Before you start
Objectives: Learn on which devices should we about when talking about network security.
Prerequisites: you should have a basic knowledge of devices used in computer networks.
Key terms: security, router, switch, server, workstation
When designing a secure computer network, we need to consider all of the components of our computer network. This includes network devices and network protocols. Devices can be routers, switches, servers, workstations, firewalls. modems, remote access servers, and mobile devices. All of these devices need to be secure in order for our whole network to be secure.
Routers operate at the OSI layer 3. The main task of router is to connect two or more network segments (subnets, different networks) and route traffic between them based on the IP address. However, when it comes to security, we can use router to filter traffic based on source, destination or other packet information. So, we can use routers as a packet filtering firewall, and in that way control traffic between subnets. Routers also typically support access lists to control access to a network, and in that way prevent certain traffic from entering or exiting a specific network. Routers can also block spoofed traffic from outside of the network.
Switches operate at the OSI layer 2. It uses MAC addresses to forward traffic. Switches can give us protection from address resolution poisoning, spoofing. It can also protect from sniffing since each device is on its own switch port, and the data between two devices flows on a dedicated circuit between those two devices. In that way switch limits the amount of data that can be intercepted on the network. Switches also typically support virtual LANs (VLANs), in that way we can separate different network segments and control access.
Servers and Workstations
On our network we will typically have two types of computers, and those are servers and workstations. Server is a system that hosts resources and services that are going to be used by other network systems. When protecting our servers, we need to design and deploy a server specific type of security policy, and implement those mechanisms. We need to prevent unauthorized physical access, protect it from natural disasters and maintain a reliable backup solution for data on the server.
A workstation is used for regular work and to access resources on servers. The number of workstations in organization can be very large, which makes administration difficult. Because end-users operate workstations, we can easily end up with workstations with low security. Typically, users are a greatest threat to our computer network, because of their lack of knowledge and awarness. The compromise of a workstation can mean the compromise of the whole network, so we should deploy workstations with enforced security policies, configured backups, file encryption, anti-virus software, software installation restrictions, patches and updates. We should also perform auditing on all workstations. For mobile devices we should also take theft prevention measures.