Network Security Concepts!!

Network security factors

In CCNA, we are supposed to familiar ourselves with basic network security. The CCNA SECURITY course comprehensively covers the network security concepts that are needed in a small to medium size enterprise.  we will look at the three factors that are crucial in networks, vulnerabilities we may have in our networks, the threats that we may face and some of the attacks. These factors are described below.

1. Vulnerability – this are the weaknesses that we may have in the network. They may be as a result of the technology in use, the configuration on our devices or poor or weak security policies. In our networks, we need to plan for security carefully and consider these factors, a comprehensive security policy would be crucial in ensuring that data in our network is not accessed due to weak security on our devices.
2. Threats – in network security, anyone who has the skill and the interest to manipulate any of the vulnerabilities, is known as a threat. These individuals or groups may be motivated by many factors such as money, power, and thrill seeking among others. Whatever the motive may be, threats to network security pose a major challenge for administrators since they may access information that is sensitive or even cripple the network.
3. Attacks – these are the methods that are used by the threats to access the network. There are a number of attacks that can be used to access our network. They may be aimed at the network infrastructure through methods such as dumpster diving, or aimed at users using methods such as social engineering.

Securing the network

The security issues in the network are many and cannot be covered in one chapter, the various methods used by attackers to access networks have grave and far reaching effects, as such, we will focus on protecting routers and switches in this course. Some of the protection methods we will look at include:

1. Physical security methods
2. Passwords
3. SSH
4. Port security

Physical security

Physical threats to network devices are a major issue. Physical attacks may cripple an enterprise’s productivity due to outage of network services. The four classes of physical threats are:

1. Hardware threats-damage to network infrastructure such as servers, routers and switches.
2. Environmental threats– these are the threats that are brought about by storing the networking equipment in unsuitable places; the hardware may be subjected to extreme temperatures or extreme humidity.
3. Electrical faults – the equipment that is used in our networks relies on electricity to work, as such, any sudden change in the electrical power supplied to the network devices is a major threat.
4. Maintenance threats – from time to time, we may need to run maintenance checks on our network devices, the use of untrained technicians can pose a major threat to the network devices.

Some of the physical threats may be almost impossible to guard against. For example, we may not be able to predict an earthquake. However, we can effectively mitigate the threats to our network hardware by following the following guidelines:

Hardware threat mitigation

The location used for storing networking equipment as well the wiring closets, should only be accessed by authorized personnel. All the entrances should be secured and monitoring should be implemented by using CCTV cameras.

Environmental threat mitigation

The environment should be controlled to mitigate the environmental factors. the humidity, temperature, and other environmental factors should be monitored. The network control room should ideally be in a room where the conditions can be controlled effectively.

Electrical threat mitigation

The electrical threats may be mitigated by using UPS systems, so that the networking devices don’t draw their power directly from the mains. There should be backup systems such as generators and inverters so as to maintain network connectivity in case of power outage.

Maintenance threat mitigation

Maintenance threats should be mitigated by using well trained personnel. All the cables should be well labeled, maintenance logs should be maintained, and there should be availability of spare parts that are critical to maintaining connectivity.

Passwords

In the previous chapters, we discussed how passwords can be used to protect network devices, we looked at limiting access to the router and switch, console lines and telnet lines.Use of encrypted passwords is also better than passwords that have been stored in plain text.

SSH (secure shell)

We learnt that we can manage our routers and switches either locally using console and auxiliary ports on the router or remotely using virtual terminal lines.

Local access is the more secure way we can configure our routers, however, in some cases, we may not be able to access the network through the console port. For example, you may need to troubleshoot an issue on a router while you are on a trip.

Remote access gives us a more convenient way to manage an attacker, however, this may increase the vulnerability. For example, if we use plain text passwords, an attacker may capture packets that reveal the password.

Telnet is one way we can configure a network remotely, however, it is insecure since traffic is not usually encrypted. As such, we need to use a different protocol that will enable us to configure our network devices remotely in a secure manner.

The SSH protocol, is a management protocol that enables us to configure our devices securely in place of telnet. This protocol uses the TCP port 22.

We can use SSH to accomplish the following:

• Connect to the virtual terminal lines on a router so as to configure other devices securely
• Connect remotely and securely to a terminal server so as to make a specific configuration change
• Connect to modems attached to routers by dialing out securely
• Authenticate when making configuration changes by requiring passwords and usernames for each configuration line