Protecting the network security of your business is a complex matter.
by Dale Smith
Most people are aware that intruders must be stopped from getting into your network. One of the primary methods for securing your network is your network firewall. Much like a building’s firewall stops a fire in your neighbor’s suite from crossing over into your office, a network firewall stops intruders from crossing over into your local network of computers. Unfortunately not all firewalls are created equal. Below are five factors to consider when implementing inbound network security.
Inbound Network Security
You might think, “Why not have the firewall block all incoming connections?” For some offices, this is an appropriate network security strategy. But for many, incoming traffic is important and even vital to your operation. Email and remote access are two important application services found in many offices. Many other application services are often required. When you provide access to your network services from the Internet, you increase the possibility that intruders will gain access to your network resources, putting network security at risk.
Factor 1 – Application Service Ports
The first thing to do to maintain network security is to limit what type of application services to make available over the Internet. Each of the application services that you want to make available from the Internet (think email, remote access, security cameras, etc.) has a specific way of being accessed. We call these access points ports. A port identifies certain locations and services on your network. You want to make sure that access to your network is limited to only those ports that need to be shared. This is your first opportunity for network security.
Factor 2 – Application Service Port Restrictions
While you may want to make application services available you may not want or need to make them available to the whole world. To properly achieve network security you will want to limit access to only those people or organizations that need access to your application services. For example you may want to limit email traffic to only your hosted email security provider, otherwise spammers could bypass your network security and deliver messages right to your email server. You might have a consultant whose access you restrict to only from his office. Restrict access to your application services to make your network more secure.
Factor 3 – Strong Passwords for Application Services
For those application services that need access from anyone or anyplace it becomes vital to provide strong passwords for the application services being accessed to insure network security. For example, you may have sales people that need access from many different locations. Strong passwords are defined as those using a combination of upper and lower case letters, numbers and punctuation symbols. Passwords should also be 7 or 8 characters in length and ideally change periodically and not be repeated for some period of time. Passwords should not contain your name or your company’s name.
One often overlooked password issue is making sure that your application service does not use default credentials like admin/admin or admin/password. It is not uncommon to see great usernames and passwords only to have your system compromised because no one changed the default administrator password created when the application was installed. Network security often fails at the small things.
Factor 4 – Intrusion Protection
Modern firewalls also have new advanced features to help maintain network security by thwarting unwanted intruder access. Intrusion protection schemes are one such method. The firewall keeps a list of the different methods intruders use to gain access to networks. When the firewall sees one of these methods attempted, it stops all traffic from the offending computer, stopping the intrusion immediately. The firewall constantly gets updated with new intrusion methods to defend against.
Factor 5 – New Advanced Filtering
Another firewall feature used to maintain network security is Geo IP filtering. Geo IP filtering allows you to limit access to your firewall from only certain countries. The firewall knows the IP address ranges for all countries. This allows you to restrict (filter) access from countries that you might not consider safe and you know do not need to access your application services.
A similar network security feature is BotNet filtering. A BotNet is a collection of compromised computers that have been connected together for unsavory purposes. The firewall keeps track of known BotNets and prevents connections from those computers in a BotNet helping to provide greater network security.
These are the basic elements of network security necessary to keep your local network safe from intruders attempting to gain inbound access. This is a good start but there is much more that needs to be done. Our next article will deal with network security protection from what goes out of your network.