Network Security

Network security risk factors

Unrequested traffic arriving from the Internet

Extremely common, the amount varies but an average tens of attempts per minute is quite common

Storage devices brought into the network

Still a common work practice in many businesses. Many kinds of threat can, for example, be copied or run from a USB stick

Traffic requested from the Internet

All inbound traffic is potentially hostile

Rogue users

Uncommon, but a very high risk, they can carry out many kinds of harmful activities given the opportunity

Manipulation of users

Attempts are very common and can be sophisticated, malicious web links in email and SMS for example still catch out the unwary

Compute devices brought into the network

For example, smartphones could have been compromised elsewhere and start malicious activity when connected

Autonomous devices within the network

This can be high risk because their activity will not be noticed unless their traffic is actively monitored. This is especially true for autonomous devices that do not run security software and do not get security updates

Network security mitigations

Internet gateway security

Internet gateways should be unified threat management devices, firewall only Internet gateways miss a critical opportunity to improve security

Network edge security

Security software running on devices at the edge of the network, such as anti-virus software running on a desktop computer, is diverse and in common use. Their most important limitation is that the threat must arrive at the edge device before this kind of security can be effective. For that reason, they should be considered the last line of defence

Intra-network security

This is provided by security devices within the network.
Intra-network security is much less common, but a very important opportunity to control threats within the network.
Below are some advantages of intra-network security

Effective early

Threats can be intercepted before they reach devices that might be compromised

Effective for all networked devices

Some network connected devices do not or cannot run security software; intra-network security is essential to prevent cybersecurity threats from reaching them and compromises spreading from them, particularly if they do not get security updates for their software

Extra security checks

Intra-network security adds extra kinds of check to increase the chance of intercepting cybersecurity threats for those devices that already perform their own checks

Better threat visibility

More network traffic is visible to intra-network devices, giving them a better chance to block more threats

Device isolation

Devices and groups of devices can be isolated within a network to minimise the risk of compromises spreading

Self-secure

Dedicated intra-network security devices only run security software, so they are considerably less likely to be compromised than multi-purpose devices, especially user devices