Network security is â€œa set of the requirements made to the computer network infrastructure during the operation of which the protection of network resources against unauthorized access is providedâ€. Stallings interprets the notion â€œnetwork securityâ€ as a â€œprotection of the information infrastructure of the organization against the malefactors’ invasions from the outsideâ€ (by means of authentification, authorization, network screens, IDS/IPS, VPN, etc.) as well as a â€œprotection against occasional errors of the personnel or intended actions of insiders within the organizationâ€ (a protection against information leaks).Â A safe information system is a system which, firstly, protects data from unauthorized access, secondly, is always ready to provide them to users, and thirdly, stores reliably the information and guarantees an invariance of data.
The main concepts of safety are confidentiality, integrity and availability of data.
Confidentiality is a guarantee of that confidential data will be available to only those users by whom this access is allowed (such users are called authorized ones).
Availability is a guarantee of that authorized users will always get access to data.
Integrity is a safety guarantee of correct values of the data, which is provided in the form of the ban for not authorized users to change, modify, destroy or create the data.
Safety requirements can be changed according to the system designation, a character of the used data and a type of possible threats. It is difficult to imagine a system for which properties of integrity and availability would not be crucial, but the property of confidentiality is not always obligatory. For example, if one puts the information on Internet on the Web server and his purpose is to make it available to the widest range of people, confidentiality in this case is not required. However, requirements of integrity and availability remain actual.
Unfortunately, the reliability and stability of the network work are also influenced by subjective factors. First of all, they are various computer viruses and hackers and an incompetent personnel.
Potentially, the computer, connected to the network, is always vulnerable. Messages on the virus cascade in the Novell networks, viruses transferred by means of e-mailing (for example, viruses which are based on macros of WinWord), etc. are created. The latter are the most dangerous viruses, as looking through the message, containing the appendix (attachment) with this type of the virus, the user cannot assume what threat it contains. The macro virus can carry out the function of the â€œTrojan horseâ€. An extremely decent advice can be a recommendation to delete the message, containing the executed appendix, without reading it, even if this message is received from a friend (it can be a mailing which is carried out by the macro-virus through his/her directory). If there are doubts, it is better to call the friend, or send him/her a mail before reading the suspicious message. A similar threat can also represent copying graphic files in Internet. They can comprise, for example, of fragments of Java-codes which are started when viewing the image. Such codes promote a higher level of the image compression, but can also be used for a harmful impact on the computer.
Two versions of objects can be referred to the category â€œTrojan horseâ€. One of them is the program transferred in the attacked node which carries out the interception of the whole input from the terminal, writes down these data in the file and later sends this file to â€œthe owner of this horseâ€. The other object is passive, it looks safe and attractive. For example, it is situated in the catalog of FTP depositary of games and looks like a game. The credulous user can copy such a file and try to start it. This can result in the destruction of the hard disk contents.
Rabbits are programs which quickly breed in the memory or on a disk, absorbing computer resources, which can cause destructing or hanging of the operating system. As a rule, these programs do not bear destructive functions.
Worms are programs capable to move on Internet from one node to another (nodes should have identical operational environments).
Macro viruses are viruses based on macros of such systems as Excel or WinWord. Such viruses are dangerous as they can be carried by e-mail when corresponding files are connected to the post message. The attempt to view the text in Excel or WinWord leads to the computer infection with this virus. Then the computer itself can become a virus messenger. This type of the virus is the most dangerous now due to its simplicity of the infection. Besides, it can have all properties of the â€œTrojan horseâ€ that aggravates the danger.
All listed programs were created by people for causing harm; their motivation is a subject of studying for psychologists and sociologists. However, there are potentially dangerous objects which were not created to cause harm. First of all, these are programs developed not by professionals, having lots of mistakes. It is necessary to note that any mistake in the program is dangerous in itself, but it can become an object of the hacker’s attack. For this reason, a thoughtless use of not certificated programs bears a rather high risk level.
There are also other threats such as, for example, â€œthe Moldavian communicationâ€. The essence of this dodge, used for the first time by one of the providers in Moldova, is that a reference to some attractive object is provided in a depositary or a web page, for example, in a set of erotic pictures. However, it is offered to copy a special program to view them. At the start of this program, the communication channel with the local provider is broken off and the connection via modem is established with other remote provider. It is especially dangerous to the people connected to Internet through the modem, as it can cost many hundreds dollars for using a long-distance phone.
In most cases, the construction and support of a safe system demands a complex approach. First of all, it is necessary to realize the whole range of possible threats for a certain network and to think over the protection tactics for each of these threats. In this fight, it is possible and it is necessary to use the most versatile means and methods â€“ moral and ethical, legislative, administrative and psychological, protective possibilities of the program and network hardware.
Every possible norm developed in the process of computing means distribution in this or that country is possible to be referred to moral and ethical means of protection. For example, just as in the fight against piracy copying of programs, measures of the educational type are generally used now, it is necessary to introduce immorality of all attempts of the confidentiality, integrity and availability violation of other’s information resources in people’s consciousness.
Legislative means of the network security are laws, government’s resolutions and the president’s decrees, regulations and standards by which rules of use and processing of information, which has a limited access, are regulated, and measures of the responsibility for violations of these rules are also entered. The legal activity regulation in the sphere of the information security aims to protect the information making the state secret, ensuring rights of consumers on receiving high-quality products, protecting constitutional laws of citizens on the preservation of a personal secret, fighting against the organized crime.
