The security of any network should be taken seriously. A network allows someone to share resources and information with others on the network. Networks allow for distribution of computer viruses, Trojans, human intruders, and employees can damage more than just one computer. To better understand the importance of network security, one needs to think of what might happen if all the data for a company that is stored in their servers vanishes. This scenario would cause losses that the company might never recover. Networks are divided into three main categories Internetwork (internet), Wide Area Networks (WAN) and Local Area Networks (LAN). These three categories of network require security to ensure that no malicious humans gain access, and no viruses attack the network.
To better understand network security, one needs to know what a network is. A network is defined by Hu, Myers, Colizza, Vespignani, and Parisi (2009)
as a grouping of computers and other hardware which are interconnected using communication channels allowing for information and resource sharing. Network security involves protecting a network from any unauthorized access. Preventive measures are undertaken to ensure the security of any network. There are also intrusion detection systems which detect and inform the network administrator of any attempts to break into the network.
Network security can also be defined as the provisions put in place by the network administrator to secure the computer network. There are also policies that can be adopted to ensure no unauthorized access to the network. These policies include username and password requirement before one can gain access to the network, antivirus software to protect against virus attacks, intrusion detection systems to monitor the network and report of any attempted intrusion Schonlau et al. (2001)
, and physical security to protect against theft of servers and network peripherals. With the continual advancement in technology, hackers are inventing new ways of attacking computer network. Therefore, the network administrator will need to keep up with these changes and ensure that their network is protected fully form any kind of attacks.
Once a user is authorized to access a network, they need to be monitored to ensure they do not access files they are not authorized. To ensure this, every network requires a firewall which contains access privileges for every user, thus ensuring that a person does not access files or services they are not authorized to access. The firewall and security measures put in place will ensure there will be no unauthorized access to the network, but if the users who have access to the network are not properly educated this measures will not work. The users need to be taught on the need to keep their passwords safe, need to not share their access credentials with any other person, and not allowing unauthorized users to access their computer network. This training will ensure that the measures undertaken are successful.
WEP security protocol
WEP is the acronym for Wired Equivalent Privacy which is the original security standard for wireless networking. It was intended to provide confidentiality for data just like in the traditional wired network. WEP is recognized by its 10 or 26 hexadecimal digit. It is still widely used, and it is the first choice for security that is presented for router configuration. This security protocol is used for safeguarding wireless computer networks from unauthorized access. WEP provides a security system that is widely supported on the network, and this makes it easy to setup for a home network. Though, it has been proven that it is easily hacked this security protocol is better than not having one at all.
WEP protocol protects data using encryption during transmission. The data packets been sent are encrypted using either a 64-bit, 128-bit, or 256-bit encryption key. Encryption of data protects the wireless links between access points and clients. The encryption key has an initialization vector which is combined into the key for the creation of the final key. The initialization vector is used for the provision of an identifying cipher which allows the encrypted data to be decrypted when it reaches the destination. WEP 64-bit uses a 40-bit encryption key. This key is easy to crack because of its length. WEP 128-bit makes use of a 104-bit encryption key.
Because of the major security flaws identified in the WEP protocol, and the ease with which hackers can manage to crack the encryption key, it is not advisable to use this security protocol for the protecting a network. WEP protocol has been deprecated and replaced with newer protocols like WPA2 and WPA.
WPA and WPA2 security protocols
WPA which stands for, Wi-Fi Protected Access, is a security protocol for wireless networks developed to overcome the flaws of WEP protocol. WPA was initially intended to be an immediate measure while development of WPA 2 was underway. This protocol employed TKIP (Temporal Key Integrity Protocol), which uses a different key for each packet transmitted. This means that TKIP dynamically generates a 128-bit encryption key for every packet transmitted, thus preventing the kind of attacks which compromised the WEP protocolRao & Parikh, 2003.
There is also an integrity check message that is included in WPA. This message prevents an attacker from altering, capturing, or resending their own data packets.
There have been flaws discovered in the WPA protocol. These flaws mostly affect short packets that have known contents. This flaw does not allow for the encryption key to be discovered or recovered, but the hackers can get a keystream which they can use to encrypt certain packets. The keystream can be used seven times to inject data to an identical packet length.
WPA2 was introduced to overcome the TKIP security flaw of WPA. WPA2 uses the CCMP (Counter Cipher Mode Protocol) which is a new encryption protocol developed specifically for Wireless LAN. This new standard is much more secure than WEP and WPA TKIP protocol. CCMP ensure that there is more data confidentiality, better authentication, and control of user access.
According to Krishna and Victoire (2011)
a firewall assists in securing a network from external and unauthorized attacks. It can either be hardware-based of software-based. The primary objective of any firewall is controlling the outgoing and incoming network traffic. It controls by analyzing all the data packets and determines if they should pass in to the network or out of the network, by using some predetermined set of rules. The firewall of a network is installed as a bridge between the external insecure network, and the internal secure network. The operating systems for many computers come with a software-based firewall, which protects the computer against attacks from the internet. Routers also come with software-based firewall components. Majority of firewalls have the capability to perform some basic routing functions.
A firewall allows a computer network to be protected from external attacks. The computer network will be accessing the internet using one main computer which has the firewall installed. This computer performs the processing of data received from the internet and checks it to determine if it meets the set rules. The firewall will also perform the following services proxy services, packet filtering, and stateful inspection.
The proxy service retrieves and sends information from the internet, and transmits this information to the requesting system. Packet filtering analyses all packets been sent and received within the network to ensure they meet the predetermined set of rules before been forwarded to the requesting system. Packets that do not meet the set criteria are discarded. Stateful inspection checks some key parts against a trusted information database, if the packets meet a reasonable match they are allowed to pass through.
The security of any network should ensure that an attacker would require considerable time to attack the network, and they…