Network security is a set of technologies that protects the usability and integrity of a company’s infrastructure by preventing the entry or proliferation within a network of a wide variety of potential threats.
A network security architecture is composed of tools that protect the network itself and the applications that run over it. Effective network security strategies employ multiple lines of defense that are scalable and automated. Each defensive layer enforces a set of security policies determined by the administrator.
In today’s hyper-connected world, network security presents a greater challenge as more business applications move to private and public clouds. Moreover, the applications themselves now tend to be virtualized and distributed across many locations, some of which are outside the physical control of IT security teams. With the number of attacks on companies climbing ever higher, protecting network traffic and infrastructure is critical.
Network security is key to an organization’s ability to deliver products and services to customers and employees. From online stores to enterprise applications to remote desktops, protecting apps and data on the network is essential to advancing the business, to say nothing of protecting an organization’s reputation. In addition, effective network security can improve network performance by eliminating downtime due to successful attacks.
The elements of a complete, multilayered security architecture that implements network security across an organization fall into two general categories: access control and threat control.
Network security starts with access control. If bad actors gain access to a network, they can surveil traffic and map infrastructure. Once they have mapped infrastructure and applications, they can launch a DDoS attack or insert malware. Access control restricts the movement of bad actors throughout the network.
Even with access control in place, problems can arise. For instance, a bad actor may compromise an employee’s credentials to gain entry. Thus the need for threat control, which operates on traffic that is already permitted. Threat control prevents the actions of bad actors from doing damage within the network.
Threat control technologies begin with the firewall and load balancer. These devices protect the network from DoS/DDoS attacks. Next, IDS/IPS counters known attacks traveling through the network. Finally, unknown malware objects traveling through the network are captured with sandbox technologies, while anomalies in network traffic that may be symptoms of a threat are caught with NTA/NDR.
A multi-layered approach to network security implements controls at numerous points within a network to provide comprehensive access control and threat control.