Security
The Protected Workplace
Introduction
Networks and the Internet are no longer simply a technical resource—they're a vital part of the fabric of every business. As businesses open their doors to new Internet-powered e-business initiatives—such as online commerce, customer care, supply-chain management, and extranet collaboration—the risks to their networks are increasing. The same open environments that can help an organization improve productivity or extend its market reach can also invite network intruders from inside and outside the company.
Today's networks are subject to attack from packet sniffers, IP spoofing, denial of service (DoS), spam, viruses, worms, Trojan horses, and a host of other threats. Network security breaches can be devastating to companies, resulting in significant loss of revenue, reduced productivity, and a loss of customers, not to mention the expense involved in restoring networks, databases, and applications to normal function.
Small organizations are especially vulnerable to these threats, because they often lack the staff and budget needed to respond effectively to a security breach. Network administrators need integrated, comprehensive security solutions that can protect their organizations from increasingly sophisticated security threats. At the same time, they need the ability to easily manage their security solution, and build upon it as their company grows.
IT administrators must do more than simply respond to individual security threats. They must develop a formal security policy that defines roles, responsibilities, acceptable use, and key security practices for their company. They should then assess their existing network infrastructure to identify potential vulnerabilities. Finally, as you move forward to design, upgrade, and install your secure network architecture, evaluate each area of the network, determine potential threats, and implement appropriate security measures.
Cisco Systems® and its partners offer a complete array of multi-tiered solutions to provide robust protection to every portion of the data infrastructure, from the network core to desktops and remote sites, and every point in between, to enable businesses to expand their e-business initiatives with confidence.
In this two-part paper, we will illustrate how the SAFE Blueprint from Cisco® enables technical staff to combat today's security threats by deploying integrated security technologies in dedicated security appliances, routers, switches, and other network devices. The SAFE Blueprint preserves an organization's existing network investment, while allowing for new network services such as voice, video, and wireless technology. In the second half of the document, we'll also illustrate how Cisco security solutions can benefit the entire business, by ensuring the availability of important business systems, enhancing employee productivity, and safeguarding customer relationships.
Part 1: Protecting Your Network with Integrated Network Security Solutions
Today's network administrators must contend with a wider array of threats than ever. These threats are no longer limited to professional hackers. Easy-to-use network intrusion tools are now widely available on the Internet, enabling even non-technical users to penetrate an undefended network. Some of the most common threats to network security include:
- Viruses—Computer programs designed to replicate themselves and infect computers when triggered by a specific event
- Worms—A self-reproducing program which is distinguished from a virus by copying itself without being attached to a program file, or which spreads over computer networks, particularly via email. Originally used (by Shoch and Hupp) to specify a distributed type of network program with many segments
- Trojan horse programs—Delivery vehicles for destructive code, which appear to be harmless or useful software programs such as games
- Vandals—Software applications or applets that cause destruction
- Attacks—Can include reconnaissance attacks (information-gathering activities to collect data that is later used to compromise networks); access attacks (which exploit network vulnerabilities in order to gain entry to e-mail, databases, or the corporate network); and denial-of-service attacks (which prevent access to part or all of a computer system)
- Data interception—Eavesdropping on communications or altering data packets being transmitted
- Non-technical threats—Obtaining confidential network security information through non-technical methods, such as posing as a technical support person and asking for users' passwords
If you're interested in this topic, these articles may be helpful:
 | Core Elements of the Cisco Self-Defending Network Strategy from Cisco Systems Inc. Thanks in part to a Cisco® advertising ... |
| Top Five Security Issues for Small and Medium-Sized Businesses from Cisco Systems Inc. Summary Small and medium-sized businesses ... |
| Addressing security issues in Linux by Mark Chapman, technical writer, IBM Corp. First published at IBM... |
| South Bay BMW Achieves Unmatched Availability and Security with its Cisco Network from Cisco Systems Inc. South Bay BMW needed to guard its network a... |
| Protect Your Business As viruses, worms, and hackers continue to plague business-technology ... |
Related Jobs: