8.20 Networks Security

Networks and network devices should be secured, managed and controlled to protect information in systems and applications.

Network security in information security refers to the set of practices and technologies that are used to protect a network and the information that is transmitted over it from unauthorised access, misuse, and disruption.

This can include the use of various tools and technologies such as:

• Firewalls: A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules and policies.
• Virtual Private Networks (VPNs): A VPN is a secure, encrypted connection between two devices, allowing them to connect over an insecure network, such as the internet.
• Intrusion Detection and Prevention Systems (IDPS): An IDPS is a system that monitors network traffic and uses rules, signatures, and other techniques to detect and block malicious activity.
• Access control: Access control mechanisms are used to restrict access to network resources based on user identity, role, or other attributes.
• Encryption: Encryption is converting plaintext data into an unreadable format to protect it from unauthorised access or disclosure.
• Network segmentation: Network segmentation is a technique that involves separating different parts of a network into different subnets, in order to limit the scope of a security incident.
• Network monitoring: Network monitoring is the process of monitoring network activity and performance, in order to detect and respond to security incidents, and to ensure that the network is functioning properly.
• Network security management: Network security management is the process of managing, monitoring, and securing a network and its resources.
It's important to note that network security is an ongoing process, and the security measures need to be regularly reviewed, updated, and tested to ensure that they are effectively protecting the network and its resources.