ITEC 100- WEEK 11

A multi-layered approach to network security

implements controls at numerous points

within a network to provide comprehensive

access control and threat control.

Key tools of network security

creates a boundary between trusted and untrusted network areas,

controlling access and segmenting the network based on IP subnets. It can

also provide more detailed segmentation, called micro- segmentation.

firewall

distributes traffic based on various metrics and, with the use of specific mitigation techniques, can extend beyond traditional load

balancing to help absorb certain attacks, like volumetric DDoS attacks.

load balancer

is placed behind a firewall and performs protocol analysis and signature matching on different parts of data packets. Protocol analysis ensures compliance with the protocol's publicly defined specifications, while signature matching helps prevent known attacks, like SQL injection.

IDS/IPS- Intrusion Detection System/IPS

functions like an IDS/IPS but does not depend on signatures. It can simulate an end-system environment to detect if a malware object, for instance, attempts to execute port scans.

sandbox

analyzes traffic (or traffic records like NetFlow) using machine learning and statistical methods to detect anomalies and identify potential threats. It first establishes a baseline, then looks for irregularities, such as traffic spikes or unusual communication patterns.

NTA/NDR- Network Traffic Analysis / Network Detection and Response.

is crucial for organizations that manage networked data and systems. It not only protects assets and data integrity from external threats but also helps optimize network traffic, improve performance, and facilitate secure

data sharing among employees and data sources.

Network security