange information through emails, online newspapers, blogs, chats and other services little do we realize that we expose our resources and hardware to external and internal threats. So ensuring network security is the biggest challenge all IT administrators and we as individuals are facing every day.