What is the most important aspect of your computer network?

That question ranks right up there with the age old question, which was first the chicken or the egg? Another good one that I used to hear all the time… What is more important, Sales or Operations? I guess what we are going to come up with here is that it is a matter of perspective.

Depending on what your bias is depends on what your perspective will be. I have worked with most aspects of computer networking in some capacity or another and while I find that all roads lead to security. Let me explain a bit. When you purchase new end points what is the second piece of software you load? Antivirus. No matter the end-point type, PC, Tablets, Smartphones, Desktop, Servers, VoIP. It all comes back to how to protect critical data from nefarious entities.

It all starts with good design. The purpose of design is to define and solve problems that become evident or that are created by the development and deployment of a solution. So in the process of looking at your network there are a number of factors that will arise and number one most thought of issue is security. This has been the case since the dawn of networks security takes a back seat only to functionality.

Let me explain.

During the adoption phase of Ethernet there were tons of networks popping up both large and small. These networks were mostly peer to peer because of a limitation in functionality and the fact that the majority of networks prior to Ethernet were Token Ring across twisted pair or coax cable. The basis for the initial Peer to Peer networks was simply that is was easier to deploy and more fault tolerant as Ethernet was generally deployed in a hub and spoke topology configuration versus a ring or mesh topology for a token ring network.

Ethernet was primarily deployed in a hub and spoke topology because of how Ethernet communicates between hosts peer to peer was very popular. However this created a huge need in the business world as business computing became more popular and widely used. The need for security within these networks drove the development of authentication in networking. Being able to prevent access to files and network resources through permissions controlled at a centralized location such as a server was becoming essential.

The need for greater control and security lead to Centralized Authentication devices such as servers. With the use of Authentication Services like Active Director and Novell a network administrator could define resources that would be shared across networks and assign access to those resources to users as they authenticated into the network. The main purpose was for the security measures was to ensure that resources were secure from users that didn’t need access. As this form of server-client networking grew in popularity it became more and more necessary to deploy client server networks in place to of the peer to peer networks.

This was all taking place around the time of the growth of the internet. Surprisingly the first internet based replicating virus was discovered in 1970 on Darpanet, the governments predecessor to the internet. As connectivity grew and the internet became faster and more common place in homes and businesses internet based viruses and mal-ware started to become more prevalent. Hackers, Rogue States and other less than desirable entities started to find the profitability in writing malicious code, viruses, malware and ransome-ware. Throughout this time many of the popular companies that we know today started. Companies such as Cisco, Microsoft, Novell, Hewlett Packard, Packard Bell, Northern Telecom, Bay Networks, Micom and many others. Many of these companies revolutionized the information technology industry.

The Firewall

The mid 1990’s were a revolutionary time for the network security industry. The advent of the firewall had just started to take hold and to this point have been primarily software based and deployed on a companies production server which meant that a companies primary resource for storing and managing it’s network was also directly facing the live internet. While for most companies this was fairly effective it offered a lot of negative issues as well. The most concerning being that if a networks firewall was defeated by a hacker, the hacker was then directly on the core resource with all the data that the hacker was looking for. If the virus circumvented the firewall it was at the epicenter of the network with access to the credentials necessary to propagate across an entire networks with unfettered access. This was truly a concern to be dealt with.

The first firewall documented was developed by a collaboration by DEC and AT&T where DEC created a packet filter to prevent unwanted packets from entering their network while AT&T’s research was to stop information from leaving their networks. While the true inventor of the firewall has a list with numerous name you can read more about the inventors by following links in references section of this article. By the early to mid 1990s the firewall had revolutionized to a stateful packet filter, then applications and more. So let’s jump into present day 2016. While there are tons on competition in the IT industry for everything from smart watches to ram to SSD hard drives, network speeds to high speed network attached storage. There is only one segment of the industry that has been deemed so important as to have government oversight, global initiatives where countries all around the world work together to curb crime. That is the network security industry.

In the United States alone there are a plethora of Cyber-Security laws on the books and many more in wings awaiting approval or denial through Congress. Here is a list of some of the laws that are in place and in queue to be voted on http://www.isaca.org/cyber/pages/cybersecuritylegislation.aspx.

The reason I wrote this article is to start the conversation about Network Security. I believe that network security is the single most important piece in any computer network for any business big or small. I believe that as an IT professional of over 20 years, not just because I work for a network security company. No matter what kind of network you employ, Windows, MAC, Linux, with servers or peer to peer the very first thing you need to deploy in your network is a good strong firewall.

Expense is not the only factor that defines a firewall. Look that services and look at your network. What type of data you are storing and what type of activity is going on in your network.

  • Do you need external access to your network?
  • Are you hosting websites in your network?

At a bare minimum a strong firewall will provide:

  • Stateful Packet Filtering
  • Gateway Anti-Virus (definitions provided by a reputable AV company)
  • Intrusion Prevention
  • and Reputation Services.

Many firewalls offer Unified Threat Management. That is even better protection. When you start to choose weigh options. When you are looking at functionality, many firewall manufacturers are going to tout how fast their solutions are with the packet filter. My question is, how fast is it with all the services running? If you can’t run the services because it bogs down your network then what is the sense in buying them.

As you can tell by now I think the most aspect of any network is the Network Security. But Network Security is more than just a good UTM firewall. Network Security includes all of the following:

  • A Security Plan
  • Security Policies and Processes
  • Security Training
  • A Security Culture
  • A Good Firewall
  • Server or Core Anti-Virus, Anti-Malware with Root Kit Detection
  • End Point Security Anti-Virus, Anti-Malware with Root Kit Detection
  • A Whole lot of luck and a little bit of fear

I hope this article is helpful and if you have any recommendations or comments please feel free to send them to me via linkedin and I will be glad respond as necessary.

References

http://www.darkreading.com/who-invented-the-firewall/d/d-id/1129238?&

http://www.isaca.org/cyber/pages/cybersecuritylegislation.aspx.