Home > Articles > Security > Network Security

  • Print
  • + Share This
This chapter is from the book

Summary

Networks are the lifeblood of business today; they are the nervous systems of organizations across the world. They are also the world's most interesting targets to a class of criminals who would love nothing more than to deny you the services of the technology you paid for. This book is about protecting your network. Notice that we did not say "securing your network." You can never hope to secure your network in the sense that it is impervious to attack. That is, you can never secure your network to that extent if you are not willing to turn off the network. The best you can hope for is some measure of protection. Someone really is out to get you. They may not even know that you are the one they are causing damage to. They may just want to harm anyone who happens to get in the way. Of course, then there are the people who are out there to get you. A healthy level of paranoia turns out to be a useful asset for security administrators.

As security administrators, we face some interesting tradeoffs. Fundamentally, the choice to be made is one between a system that is secure and usable, one that is secure and cheap, or one that is cheap and usable. We cannot have everything. This also means that, in general, it is inappropriate to make the same person responsible for both security and system administration. The goals of those two tasks are far too often in conflict to make this a job that someone can become successful at. Finally, it is critical to evaluate vendor offerings based on the amount of effort expended to make the product secure and usable/useful. The amount of effort the vendor has expended toward that goal will directly offset the amount of effort you will need to expend to implement the product. Whether the effort is expended by the vendor or by you, the customer, it should be carefully considered within an appropriate framework that ensures maximum protection for your network. The remainder of the book is structured around a defense-in-depth model that distinguishes between the various places where you can put protection mechanisms in place.

  • + Share This
  • 🔖 Save To Your Account