Developing A Security Model for Enterprise Networks (SMEN

2006

In a relatively short period, enterprise networks have evolved from small-sized LANs with simple architectures, to present day large networks with very complex architectures. Their topologies now include combinations of Local Area Networks (LANs), Wireless access networks, Metropolitan Area Networks (MANs), Wide Area Networks (WANs) and Virtual Private Networks (VPNs) that often span across multiple continents. Sustaining these highly interconnected, but also more dynamic and complex architectures currently occurs through the implementation of complex routing and switching protocols. Nevertheless, the increased network connectivity and higher availability have still not been sufficiently balanced by improved security. Threats from Viruses, worms, trojan horses and DoS attacks are still persistent, with rising tendencies in their sophistication and ability to spread. Mechanisms such as ACL, packet filters, firewalls, IDS and IPS, etc, put in place to curb these increased levels of threats and attacks have also caused the network to become inflexible, fragile and difficult to manage. This paper addresses issues such as trust, access control, complex routing and switching, and other forms of attacks that affect present day enterprise networks. It evaluates and analyzes current methods used to resolve these issues, points out their limitations and then proposes a new approach in dealing with the fundamental problem. It presents a newly designed protection architecture (SANE) for the enterprise network. This architecture is based on a single, logically centralized protection layer that is used to setup, secure and control all connectivities within the network.

INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT

Network security has become more important to personal computer users, organizations, and the military. With the advent of the internet, security became a major concern and the history of security allows a better understanding of the emergence of security technology. The internet structure itself allowed for many security threats to occur. The architecture of the internet, when modified can reduce the possible attacks that can be sent across the network. Knowing the attack methods, allows for the appropriate security to emerge. Many businesses secure themselves from the internet by means of firewalls and encryption mechanisms. The businesses create an “intranet” to remain connected to the internet but secured from possible threats. The entire field of network security is vast and in an evolutionary stage. The range of study encompasses a brief history dating back to internet’s beginnings and the current development in network security. In order to understand the research being perfo...

International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 2020

With the occurrence of the World Wide Web and the emergence of ecommerce applications and social networks, organizations across the world generate a large amount of data daily. Information security is the most extreme basic issue in guaranteeing safe transmission of data through the web. Also network security issues are now becoming important as society is moving towards digital information age. As more and more users connect to the internet it attracts a lot of cyber-attacks. It required to protect computer and network security i.e. the critical issues. The pernicious hubs make an issue in the system. It can utilize the assets of different hubs and safe guard the assets of its own. In this paper we provide an overview on Network Security and various techniques through which Network Security can be enhanced i.e. Cryptography. Cryptography and Network Security is used to protect network and data transmission takes place over wireless network.

International Journal of Information Security, 2009

With the explosive growth of Internet connectivity that includes not only end-hosts but also pervasive devices, security becomes a requirement for enterprises. Although a significant effort has been made by the research community to develop defense techniques against security attacks, less focus has been given to manage security configuration efficiently. Network security devices, such as firewalls, intrusion detection and prevention systems, honeypot as well as vulnerability scanner, operate as a stand-alone system for solving a particular security problem. Yet these devices are not necessarily independent. The focus of this work is encompassing a security infrastructure where multiple security devices form a global security layer. Each component is defined with respect to the others and interacts dynamically and automatically with the different security devices in order to choose the best solution to be launched to prevent the final malicious objective. Our solution aims at solving, at the same time, the need for active defence, speed, reliability, accuracy and usability of the network.

Simulation in Computer Network Design and …, 2012

The continuous deployment of network services over the wide range of public and private networks has led to transactions and services that include personal, and sometimes quite sensitive, data. Examples of services include: pay-per-view, cable telephony, bill payments by phone, credit card charging, and Internet banking. Such services require significant effort not only to protect the sensitive data involved in the transactions and services but to ensure integrity and availability of network services as well. The requirement for employing heterogeneous networks and systems becomes increasingly important, and as the view of traditional distributed systems has changed to a network centric view in all types of application networks, therefore, the complexity of these systems has led to significant security flaws and problems. Existing conventional approaches for security service development over such complex and most often heterogeneous networks and systems are not satisfying and cannot meet users and applications needs; therefore, several approaches have been developed to provide security at various levels and degrees, such as: secure protocols, secure protocol mechanisms, secure services, firewalls, Intrusion Detection Systems (IDS), and later Intrusion Prevention System (IPS), etc. This chapter considers and addresses several aspects of network security in an effort to provide a publication that summarizes the current status and the promising and interesting future directions and challenges. The authors try to present the state-of-the-art in this chapter for the following topics: Internet security, secure services, security in mobile systems and trust, anonymity, and privacy.

