Network security services are increasingly being implemented by businesses, large and small, in the face of the growing number and variety of Internet threats. Today, nearly all firms are connected to the Internet at least to some extent, and thus are exposed to risks that simply did not exist even a few years ago. However, many business owners or managers are ignorant both of the full range of cyber-threats, and also of the various ways in which these threats could be countered. This is particularly the case in the area of computer network security.
If your organisation’s computer network is connected to the Internet, then it has a real need for network security services to counter the huge expansion in computer viruses, Trojans, spyware, inappropriate material and “phishing” emails that have burgeoned in recent years. Information security is a critical area for any business that uses the Internet, and especially those that rely on e-commerce. There are a few main areas of network security services to consider, as follows:
Firewall configuration review, to check that the rules currently followed by the firewall, and the type of firewall used, are appropriate to the given situation.
Detailed audit of computers and devices (such as routers and firewalls), and their location on the network. This includes a review of any DMZ (De-Militarised Zone) standing in front of your organisation’s core network.
Network vulnerability assessment, to check previously-addressed vulnerabilities to ensure that they are still covered by effective countermeasures.
Penetration testing, to probe the defences actively for new vulnerabilities. This kind of test should be approached with caution, since it has the potential to disrupt operational systems or cause a temporary denial of service. The rules of engagement should be agreed in advance and put in writing.
The above functions can either be provided by an in-house team (in the case of larger organisations) or else can be outsourced to a specialist information security firm. In either case, it is imperative that network security services are implemented at regular intervals, and especially after any major changes to the network.
The gateway to your internal network is obviously the firewall. However, there is a great deal more to network security services than just a firewall. Also involved are considerations such as the following:
Network configuration: Does it have a DMZ? What Internet-facing computers and servers are present?
Type and number of devices: The choice of whether to use a hub, a switch or a router will have security implications, as will the question of what type of cabling has been installed.
Protocols and ports supported: If the network supports services and open ports (such as “Telnet” on port 23) that are not actually required by your organisation, then they should be disabled for security reasons.
Auditing and monitoring facilities: Are there logs of network activity and are they in a form that can easily be scanned by a human?
Clearly, there is much more to network security services than installing a firewall with its default configuration enabled. This is an area of information security that requires a detailed level of technical expertise, and a computer security specialist should oversee the deployment and configuration of your organisation’s network.