¶ … Network Security Administrator, Approach Problem Securing a Central
I would utilize a number of security measures to adequately secure a central computer network that is accessed by other branches and staff from remote physical location. The vast majority tends to work in conjunction with one another, and should not deny access to authorized users.
For all of the computers that are present in the primary, physical location in which the network is based out of, I would employ encryption measures. This sort of encryption is similar to that used by cellular devices (whether in the form of tablets or phones), which enables users to reduce the threat of unauthorized users from accessing their devices or the data within them (Stafford, 2010). However, it is worth noting that encryption would not be used on the computing devices in the network that are outside of this primary physical location.
One of the primary layers of defense that I would provide for the network as well would come in the form of routers -- perhaps even wireless ones in suitable locations such as in a company building where the majority of the employees were part of this computer network. The ultimate boon of these routers is that they are able to engage in packet inspection (Merkow and Breithaupt, 2006, p. 269). Packet inspection is a fundamental component of security, because it enables the analysis of packets of incoming data -- some of which may be potentially threatening -- and generally examines both its contents and its header. The sort of packet inspection conducted by routers would operate as a good entry level defense for the entire network.
However, as anyone familiar with the conventional packet inspection is aware of, it is fairly brief and does not provide substantial inspection against sleeper cells and other forms of data that can present noxious results to a computer network after a significant amount of time. In fact, most point solutions that are accessible via conventional security appliances only retain data for a matter of minutes before either accepting it or denying it, and never analyze it again after that for long-term threats. That is why ultimately, I would seek to augment the aforementioned security measures with deep-packet inspection technology. Many security appliances are beginning to offer deep packet inspection, in which a probe (typically in the form of hardware although it can come in a software version as well) sits on the network and allows for a quantities of data inspection that are substantially greater than that offered by point solutions. This sort of deep packet inspection analyzes both incoming and outgoing data to maximize security.
Even better, if one collects this sort of deep packet inspection data via the means of big data technologies (the most readily accessible one is Hadoop) data can be stored for long periods of time. Instead of simply having to discard security data after five minutes, this security organization can now store it for two to three months at a time to analyze more profound, long-term patterns of threats. Hadoop is open source and very inexpensive; it's also extremely scalable to store large quantities of data, and even has its own analytics tools (Williams, 2013) to minimize costs.
You’re 87% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.