Network security not only ensures secure networking within companies but also plays a central role in connecting mobile users, for the Internet of Things (IoT), and for cloud computing.
What does network security mean?
Network security refers to all technical and organizational measures designed to ensure the confidentiality, integrity, and availability of data and systems within a network. Network security has a high significance for the security of data and IT systems, since the networking of IT systems and the exchange of data between IT systems are the rule, while local data processing on an unnetworked device is the exception.
Networking brings many benefits for users, but the risks are also increasing: Unsecured network connections allow eavesdropping and loss of confidentiality, allow manipulation of transmitted data, and allow targeted overloading and failure of networked IT systems. Network infrastructures must therefore be monitored and protected against unauthorized access. Solutions for controlling network access are called Network Access Control (NAC).
Network security is the basis for secure cloud use and the Internet of Things
Protection of network access and network connections must be ensured not only for internal network connections in companies but also for network connections with external and mobile devices and with cloud services and other Internet services. The Internet of Things (IoT) also requires a high level of network security, as IoT is based on connecting devices to the Internet.
Network security requires control of accesses and connections
The central element of network security is the firewall. Firewalls control the flow of data between networks, especially between the corporate network and the Internet. A network area shielded by firewalls is called a DMZ (Demilitarized Zone).
In contrast to a classic firewall, a Next Generation Firewall (NGFW) not only checks which network accesses and network addresses may be used. NGFW distinguishes the permissions of different users, end devices, and applications when monitoring the network. NGFW supports the enforcement of security policies at the level of protocols, ports, devices, applications, and users.
Secure networks within the open Internet
Without additional security measures, connections to the Internet are unprotected and can be intercepted and tampered with. Secure connections on the Internet require additional network security measures.
A virtual private network (VPN) is a self-contained virtual network that uses the infrastructure of an open network such as the Internet. VPN security measures such as network connection encryption prevent eavesdropping attacks. VPN solutions can be combined with firewalls and other security functions in a security solution. This is known as Unified Threat Management (UTM).
Detect and fend off attacks on networks
Network security includes the detection and defense against network risks. Unauthorized access to networks and other attempts to break into networks can be detected by solutions from the intrusion detection (IDS) area. Intrusion prevention (IPS) not only detects network intrusion attempts but also defends against them.
To detect attackers or direct the attacks to the wrong target, companies use a honeypot. A honeypot attracts the attackers to analyze their modus operandi, identify them more closely if possible, and distract them from the actual attack targets in the network.