Tech Topic Connection

 Tech Topic Connection

The topic of Network Security covers almost all aspects of IT fundamentals. Whether that's the security of a physical network using firewalls and intrusion detection devices, or the security of endpoints on a cloud based system, network security is vital to understanding IT. This post will dive deep into how network security relates to the history of computer s
cience, hardware involved in network security, how network security uses programming languages, how applications relate to network security, and how network architecture plays a role.

History of Network Security 

First let's dive into how the history of computers relates to network security. From the beginning network security has been connected to computer science. Back in 1971 the first documented computer virus was discovered. This virus went by the name of Elk Cloner. There was one virus created in a controlled environment before Elk Cloner but the first virus in the wild was Elk Cloner. Ever since this, computer science has had to have network security in mind. Many other historically significant network security incidents have happened in the past. When thinking about the most significant, the argument could be made for Stuxnet. According to Michael Holloway of Stanford University “ Over fifteen Iranian facilities were attacked and infiltrated by the Stuxnet worm. It is believed that this attack was initiated by a random worker's USB drive” ( Holloway 2015). This attack on Iranians nuclear computer network plays a major role in how network security is thought of today. Because of this many networks disable USB on their standardized images. The impact network security has had on computer science and IT has a whole can't be understated.

Hardware Components and Network Security

Hardware is often the first line of defense in network security. Some forms of hardware that relate to network security include Firewalls, VPN gateways, NSA type 1 encryptors, Intrusion Detection Systems (IDS), Intrusion prevention Systems (IPS), and specific servers such as Cisco ISE (Identity Service Engine). With how important network security is for the functionality of a company's system. It is vital the right hardware is put in place. At minimum, a firewall should be used to filter our layer 3 traffic or a Web application firewall to look for bad layer 7 traffic. Hardware with large computing capacity is required to do resource intensive work such as comp through packets to identify malicious connections. It is vital the firewalls and other network security devices are configured properly, have the resources needed, and are deployed properly within the network.

Programing Languages and Network Security

In today's ever evolving cybersecurity environment, it is important to have a basic understanding of at least some programming languages to understand network security. For example, shell scripting can be used to write malicious code or it can be used to easily script out automated tasks. Python is an easy to understand language to help automate network security related tasks such as configuring a large amount of access control lists on a router or deploying firewalls. Additionally many tools for network security are developed using Python. The tool Pytbull is a ids/ips tool written fully in python that allows users to generate alerts and have full visibility into the poking around of a computer network. 

Application Software and Network Security

If we were to dive deep into a never ending topic it would be this one. The number of applications that relate to network security is seemingly endless. Software such as Nessus for vulnerability scanning is massively important. Other software of note is trellix for endpoint security, Snort for IDS, aqua for cloud infrastructure security, okta for identity management and so on. The list goes on and on. According to marketsandmarkets.com, the cybersecurity market for applications was worth $173 billion in 2022. The market is ever growing for useful applications that help protect computer networks from attacks. 

Network Architecture and Management 

When a network engineer goes to build out a network, they must keep security in mind. The way that data flows through the network is important to the security of the network. Design concepts can be put in place such as a DMZ to mitigate the effect an attack has on a network. 

The main benefit of implementing a DMZ is to create a security buffer between the outside internet and sensitive information inside the network. Another concept that can be deployed is a hub and spoke design with the hub being a WAF and each spoke being a cloud resource group or subscription. By designing the network like this, all traffic is forced to take a default route to the firewall. This allows all traffic to be inspected. Another key concept in network security is that of network segmentation via VLANs. When designing a network it is best practice to separate departments from each other. This can be done with virtual local area networks aka VLANS. You can keep the finance department's traffic separate from the traffic in HR for example. 

Resources

Holloway, M. (2015, July 16). Stuxnet Worm Attack on Iranian Nuclear Facilities. Stuxnet worm attack on Iranian nuclear facilities. http://large.stanford.edu/courses/2015/ph241/holloway1/ 

Cyber Security Market Size & Revenue Forecast, global trends, growth opportunities. MarketsandMarkets. (n.d.). https://www.marketsandmarkets.com/Market-Reports/cyber-security-market-505.html#:~:text=The%20global%20Cyber%20Security%20Market,reach%20%24266.2%20billion%20by%202027. 

What is a DMZ network and why would you use it?. Fortinet. (n.d.). https://www.fortinet.com/resources/cyberglossary/what-is-dmz#:~:text=The%20main%20benefit%20of%20a,and%20the%20organization’s%20private%20network.