In this article

The following article was written by Dan Daniels, Industry Expert, Gigamon.

What is network security? Network security is a term that describes the security tools, tactics and security policies designed to monitor, prevent and respond to unauthorized network intrusion, while also protecting digital assets, including network traffic. Network security includes hardware and software technologies (including resources such as savvy security analysts, hunters, and incident responders) and is designed to respond to the full range of potential threats targeting your network.

So, to put it simply, the answer to the question "What is network security?" is this: Network security is the defense you use to protect yourself against ever-increasing cybercrime.

It is predicted that by 2021, cybercrime damages will amount to an annual total world cost of $6 trillion, even outpacing the yearly cost of damages attributed to natural disasters. And on an individual company level these damages can be just as catastrophic. The average cost of a cyberattack is currently $1.67 million, with operational and productivity loss, along with negative customer experience, being the primary consequences of suffering an attack.

Your data is the lifeblood of your business: It supports your growth, carries vital resources and helps your organization stay healthy. And if data is blood, then your network is the beating heart that pumps it through your system. But modern cyber threats are like vampires, doing everything possible to get at the blood that keeps your business going.  

In order to defend against these vampiric threats and save your business from potentially millions of dollars in data loss, you need more than just a stake and some cloves of garlic; you need effective, robust network security and network visibility.

In this post, we'll address the following 14 network security tools:

  • Access control
  • Anti-malware software
  • Anomaly detection
  • Application security
  • Data loss prevent (DLP)
  • Email security
  • Endpoint security
  • Firewall
  • Intrusion prevention systems
  • Network segmentation
  • Security information and event management (SIEM)
  • Virtual private network (VPN)
  • Web security
  • Wireless security

The Three Key Focuses of Network Security

Within network security, there are three key focuses that should serve as a foundation of any network security strategy: protection, detection and response.

Protection entails any security tools or policies designed to prevent network security intrusion. Detection refers to the resources that allow you to analyze network traffic and quickly identify problems before they can do harm. And finally, response is the ability to react to identified network security threats and resolve them as quickly as possible.

Unfortunately, most businesses simply do not know how to follow policy and do this properly. In fact, in a survey of 4,100 executives, departmental heads, IT managers and other key professionals across the U.S. and Europe, it was revealed that nearly three out of four organizations (73 percent) are fielding a novice level cybersecurity strategy. This is a growing threat, because when network breaches occur and malicious threats come through, there's more at stake than just the data itself.

Benefits of Network Security

Network security tools and devices exist to help your organization protect not only its sensitive information, but also its overall performance, reputation and even its ability to stay in business. Continued operational ability and an intact reputation are two key benefits of effective network security.

Companies that fall prey to cyberattacks often find themselves crippled from the inside out, unable to deliver services or effectively address customer needs. Similarly, networks play a major role in internal company processes, and when they come under attack, those processes may grind to a halt, further hampering an organization's ability to conduct business or even resume standard operations.

But perhaps even more damaging is the detrimental effect that a network breach can have on your business's reputation.

Given the rising tide of identity theft and other dangers related to the theft of personal information, many customers are already hesitant when it comes to sharing data with businesses. And if a cyberattack should occur, many of these customers are likely to withdraw in favor of more secure alternatives. After all, why take the risk?

The loss or corruption of valuable data, along with a significant disruption to customer services and internal process, topped off with reputational injury that may persist long after other damages have been repaired — it's not hard to see what's at stake when it comes to network security. In fact, it's been suggested that 66 percent of SMBs would have to shut down (either temporarily or permanently) after experiencing a data breach. And even larger, more established businesses may be unable to reclaim their former standing.

On the other hand, reliable tools in network security software and hardware, coupled with the right policies and strategies, can help ensure that when cyberattacks occur, their impact will be minimal.

Network Security Tools and Techniques

Your network faces threats of all shapes and sizes, and thus should be prepared to defend, identify and respond to a full range of attacks. But the reality is that the biggest danger to most companies are not fly-by-night threat actors, but rather attackers that are well-funded and are targeting specific organizations for specific reasons. For that reason, your network security strategy needs to be able to address the various methods these actors might employ.

