Security+&+Control

=**History of Network Security and Access Control** =  Securing information across a network had its roots in the late 1960s when networks only existed in the sense of huge mainframes and multiple networked terminals. Hundreds of thousands and millions of dumb terminals were connected via hubs and concentrators to the huge central processing units. Without the presence of client/server network models with its multi-tasking processors, network security was not yet a real issue. Network security, however, did initially realize its importance as a result of white-collar crimes performed within financial divisions of large corporations by embezzling money from accounts by transferring lost money to bogus accounts. These actions illustrated the initial threats to network security, which were at the time strictly internal. It was not until the end of the 1960s and into the 1970s that the environment for network security did evolve.

=**What is Network Security?** =

Network Security involves all organizational activities used to protect the value and continual usability of assets and the integrity and continuity of operations.

=What is Access Control? = An access control system is a system which enables an authority to control access to areas and resources in a given physical facility or computer-based information system.

=**Different types of Network Security Threats** =

 Threats to network security range from harmless pranks to devastating crimes of destruction and theft. Breaches in network security occur internally by employees and externally by hackers. Penetrations into a network can occur through password sniffers, IP snooping, and Email attacks. Further damage can be accomplished through the use of viruses, worms, Trojan horses, and logic bombs. These are only a few of the countless techniques and devices used by people who are motivated by monetary gain, malicious intent, or simply the challenge.

Link to important network security moments: []

Link to security news: []

=Examples of Types of Access Controls  = =//Wireless/802.1X:// =

802.1X involves communication between a supplicant, authenticator, and authenticator server. The authenticator is an Ethernet switch or wireless Access Point and authentication server such as a RADIUS or Remote Access Dial-In User Server database. The authenticator acts as a proxy to the protected network. The supplicant is not allowed access through the authenticator to the protected side of the network until the supplicant’s identity is authorized. If the credentials are validated by the authentication server database, the supplicant is allowed to access resources located on the protected side of the network.

// IDS/IPS: //

An Intrusion detection system (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling a computer system. An Intrusion prevention system (IPS) is a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. Both of these system types can be either host or network based. A host based system would protect the specific host that the software is installed on while a network based system software/hardware could be installed upstream to protect the host downstream.



// VPNS: //

A VPN or virtual private networks provides access control and data encryption between two different computers on a network.



//Firewalls://

<span style="font-family: 'Times New Roman',Times,serif; font-size: 12pt; font-weight: normal;"> A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt or proxy all computer traffic between different security domains based upon a set of rules and other criteria. Computers from public network should not be able to access private network unless explicitly allowed through firewall. There are several types of firewall techniques. Packet filtering inspects each packet passing through the network and accepts or rejects it based on user-defined rules. Application gateways apply security mechanisms to specific applications, such as FTP and Telnet servers. Circuit –level gateways applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking. This would be considered a [|stateful]connection. Proxy servers intercept all messages entering and leaving the network. The proxy server effectively hides the true network addresses. This would be considered [|NATing]. There is hardware and software based firewalls.

=<span style="font-family: 'Times New Roman',Times,serif; font-size: 14pt;">**References:** = =<span style="font-family: 'Times New Roman',Times,serif;"> = <span style="font-family: 'Times New Roman',Times,serif; font-size: 12pt; font-weight: normal;"><span style="font-family: 'Times New Roman',Times,serif; font-size: 12pt; font-weight: normal;">Innella, P. (2000). A brief history of network security and the need for adherence to the software process model. TDISecurity, 1-15. Retrieved November 20, 2009 from [|http://www.tdisecurity.com/resources] [|/assets/NetSec.pdf] <span style="font-family: 'Times New Roman',Times,serif; font-size: 12pt; font-weight: normal;"> Graphics taken from Goggle images