Previous | Table of Contents | Next |
Port security is essential in order to deny unauthorized remote access. Passive devices will report on unauthorized access, usage anomalies, etc. Active devices, which are preferable, will act to deny access to unauthorized users and to disable ports in the event that user-definable parameters are exceeded.
Transmission Security is critical to ensure that unauthorized entities are not allowed to intercept the data as it is communicated across the network. Transmission of data is especially insecure over analog links; wireless transmission is inherently insecure. Transmission security is virtually ensured over coaxial cable and, especially, over fiber optic cable, as these media cannot easily to physically tapped. In order to maximize security, however, it is necessary that the data be encrypted.
Encryption involves scrambling and compressing the data prior to transmission; the receiving device will be provided with the necessary logic to decrypt the transmitted information. Encryption logic generally resides in firmware included in standalone devices, although it can be incorporated into virtually any device. For instance, it is now being incorporated into routers, which can encrypt data on a packet-by-packet basis. Encryption comes in two basic flavors, private key and public key. Private key encryption requires that the key be kept secret. Public key encryption involves an encryption (encoding) key that can be used by all authorized network users; the key for decoding is kept secret. Data encryption standards include DPF (Data Private Facility) and DES (Data Encryption Standard), which uses a challenge-response approach and intelligent tokens.
Firewalls comprise application software which can reside in a communication router, server or some other device. That device physically and/or logically is a first point of access into a networked system. On an active basis, the device can block access to unauthorized entities, effectively acting as a security firewall. Firewalls currently are the subject of much interest, especially as organizations seek to protect their data from the ravages of hackers and other less-than-honorable creatures who prowl the Internet.
Previous | Table of Contents | Next |