Providing security strategies that cover all parts of complicated network is difficult task in network design. IT Security design is highly challenged by the complex modern networks that include a corporate network with internet and extranet access, VPN networks, public web servers for e-commerce, intranet applications, and remote-access services for users reaching the network from remote / mobility.
ajnaa approaches the designing requirements in a systematic way
Following steps explains detail plan & steps to achieve security strategies:
· Understand existing network architecture
· Understand tactical and strategic business needs in terms of IT growth
· Identify vulnerabilities in various network assets.
· Analyse security risks resulting into business risks.
· Create a customized security plan.
· Design security solutions comprising of products and processes
· Implement designed solutions
· Developing plan of technical implementation.
· Perform tests and impart training to customer's staff
· Provide documentation as applicable
· Act as a single point of contact for ongoing security needs.
There are various security mechanisms:
A firewall is an important network perimeter device. It isolates external and internal networks and provides a way to set rules and policies to allow/disallow network traffic.
Encryption is the process of encoding information in such a way that attackers or hackers cannot read it, but authorized party can easily read or access. data confidentiality is important feature of. Due to this we can also identify sender of data.
Physical security protects your network from natural and human-made disasters. It can also protect the network from hackers, terrorists and changing equipment configurations. It also protects resources from natural disasters such as fires, floods storms, and earthquakes.
Packet filters can be set up on routers, servers, and firewalls to allow or disallow packets from particular addresses or services. Packet filters protect network resources from unauthorized use, theft, destruction, and DDoS attacks.
Intrusion Detection and Prevention Systems
An intrusion detection system (IDS) finds malicious events and give notification to administrator, using email, paging, or logging of the occurrence. Some IDS devices give information to a central database that correlates information from multiple sensors to give an administrator an overall view of the real-time security of a network.