During the beginning of
attending the course network security concepts, I truly did not know what to
expect. Honestly, if I would have
guessed it would have been specifically about configuring routers and firewalls
to secure a network. Overall, I was
partially correct, but wrong at the same time.
Considering network security does consist of configuring routers and
firewalls, but there is much more to it than that. For example, a few things to take into
consideration when securing a network are, patches, software, routers,
firewalls, and much more.
The first place to start
when securing a network is during the equipment installation. When setting up your network the main piece
of equipment that needs to be configured is your gateway or router. When the Internet Service Provider (ISP)
stops by to setup the system everything is automatically set to default which
is extremely unsecure. As the network
administrator, you need to harden the system by changing the credentials,
hiding the SSID, setting WPA2, disabling WPS, and setting up other security
precautions within the settings, depending on your network.
The next cause for
concern is your servers and workstations throughout the network. Many pieces will need to be configured and
setup during the process of securing your network. For instance, selecting the correct
anti-virus software and management tools.
The easiest to setup would be to use the windows based security system,
which includes the windows firewall and defender to ensure you are protected
from known threats.
The next to check is the
policies that are in place to ensure users do not have full access to
everything by setting up user and group policies. This would be followed by setting file
permissions so if the user does manage to login as another they still would not
have access to key content. Another
possibility to consider is setting windows updates to run in a timely manner,
as if it is not updating properly that leaves possible gaps in your
security. Also, check all services that
are running the background and disable any that are not being used. Last but not least, remove any and all
unnecessary registry keys as they can provide backdoors for unwanted visitors.
Once you have secured
your devices as much as possible, the next step would be attaching all the
devices to the network itself. When
plugging in the Ethernet cable to the computer or connecting to the device
wirelessly, make sure to select WPA2 as this is one is secure and backwards
compatible to older devices. Now that
you are connected to the network and can access the internet it is best to
double check everything is up to date.
Kick off windows updates, to ensure that all patches have been applied
and the security system has the latest threat database.
Even though you have
made all the necessary precautions and have everything up to date there are
still new threats and vulnerabilities found every day. With this in mind it is always best to setup
a back-up system to ensure you have all your data in case of an emergency. There are many to choose from, whether you
have a raided system or a backup software in place that copies all your files
to another location such as a cloud or another computer on the network. Never consider yourself fully protected from
any threats or risks, to the fact you do not create a backup.
Overall network security
does not only consist of ensuring you have a secure router and security system. It comes down to hardening every computer and
server involved all the while securing the network entirely. If I would not have taken this course I would
not have realized how much is involved when securing a network. I am completely thankful for being given this
opportunity to learn, grow, and utilize my new skills.
References
Dulaney, E., & Easttom, C. (2014). CompTIA
Security+ Study Guide, Sixth Edition. Indianapolis: John Wiley & Sons,.
Wireless attacks and its types. (n.d.). Retrieved December 11, 2016, from Exam
Collection:
http://www.examcollection.com/certification-training/security-plus-wireless-attacks-and-their-types.html
No comments:
Post a Comment