As networks grow and technology advances, so does the cyber threats landscape. Every hour a new threat emerges, and cybersecurity companies are battling to mitigate and prevent such malicious attacks from invading our computers and networks. This has been a challenge for all, from the evolution of a simple batch virus script to Advanced Persistent Threats (APTs). Cisco has created a certification that allows you to begin your career in network security, the Cisco Certified Network Associate (CCNA) security designation.
This certification focuses on understanding threats to secure your network using Cisco routers and switches and even configuring and setting up the Cisco Adaptive Security Appliance (ASA). After completion, you'll be able to function as a network security engineer and mitigate and prevent such threats from entering your network. This chapter covers the basic principles of implementing network security in an enterprise network.
Security is very important and if no proper security principles are followed, it will lead to financial risks, legal risks, and negative public relations implications. In some cases, the overall business may be placed at risk due to the noncompliance of security policies. The security of an enterprise network can be viewed from different perspectives. For a management team, the network is a tool that enables the business goals of the company. For end users, a network is just a tool for them to complete their job. Unfortunately, if an end user or a management team is not maintaining their data safely, it may lead to several vulnerabilities and security threats. If the hacker compromises and gains access to the data and applications, the security component of the network fails.
The following topics are the three basic concepts of network security:
- Confidentiality: The privacy of the data in the network. The data on the network should be protected from unauthorized users and they should not access the data by any means. The data can be protected by encrypting it.
- Integrity: The changes made to the data should only be made by the authorized users. If the data in transit is corrupted, it leads to a failure of integrity and a loss of revenue.
- Availability: A network, or data, should be available to its authorized users. The term availability refers to the provision of services that are dependent on networks, systems, and data. Any impact on the availability of the data leads to heavy loss of business and revenue.
The following diagram illustrates the working mechanism of the network security concept better known as the CIA triad:
After completing this chapter, you will:
- Understand the basics of network security
- Understand the different security terminologies
- Understand different types of attack
- Understand the different types of security tools