Advances in Intelligent Systems and Computing, 2017

In today's scenario, cyber threats are becoming labyrinth and difficult to manage. The traditional security management systems are not capable to handle upcoming novel threats resulting in performance deterioration. In this paper, various next-generation technologies have been integrated together that provide an efficient, manageable, robust, and flexible system that not only effectively tackles all the existing attacks but can mutate itself to fight against zero-day attacks. The proposed system includes intelligent techniques that are required for the future cyber world like next-generation intrusion prevention system (NGIPS), network breach exposure system (NBES), cloud-based antivirus, anti-spam, personalized censor-ware, SPARTA (access control service), MONICAN (control and management technique). It will result in a reliable, efficient, and quick responsive system to obtain remarkable results in the network security.

http://ijeie.jalaxy.com.tw/contents/ijeie-v8-n2/ijeie-v8-n2.pdf 8 (2), 135 - 144, 2018

Security is an important issue for organizational network design and development. With an increasing technology in cloud computing sector, enterprise Sector and specific organizational network Infrastructure development, network security always has remained as a great challenge. Our considerable Organization like different scientific/institutional institution faces core security issues challenges in network architecture design and development. A Secured infrastructure of a network always considers or concerns about different security attacks. Network security will prevent a organization network infrastructure from different types of attacks and threats. This paper intends to give an idea to design and deployment of a simple but better network security model and cost effective approach using routers and firewall. This research aim is also that how a network will be protected against vulnerabilities, configuration and security policy weaknesses. Our proposed network infrastructure is adaptable with secure structure. Keywords: Firewall; Threats and Attacks; VLAN; VPN

IJMTER, 2018

Advancements in technology have facilitated the growth of different cyber attacks. The number of hackers is increasing exponentially. By 2019, cyber crime costs may reach up to $2.1 trillion. Security is a very important aspect for computers to have in today's world. Therefore it is very important to provide Network Security to safeguard the availability, confidentiality, and integrity of the data irrespective of our business. Network security addresses a wide range of threats and the associated attacks. In this paper, we analyze how network security works and a brief overview of the various tools that are required to detect and handle the attacks generated from the various threats.

2024

Technology's rapid growth and greater reliance on digital systems have made cybersecurity a global problem for organizations. ACME Industries, a worldwide financial security corporation, follows suit. We analyze ACME Industries' IT infrastructure and make security suggestions in this study. The paper begins with a cybersecurity risk analysis that covers risk analysis standards and frameworks, valuable assets and their impact values, and threats and vulnerabilities. This study enables secure security architecture design. A DMZ server farm would secure central server files. This includes directory, DHCP, file, proxy, management, email, DB, SIEM, and web servers. DMZs keep vital servers safe. We also secure OS and networked systems. To secure network traffic, VLANs are used. VLANs isolate and govern network resources for departments, guests, Wi-Fi users, PC users, and IP phones. We cover network assaults and vulnerabilities using SIEM. Real-time security analytics can detect and respond to attacks. ACME Industries can increase network security and threat detection using SIEM data. Planning and execution are needed to change the network architecture. We describe a smooth switching mechanism. We also present industry best practices and cybersecurity principles-based research and reasons for the recommended solutions. This cybersecurity analysis study is designed to help ACME Industries understand its IT infrastructure security landscape and improve company cybersecurity. ACME Industries can reduce risks, protect sensitive data, and maintain system and data integrity by following security recommendations and industry standards

2015

Routers interconnect networks of various enterprises, and the more secure the entry or exit points are made, the more robust the security of these enterprises is. These routers become the first direct targets and are vulnerable to security attacks. If these routers are not tightly protected, the attackers get an edge to intrude the system. In order to ensure the security of these routers, Secure Access Control Lists (ACLs) Filtering-Based Enterprise Networks (SAFE-Nets) are proposed in this chapter. In this scheme, routers are configured with Access Control Lists (ACL) that are used to filter in the intended packets and filter out the dangerous malicious packets from network traffic. This consolidates security deployment over the entire network on top of anti-virus software, weak passwords, latent software vulnerabilities, and other related secure measures. This can help network technicians working for various enterprises manage security at low costs.