‫إقليم كوردستان‬ ‫هەرێمی کوردستان‬

‫_العراق‬ ‫_عێراق‬
‫الجامعة العالمية‬ ‫زانکۆی جیهان‬
‫كلية العلوم‬ ‫کۆلێژی زانست‬
‫قسم علوم الحاسوب‬ ‫بەشی زانستی‬

KURDISTAN REGION _IRAQ

CIHAN UNIVERSITY
COLLEGE OF SCIENCE
DEPARMENT OF COMPUTER SCIENCE

Network security

Prepared by Supervised by:

Iman karim hassan Lecuter dr.reem

1
Table of content

1………………………………….introduction network security..pg3

2………………………………….network types ……………………..pg4

3………………………………….network security…………………..
………………………How does network security work?.......

………………………How do i benefit from network security?..pg5

4………………………………….types of network security…………..pg6,7,8

5………………………………….trusted network ………………………..pg9

6………………………………….Authorization……………………………..pg10

2
Introduction network security

Network security refers to the technologies, policies, people, and procedures that defend any
communication infrastructure from cyberattacks, unauthorized access, and data loss. In
addition to the network itself, they also secure traffic and network-accessible assets at both the
network edge and inside the perimeter.What is a network?

Networks are collections of devices and applications. When linked together, these assets serve
core business functions. Network managers can place devices on different network segments,
while they may also be geographically distant. But they are all part of the same workstations,
servers, switches, and SaaS gateways community.

3
What are the main network types?

Networks come in a variety of types. Security measures required vary depending on network
configurations. Common variants include:

LAN – Local Area Networks or intranets are small community devices connected via one or
more routing nodes. Router tools handle all network traffic and may also include internet
interface modems. LAN networks can include many different devices. A LAN could feature
computers, smartphones, printers, IoT devices, televisions, and gaming consoles. Routers assign
IP addresses to all devices, which identify them on the network.

WAN – Wide Area Networks are more common in modern business. They constitute
collections of LANs and cover wide geographical areas. For instance, companies with several
branches will usually connect them via WAN technology. The internet itself is defined as a
WAN. Every ISP is also technically a WAN.

SD-WAN – Software-defined Wide area networks are laid over WAN networks. Agents on
connected devices link users to network resources. Managers can control access via secure
gateways, and SD-WAN allows in-depth traffic monitoring. Companies also tend to use SD-WAN
to secure cloud assets effectively.

4
Network security
NetWORK security is Cisco's vision for simplifying network, workload, and multicloud security
by delivering unified security controls to dynamic environments.

How does network security work?

Network security combines multiple layers of defenses at the edge and in the network. Each
network security layer implements policies and controls. Authorized users gain access to
network resources, but malicious actors are blocked from carrying out exploits and threats

How do I benefit from network security?

Digitization has transformed our world. How we live, work, play, and learn have all changed.
Every organization that wants to deliver the services that customers and employees demand
must protect its network. Network security also helps you protect proprietary information from
attack. Ultimately it protects your reputation.

5
Types of network security

1-Firewalls
A firewall is a network security device that monitors incoming and outgoing network traffic and
decides whether to allow or block specific traffic based on a defined set of security rules. Cisco
offers both threat-focused firewalls and unified threat mangment (UTM) devices

2-Workload security
Workload security protects workloads moving across different cloud and hybrid environments.
These distributed workloads have larger attack surfaces, which must be secured without
affecting the agility of the business.

3-NetWORK security
NetWORK security is Cisco's vision for simplifying network, workload, and multicloud security
by delivering unified security controls to dynamic environments.

6
4-Network segmentation
Software-defined segmentation puts network traffic into different classifications and
makes enforcing security policie easier. Ideally, the classifications are based on endpoint
identity, not mere IP addresses. You can assign access rights based on role, location, and more
so that the right level of access is given to the right people and suspicious devices are contained
and remediated.

5-VPN
A virtual private network encrypts the connection from an endpoint to a network, often over
the internet. Typically, a remote-access VPN uses IPsec or Secure Sockets Layer to authenticate
the communication between device and network.

6-Application security
Any software you use to run your business needs to be protected, whether your IT staff builds it
or whether you buy it. Unfortunately, any application may contain holes, or vulnerabilities, that
attackers can use to infiltrate your network. Application security encompasses the hardware,
software, and processes you use to close those holes.

7
7-Behavioral analytics

To detect abnormal network behavior, you must know what normal behavior looks like.
Behavioral analytics tools automatically discern activities that deviate from the norm. Your
security team can then better identify indicators of compromise that pose a potential problem
and quickly remediate threats

8-Mobile device security

Cybercriminals are increasingly targeting mobile devices and apps. Within the next three years,
90 percent of IT organizations may support corporate applications on personal mobile devices.
Of course, you need to control which devices can access your network. You will also need to
configure their connections to keep network traffic private.

9-Security information and event management

SIEM products pull together the information that your security staff needs to identify and
respond to threats. These products come in various forms, including physical and virtual
appliances and server software.

10-Web security

A web security solution will control your staff's web use, block web-based threats, and deny
access to malicious websites. It will protect your web gateway on site or in the cloud. "Web
security" also refers to the steps you take to protect your own website.

8
Trusted Network
• Standard defensive-oriented technologies
Firewall
Intrusion Detection
Build TRUST on top of the TCP/IP infrastructure
Strong authentication
Public Key Infrastructure (PKI)

Strong Authentication
An absolute requirement
Two-factor authentication
Passwords (something you know)
Tokens (something you have)
Examples:
Passwords
Tokens
Tickets
Restricted access
PINs
Biometrics
Certificates

9
Authorization
Defines the user's rights and permissions on a system
Typically done after user has been authenticated
Grants a user access to a particular resource and what actions he is permitted to perform on
that resource
Access criteria based on the level of trust:
Roles
Groups
Location
Time
Transaction type

10
Refrences

Cisco site
Nordlayer site

11