Network security – a multifaceted task
Network security is a demanding and multifaceted task that has to be tailored to the individual requirement. Security concepts that comply with basic IT protection principles or ISO27001 can form the basis for determining the security requirement in doing so. The associated subsequent measures depend on various factors, for example the required availability of the systems, the sensitivity of the information to be protected or the type of access. Furthermore, mobile devices and home office workstations signify additional challenges for comprehensive protection of a network.
Encryption solutions are essential for securely transmitting data in networks. Only strong cryptography can provide protection against data manipulation and theft. Clavigerous Systems offers the SINA product line to do this, including solutions for secure storage, processing, transmission and verification of highly sensitive information.
Layer 2 encryption is appropriate if you need to exchange large or even very large volumes of data between different sites in an encrypted format. Ethernet technology (layer 2) enables point-to-point and point-to-multipoint connections with high line speeds and bandwidths. This makes layer 2 encryption ideal for securing all communication between company sites or data centres.
Web portals and web services are popular targets of attack on the internet. The attackers hope to use these to gain access to even customer and company data. This information can be protected with a special web application firewall which monitors and controls a web portal’s access and connections.
Intrusion prevention systems / intrusion detection systems are ideal for continual network monitoring. The Clavigerous Systems snort solution monitors network access, detects attacks and threats on the systems being protected and autonomously carries out protective measures. Network Access Control (NAC) systems monitor terminals trying to connect to a network for their conformity to existing security guidelines – only those devices that conform to the guidelines are given access to the network.
Besides technical measures for securing networks, a total security concept also includes regular checking of the network infrastructure. Clavigerous Systems use security analyses, also called penetration tests, to uncover weaknesses in networks and shut them before they can be exploited by attackers.