Network Security

Zulfiqar Ali
 Course Contents
• Pre-Requisite: Introduction to Cyber Security
• Contents:
• Introduction to network security, Networking Concepts and Protocols,
Network Threats and Vulnerabilities, Network Security Planning and Policy,
Access Control, Defense against Network Attacks, DOS and DDOS detection
and prevention, Firewalls, Intrusion Detection and Prevention Systems,
Antivirus Filtering, Naming and DNS Security, DNSSEC, IP security, Secure
Sockets Layer, VPN, Packet Sniffing and spoofing, Honeypot, Ethernet
Security, Wireless Security, Wireless Attacks, Wireless LAN Security with
802.11i, Wireless Security Protocols, Wireless Intrusion Detection, Physical
access and Security, Tor Network, Network Forensics. Defense against
Network Attacks.
Course Learning Outcomes
• CLO-1 To be able to understand network security threats and
methods for security networks C2 (Understand)

• CLO-2 To be able to secure wired networks by deploying various

methods C3 (Apply)

• CLO-3 To be able to secure wireless networks by deploying various

methods C3 (Apply)
Teaching Methodology
• Teaching Methodologies
• Lectures, Assessments, Presentations, Course Project

• Course Assessment
• Quizzes, Assignments, Mid Exam, Project, Presentations, Final Exam
Recommended Books
1. Network Security Assessment: Know Your Network by Chris McNab,
3rd Edition or latest.

2. Corporate Computer Security, by Randall J. Boyle, 3th Edition

3. Bulletproof Wireless Security by Praphul Chandra
4. Network Security Essentials: Applications and Standards by William
Stallings, 3rd Edition or Latest
5. Cryptography and Network Security Principles and Practices by
William Stallings, Latest Edition
What is Network Security?
• Any action intended to safeguard the integrity and usefulness of your
data and network is known as network security. In other words,
Network security is defined as the activity created to protect the
integrity of your network and data.
• Network security is the practice of protecting a computer network
from unauthorized access, misuse, or attacks. It involves using tools,
technologies, and policies to ensure that data traveling over the
network is safe and secure, keeping sensitive information away from
hackers and other threats.
How does network security can done?
• Network security uses several layers of protection, both at the
edge of the network and within it. Each layer has rules and
controls that determine who can access network resources.
People who are allowed access can use the network safely, but
those who try to harm it with attacks or other threats are
stopped from doing so.
• The basic principle of network security is protecting huge stored
data and networks in layers that ensure the bedding of rules
and regulations that have to be acknowledged before
performing any activity on the data. These levels are:s
More on Network Security
• Networking security is closely related to cybersecurity and
information security. Cybersecurity guards against digital threats.
InfoSec focuses on data protection. Both feed into protecting a single
computer connected to the network infrastructure against outside
threats.
• Network security matters because data and apps need
protection. Businesses depend on reliable access to workloads
and databases. However, they must secure confidential data
from external observers via information security techniques. A
well-thought-out security strategy balances access and
protection while also meeting compliance goals.
Levels of Network Security are
• Physical Network Security: This is the most basic level that includes
protecting the data and network through unauthorized personnel from
acquiring control over the confidentiality of the network. The same can be
achieved by using devices like biometric systems.
• Technical Network Security: It primarily focuses on protecting the data
stored in the network or data involved in transitions through the network.
This type serves two purposes. One is protected from unauthorized users,
and the other is protected from malicious activities.
• Administrative Network Security: This level of network security
protects user behavior like how the permission has been granted and
how the authorization process takes place. This also ensures the level
of sophistication the network might need for protecting it through all
the attacks. This level also suggests necessary amendments that have
to be done to the infrastructure.
Physical controls Technical controls Administrative controls

Manage user behavior through

Secure physical devices with Safeguard data flow within the
Identity and Access Management
multiple credentials for access computer network
systems

Protect data on network devices,

Locks and access controls protect Define user privileges with
including servers and
servers and data storage devices security policies
workstations

Onboard new employees and

Enhance security with cameras Cover both locally connected and
remove obsolete accounts to
and biometric scanners remote working devices
prevent credential theft

Ensure security without

Provide staff training to address
compromising network
security challenges
performance
Types of Network Security
• Firewalls • Cloud security
• Workload security • Web security
• Network security • Wireless security
• Access control
• Anti-virus and anti-malware
software
• Application security
• Behavioral analytics
Firewalls
• A firewall is a network security device that monitors incoming and
outgoing network traffic and decides whether to allow or block
specific traffic based on a defined set of security rules.
• Next-Generation Firewall (NGFW) is a modern iteration that goes
beyond traditional solutions, incorporating deeper packet inspection
for more robust protection. NGFWs often package many essential
network security capabilities into one comprehensive offering,
including intrusion prevention, antivirus and file sandboxing, web and
DNS filtering, and more.
Workload security
• Workload security protects workloads moving across different cloud
and hybrid environments. These distributed workloads have larger
attack surfaces, which must be secured without affecting the agility of
the business.
Access control
• Not every user should have access to your network. To keep out
potential attackers, you need to recognize each user and each device.
Then you can enforce your security policies. You can block
noncompliant endpoint devices or give them only limited access. This
process is network access control (NAC).
Anti-virus and anti-malware software

• Malware," short for "malicious software," includes viruses, worms,

Trojans, ransomware, and spyware. Sometimes malware will infect a
network but lie dormant for days or even weeks. The best
antimalware programs not only scan for malware upon entry, but also
continuously track files afterward to find anomalies, remove malware,
and fix damage.
Application security
• Any software you use to run your business needs to be protected,
whether your IT staff builds it or whether you buy it. Unfortunately,
any application may contain holes, or vulnerabilities, that attackers
can use to infiltrate your network. Application security encompasses
the hardware, software, and processes you use to close those holes.
Behavioral analytics
• To detect abnormal network behavior, you must know what normal
behavior looks like. Behavioral analytics tools automatically discern
activities that deviate from the norm. Your security team can then
better identify indicators of compromise that pose a potential
problem and quickly remediate threats.
• Behavior analytics analyzes large data sets using artificial
intelligence (AI) and machine learning (ML) techniques. It allows
you to identify unusual patterns that deviate from regular
patterns or usage that indicate malicious activities that could
potentially stem from cyber attackers.
How behavior analytics works
• Step 1. Data collection & transformation
• Step 2. Data analysis
• Step 3. Alerting and remediation
• Continuous learning
Cloud security
• Cloud security is a broad set of technologies, policies, and
applications applied to defend online IP, services, applications, and
other imperative data. It helps you better manage your security by
shielding users against threats anywhere they access the internet and
securing your data and applications in the cloud.
Web security
• A web security solution will control your staff's web use, block web-
based threats, and deny access to malicious websites. It will protect
your web gateway on site or in the cloud. "Web security" also refers
to the steps you take to protect your own website.
Wireless security
• Wireless networks are not as secure as wired ones. Without stringent
security measures, installing a wireless LAN can be like putting
Ethernet ports everywhere, including the parking lot. To prevent an
exploit from taking hold, you need products specifically designed to
protect a wireless network.