Most people think of network security with firewalls, intrusion detection and prevention systems. These components and practices are very useful, but they should be seen as baseline security. Micro-segmentation allows you to police and shape what happens in the network, preventing a breach or attack from taking place in one system from affecting other systems. Quality of Service (QoS) or traffic prioritization can be used to enhance security on a network. It can ensure that network availability is prioritized for voice traffic and some critical application traffic.
CEO of Go Cloud Careers. Technology expert with 25 years of experience in networking, cloud computing and IT security.
When it comes to cybersecurity, most people think of the obvious. Typical include firewalls, intrusion detection and prevention systems, and identity and access management. While these components and practices are useful, they should be seen as baseline security. In addition to these, there are many things that most people don’t think about that can greatly increase the level of security on the network.
Enhance network security through micro-segmentation
Implementing micro-segmentation is one way to take cybersecurity to the next level. Micro-segmentation basically involves keeping systems separate from each other and filtering the traffic between them to ensure that they are secure and isolated from each. This allows you to police and shape what happens in the network, preventing a breach or attack from taking place in one system from affecting other systems.
Controlled admission is one of the benefits of micro-segmentation. Once someone has physical access to the network, he or she can easily plug in the system and take it down. By using 802.1X authentication to control access to the system’s media access control (MAC) address – which is the hardware address of the Ethernet card – you can prevent unauthorized users from plugging in the system. system.
User segmentation is another strategy to add an extra layer of security to the network. With network switches, you can create something called a virtual LAN, or VLAN, which is essentially a virtual switch inside a network switch. By creating VLANs, you can isolate users who don’t need to talk to each other.
For example, VLANs allow you to create one dedicated network for the HR team, another for the accounting team, and another for system administrators, all on the same system. To go out of their dedicated VLAN, users need to go through a router. Once you have a router, you can use other security filtering and access control lists. VLANs allow you to sub-segment your system with the goal of ensuring that one system cannot be attached to another.
To exercise even more control, private VLANs can be set up. While VLANs keep networks separate, each VLAN can have several servers on it. If there are 15 servers plugged into a VLAN, all of those servers can talk to each other. If a person is infected with a worm or a virus, other servers on the VLAN can become infected. Setting up a separate VLAN prevents those servers from communicating, thus preventing the attack from spreading.
Enhanced network security at the IP level
Moving the TCP IP stack to the IP level provides other opportunities to enhance network security. For example, by creating an access control list like a firewall rule, which will consider the source address, destination address, protocol, and port number, you can create a filter that limits the traffic that can be moved between subnets. Adding that control list to the router will restrict users who are on different subnets from having unlimited access to the network.
Rate limiting is another security tool that can be implemented at this level. For example, imagine that you have a system with a worm infected 100GB network. That worm can actually spew 100GB of network traffic into the network, which can be devastating and cause the system to crash. Rate limiting keeps traffic from exceeding a predefined amount. In the worm example, increased traffic would violate network standards and be dropped, avoiding crises and costly crashes.
Finally, quality of service (QoS) or traffic prioritization can be used to enhance security on the network. If a system is hacked or has worms or viruses, the attack could theoretically overwhelm the network with traffic and disable critical network functions. This can be prevented on the network side by enabling QoS, sometimes called a queuing mechanism, to prioritize one type of traffic over another. For example, it can ensure that network availability is prioritized for voice traffic and certain critical application traffic while stripping everything else out. In essence, QoS defeats the worm by ensuring that critical traffic continues to pass through.
When it comes to cyberattacks, companies have to ask, “When will it happen?” rather than “Will it happen?” Statistics for 2021 show that every 39 seconds a company becomes the victim of a cyber attack. Repelling attacks and limiting their damage requires more than basic security. Putting in place protections that most companies don’t think about can be a step in keeping your company safe.
. . . comment & than!