IT Supervisor: Where should I start with network security?

With the rapid development of the network, the exposure of personal data and important enterprise resources has become more and more common. Enterprises are at risk of being damaged to varying degrees due to cyberattacks, this puts more and more responsibilities on IT supervisors. So what are the most common problems of IT supervisors and how should they be solved? Here, we have summarized nine of the most important ones.
Question 1: How to Ensure network security of 100%?

Simple answer: Impossible. Existing security solutions only provide risk management, which means to minimize network vulnerabilities and risks. The best solution is to improve the prevention method and select the solution that best suits your network. The network faces three types of vulnerabilities: Policy, configuration, and technical vulnerabilities. A policy vulnerability may occur if you know little about the network's permitted or prohibited permissions. In addition, configuration vulnerabilities are easy to occur. In addition, technical vulnerabilities such as operating system and buffer overflow are also major risks. Remember: good security policies and implementations are only preventive actions, not remedies.

　　

Question 2: Where should I start with security?

　　

Network security is like guarding office buildings or housing. You will first lock the door and shut out non-fast customers. The firewall is a lock on the network, which controls access to the network, only authorized users are allowed to access the network. Of course, the daemon building not only locks the door, but also sets up a firewall around the network to meet network security requirements most effectively. Other technologies are also required, such as user authentication, virtual private network, and intrusion detection.

　　

Question 3: How can we ensure that only authorized users can access the service?

In our daily life, we can allow users to access the website by first recognizing the identity of the person at the door. On the network, you can use the so-called AAA Server to implement this function, which can be verified, authorized, and registered. In other words, it can identify the user's identity, the network that is allowed to access, and the accessed part.

　　

Question 4: How to establish a secure remote access channel?

Use IPsec to achieve secure remote access. IPsec is used to ensure that both parties are licensed users or devices. It ensures that no one listens on the communication line and no one can change the communication signal on the way. IPsec provides three technologies to help implement this function. Authentication Header, encapsulation security load, and Internet Key Exchange (IKE ).

　　

Question 5: How can we ensure the security of remote access for employees?

　　

Using IPsec, you can also establish a security tunnel between the remote office staff's PC and the headquarters. This solution is simple and cost-effective by fully managing and configuring clients at the headquarters. Some VPNs use multiple encrypted acceleration boards to handle a maximum of 10 thousand Mbps connections.

　　

Question 6: how can we face intruders?

　　

Firewall, verification, and encryption can only prevent intruders from accessing the network. Intruders may come from the inside. When designing network security, be sure to pay attention to possible internal threats. To solve this problem, we need to prevent problems and respond quickly. To prevent attacks, you must clear all vulnerabilities on the network to prevent them from being exploited. This can be done using the vulnerability scanner of the intrusion detection system.

　　

Question 7: How to enhance network security without human resources?

　　

To avoid additional manpower, you need to change from device-based management or multiple device-based management to policy-based management. Device-based management requires device management and configuration one by one, which is time-consuming, laborious, and error-prone. Policy-based management methods are much more agile. It allows you to centrally manage policies through the Policy Manager (for example, to allow a specified group of users to access the Internet over Http), and then the Policy Manager will produce all necessary configuration files, all devices are configured, regardless of the quantity or location. Such management can reasonably configure limited resources, reduce errors, ensure network consistency, and reduce time and cost.

Question 8 is the firewall, IDS, and VPN secure?

Deploying these solutions can reduce the risk of vulnerabilities, but only the protection on the network is insufficient. It is vital to make full use of the information provided by firewalls and IDS, monitoring and analysis of such information is also critical. In addition, education is critical to security. Also, it is important to know the normal running status of the network, how to protect network security, and how to seek help.

Question 9 is it better to adopt an end-to-end solution?

It is certainly a good practice to purchase such products: they can communicate with each other and facilitate management from a central location. Using many different products will make management very difficult, expensive, and time-consuming. Deploying a solution composed of different security technologies provided by multiple vendors that promise interoperability is not a solution. The ideal situation for an organization is to use the best product portfolio to form an end-to-end security solution.