Here are 14 different network security tools and techniques designed to help you do just that:

  1. Access control
    If threat actors can't access your network, the amount of damage they'll be able to do will be extremely limited. But in addition to preventing unauthorized access, be aware that even authorized users can also be potential threats. Access control allows you to increase your network security by limiting user access and resources to only the parts of the network that directly apply to individual users' responsibilities.
  2. Anti-malware software
    Malware, in the form of viruses, trojans, worms, keyloggers, spyware, etc. are designed to spread through computer systems and infect networks. Anti-malware tools are a kind of network security software designed to identify dangerous programs and prevent them from spreading. Anti-malware and antivirus software may also be able to help resolve malware infections, minimizing the damage to the network.
  3. Anomaly detection
    It can be difficult to identify anomalies in your network without a baseline understanding of how that network should be operating. Network anomaly detection engines (ADE) allow you to analyze your network, so that when breaches occur, you'll be alerted to them quickly enough to be able to respond.
  4. Application security
    For many attackers, applications are a defensive vulnerability that can be exploited. Application security helps establish security parameters for any applications that may be relevant to your network security.
  5. Data loss prevention (DLP)
    Often, the weakest link in network security is the human element. DLP technologies and policies help protect staff and other users from misusing and possibly compromising sensitive data or allowing said data out of the network.
  6. Email security
    As with DLP, email security is focused on shoring up human-related security weaknesses. Via phishing strategies (which are often very complex and convincing), attackers persuade email recipients to share sensitive information via desktop or mobile device, or inadvertently download malware into the targeted network. Email security helps identify dangerous emails and can also be used to block attacks and prevent the sharing of vital data.
  7. Endpoint security
    The business world is becoming increasingly bring your own device (BYOD), to the point where the distinction between personal and business computer devices is almost nonexistent. Unfortunately, sometimes personal devices become targets when users rely on them to access business networks. Endpoint security adds a layer of defense between remote devices and business networks.
  8. Firewalls
    Firewalls function much like gates that can be used to secure the borders between your network and the internet. Firewalls are used to manage network traffic, allowing authorized traffic through while blocking access to non-authorized traffic.
  9. Intrusion prevention systems
    Intrusion prevention systems (also called intrusion detection) constantly scan and analyze network traffic/packets, so that different types of attacks can be identified and responded to quickly. These systems often keep a database of known attack methods, so as to be able to recognize threats immediately.
  10. Network segmentation
    There are many kinds of network traffic, each associated with different security risks. Network segmentation allows you to grant the right access to the right traffic, while restricting traffic from suspicious sources.
  11. Security information and event management (SIEM)
    Sometimes simply pulling together the right information from so many different tools and resources can be prohibitively difficult — particularly when time is an issue. SIEM tools and software give responders the data they need to act quickly.
  12. Virtual private network (VPN)
    VPN security tools are used to authenticate communication between secure networks and an endpoint device. Remote-access VPNs generally use IPsec or Secure Sockets Layer (SSL) for authentication, creating an encrypted line to block other parties from eavesdropping.
  13. Web security
    Including security tools, hardware, policies and more, web security is a blanket term to describe the network security measures businesses take to ensure safe web use when connected to an internal network. This helps prevent web-based threats from using browsers as access points to get into the network.
  14. Wireless security
    Generally speaking, wireless networks are less secure than traditional networks. Thus, strict wireless security measures are necessary to ensure that threat actors aren't gaining access.

Network Security: Let the Sunshine In

What is network security? Well, beyond the definition, the security tools and the strategies, network security is essentially the power to protect your business and your customers. That means understanding the threats and the solutions and knowing how to use that information to build a robust and inclusive network security strategy.

Gigamon GigaSMART® SSL/TLS Decryption is a network security solution designed to optimize that strategy. GigaSMART enhances the effectiveness of your existing cyber security tools by providing superior visibility into network traffic and allowing threat responders to identify and expose encrypted attacks, malware, hidden command and control channels, and unauthorized data exfiltration exploits. With Gigamon, network security threats have nowhere to hide.

After all, data is the lifeblood of your business, and the vampires don't need to wait for an invitation. So why not let the sunshine in? With effective network security, you can shine a light onto the entire range of network threats, and thus keep your data, your business and your customers safe and secure.


References
  1. Morgan, Steve. "Global Cybercrime Damages Predicted to Reach $6 Trillion Annually by 2021." Cybercrime Magazine. Dec. 7, 2018. https://cybersecurityventures.com/cybercrime-damages-6-trillion-by-2021/.
  2. Truta, Filip, Paul Vallee, Bill Ho, Roy Horev, Richi Jennings, and Michael Vizard. "Average Cost of a Cyberattack Now Exceeds $1 Million, Research Shows." Security Boulevard. January 17, 2019. https://securityboulevard.com/2019/01/average-cost-of-a-cyberattack-now-exceeds-1-million-research-shows/.
  3. "Hiscox Cyber Readiness Report 2018." Hiscox. February 2018. https://www.hiscox.co.uk/sites/uk/files/documents/2018-02/Hiscox_Cyber_Readiness_Report_2018_FINAL.PDF.
  4. Forrest, Conner. "66% of SMBs Would Shut down or Close If They Experienced a Data Breach." TechRepublic. October 2, 2017. https://www.techrepublic.com/article/66-of-smbs-would-shut-down-or-close-if-they-experienced-a-data-breach/.

Technologies