Â Administrative measures are â€œactions undertaken by the administration or the organization for providing the information securityâ€. For example, certain rules of the staff’s work at the enterprise, an operating mode of employees, their duty regulations, which define strictly an operating procedure with a confidential information on the computer â€“ all these belong to such measures. Rules of the security aids acquisition by the enterprise also belonging to administrative measures. The administration representatives who are responsible for the information security should find out about the safety of the use of products acquired at foreign suppliers. Especially it concerns products connected with the encryption. In such cases, it is desirable to check the existence of the certificate of the product issued by testing organizations.
Psychological security measures can play a significant role in strengthening the safety system. The neglect of psychological moments in informal procedures connected with safety can lead to protection violations. For example, if there is an enterprise network in which many removed users work, they should change passwords from time to time. It is a usual practice for the prevention of their selection.
Physical means of protection can be considered as â€œshielding of rooms for the protection against radiation, checking of the delivered equipment on a compliance to its specifications and a lack of hardware â€œbugsâ€, means of external supervision, devices blocking physical access to separate blocks of the computer, various locks and other equipment, protecting the rooms, where there are data carriers, from illegal penetrationâ€, etc.
Technical means of the network security are realized by the program and hardware computer networks. Such means, also named as services of the network safety, solve the most various problems of the system protection, for example, the control of access, including â€œprocedures of authentification and authorization, audit, information enciphering, anti-virus protection, control of the network traffic and many other tasksâ€. Technical means of safety can be either built in the program (operating systems and appendices) and hardware (computers and the communication equipment) network equipment, or realized in the form of separate products created especially for the solution of safety problems. They are hardware-software encryptions of a network traffic; a Firewall technique; protected network encryptions; the attack detection software (IDS â€“ Intrusion Detection Systems or ICE â€“ Intrusion Countermeasures Electronics); software of the security analysis; protected network operating systems. The creation of private networks with â€œvirtualâ€ IP-addresses is also used for the concealment of a true topology of internal IP network.
DefensePro, as one of variants of the network security, protects online services based on Web applications and being the main generator of the firm income. DefensePro coexists with other means of safety security, such systems of the network protection as the network screen (FW â€“ Firewall Window), systems of network protection of the Web application (FAW â€“ Firewall Application Web), as well as systems of the signature analysis â€“ IPS’s which are incapable to reflect large-scale attacks of DoS/DDoS and the attacks of applied level (flood).
DefensePro protects internal appendices such as the Web, CRM, ERP, e-mail, VoIP systems, portals and other critical business appendices. DefensePro offers the widest range of the protection for known vulnerabilities of the software and the protection of servers. It prevents â€œthe misuse of appendices which can lead to various consequences – from simple breaking, an information theft up to a full stop of work of the whole center of data processing. DefensePro established together with other systems of the network protection, network screens and anti-virus locks, adds the additional and necessary level of the service and appendices protectionâ€.
DefensePro promotes the advance of additional safety services (DoS, IPS) and provides the infrastructure protection of the provider against large-scale attacks.
On the scheme, DefensePro is established in a specialized center of â€œcleaningâ€ as a service of anti-DoS or an IPS serviceÑŽ This protection system can coexist with the other equipment of the protection systems as the network screen or service locks for BWM/DPI.
Network safety is supervised by experts responsible for the system safety who should consider some base principles. One of principles is granting a minimum level of privileges on the data access to each employee of the enterprise which is necessary for the performance of his/her functions. Having taken into consideration that the most part of violations in the sphere of safety of enterprises proceeds from own employees, it is crucial to enter accurate restrictions for all users of the network, without giving them excessive possibilities.Â Â Â
According to the published results of the research, where 1000 IT managers from various European countries were interrogated, more than a half of respondents considered a network security as the most priority problem demanding an immediate decision. This factor certainly was of a great importance among other problems in the sphere of information technologies; the degree of its importance increased for 15 % in comparison with the situation existing six years ago. In the report, it was specified that in 2006, 66 % of IT managers interrogated in Europe considered that the greatest danger in their work was represented in the internal threat, in particular, incorrect actions of the user. This year, only 24 % of respondents regarded actions of the user as a critical factor. The main problem was money allocation from corporate budgets for the network security. Nearly a one third of interrogated IT managers agreed on that ensuring information security was a complex challenge demanding an allocation of a bigger funding. A one third of respondents considered that despite a general understanding of that the problem of network security was critical, financial services of companies were not inclined to allocate for its solution a bigger quantity of means. During the poll, it also became clear that IT specialists spent more than 30 % of the time for the solution of safety issues.
Nowadays, Internet got into all spheres of people’s life and is essential both for business and communication between people and organizations. Confidential data are often transferred in Internet. Therefore, problems of the network security are extremely vital for both managers using means of the network protection at their offices and for ordinary users of the network at their homes. The level of threats of the information security grows continuously, therefore, any company, irrespectively of its scale, is obliged to provide an adequate level of information protection of the corporate network. Losses or distortions of the main strategic resource of the enterprise â€“ information â€“ can appear too immense or even irreversible.