Enterprise Network Security
In a Nutshell - CIW Course Section 1, Part C, Chapter 9
Overview
When communicating and conducting business over long distances, ensuring privacy and determining the true identity of the person with whom you are communicating can be difficult. This chapter will look at authentication, encryption and firewalls when attempting to validate the identity of a communication partner.
Authentication
Authentication is the ability to determine the true identity of a user. To communicate effectively, users in enterprise networks must ensure that they are actually communicating with the person they want to address. However, IP spoofing, falsified e-mail, social engineering, and other techniques all intervene to defeat the authentication process.
Networks can employ three methods to achieve authentication. You can prove your identity by:
- What you know - this, generally, involves the use of passwords. However, if you give your password to someone else, or allow your password to become known to someone else, then that person can use the password to gain access to the computer as you.
- What you have - this method requires that you have some physical item of proof, such as a key or a swipe card. Again however, if the key or the card were to fall into the wrong hands, security is compromised.
- Who you are - this is a more advanced method and uses biometric means such as fingerprint, retinal scans or voice analysis to identify you uniquely.
No one method is entirely fool-proof so it is usual to combine two or more methods to try and prevent any breach of security.
Encryption
Encryption is the primary means to ensure privacy across the enterprise. This technique is often used to assist authentication efforts, as well. There are, currently, three encryption models:
- Symmetric Key Encryption - In symmetric key, or single key, encryption, one key is used to encrypt and decrypt messages. Even though single key encryption is a simple process, all parties must know and trust one another completely, and have confidential copies of the key.
- Asymmetric Key Encryption - Asymmetric key encryption uses a key pair in the encryption process. A key pair is a mathematically matched key set in which one key encrypts and one key decrypts. Although source and destination have different keys, messages can be encrypted/decrypted in either direction. This type of key is also known as a public key.
- One-way Key Encryption - Also known as hash encryption. This is used to encrypt information and produce a hash code. The information may not be decrypted, but the hash code can be verified to prove the information valid.
Applied Encryption
Applied Encryption is simply using the above methods in combination.
There are many other aspects to encryption including: network level protocol, VPNs, Kerberos, One-time passwords, SSL and certificates. But, if you want to learn about these, you will need to do the course.
Firewalls
A Firewall is a secure computer system placed between a trusted network and an untrusted one, such as the Internet. On one side of the firewall is your company's production network, which you supervise, the other side faces a public network, over which you have no control.
What can a Firewall do?
A firewall controls access to your network. It can also create secure intranet domains. Furthermore, it is the primary means of enforcing your security policy, greatly simplifying the tasks of determining threats and using countermeasures. A firewall can further enhance privacy by "hiding" your internal systems and information from the public.
Firewall Functions
Firewalls allow users from a protected network to access a public network while, simultaneously, making selected products and services, of the protected company, available to the public.
Potential functions of a firewall include:
- Filtering packets
- Serving as a circuit-level or application-level gateway
- Detecting intrusions
- Providing enhance password authentication
- Logging and reporting
- Taking evasive actions
- Permitting encrypted access (with VPN)