• Svg Vector Icons : http://www.onlinewebfonts.com/icon Return to Glossary

    What is network security??

    Network security is a set of technologies that protects the usability and integrity of a company’s infrastructure by preventing?the?entry or proliferation within a network of a wide variety of potential threats.??

    A network security architecture is composed of tools that protect the network itself and the applications that run over it. Effective network security strategies employ multiple lines of defense that are scalable and automated.?Each defensive layer enforces a set of security policies determined by the administrator.?

    Learn The challenges in using traditional perimeter firewalls to secure east-west network traffic

    Download Now

    Why network security???

    In today’s hyper-connected world, network security presents a greater challenge as more business applications move to private and?public clouds. Moreover, the applications themselves now tend to be virtualized and distributed across many locations, some of which are outside the physical control of IT security teams. With the number of attacks on companies climbing ever higher, protecting network?traffic?and infrastructure is critical.?

    How does network security works??

    The elements of a complete, multilayered security architecture that implements network security across an organization fall into two general categories: access control and threat control.?

    Access Control??

    Network security starts with access control. If bad actors gain access to a network, they can surveil traffic and map infrastructure. Once they have mapped infrastructure and applications, they can launch a DDoS attack or insert malware. Access control restricts the movement of bad actors throughout the network.?

    Threat Control??

    Even with access control in place, problems can arise. For instance, a bad actor may?compromise an employee’s credentials?to gain entry.?Thus?the need for threat control, which operates on traffic that is already permitted. Threat control prevents the actions of bad actors from doing damage within the network.?

    Threat control technologies begin with the firewall and load balancer. These devices protect the network from DoS/DDoS attacks. Next, IDS/IPS counters known attacks traveling through the network. Finally, unknown malware objects traveling through the network are captured with sandbox technologies, while anomalies in network traffic that may be symptoms of a threat are caught with NTA/NDR.?

    What are the key tools of network security??

    A multi-layered approach to network security implements controls at numerous points within a network to provide comprehensive access control and threat control.??

    • Firewall :?A firewall establishes a barrier between the trusted and the untrusted areas of a network. Thus, a firewall performs access control and macro-segmentation based on IP subnets. The same firewall may also perform more granular segmentation, known as micro-segmentation.?
    • Load Balancer?: ?A load balancer distributes load based on metrics. By implementing specific mitigation techniques, a load balancer can go beyond traditional load balancing to provide the capability to absorb certain attacks, such as a volumetric DDoS attack.?
    • IDS/IPS ?:?The classic IDS/IPS is deployed behind a firewall and provides protocol analysis and signature matching on various parts of a data packet. Protocol?analysis?is a compliance check against the publicly declared specification of the protocol. Signature matching prevents known attacks such as an SQL injection.??
    • Sandbox : ?A sandbox is?similar to?an IDS/IPS, except that it does not rely on signatures. A sandbox can emulate an end-system environment and determine if a malware object is trying, for example, to execute port scans.??
    • NTA/NDR ?:?NTA/NDR looks directly at traffic (or traffic records such as NetFlow) and uses machine learning algorithms and statistical techniques to evaluate anomalies and determine if a threat is present. First, NTA/NDR tries to determine a baseline. With a baseline?in place, it identifies anomalies such as traffic spikes or intermittent communication.?

    Benefits of network security?

    Network security is key to an organization’s ability to deliver products and services to customers and employees. From online?stores?to?enterprise applications?to remote desktops, protecting apps and data on the network is essential to advancing the business, to say nothing of protecting an organization’s reputation. In addition, effective network security can improve network performance by eliminating downtime due to successful attacks.??

    Related Topics
    Internal Firewall?
    Network Infrastructure Security?
    Network Monitoring
    Kubernetes Security
    Virtualized Security
    Virtual Networking
    Next-Generation Firewall

    VMware Network Security related resources, products, and solutions