Your IT Support Experts - Homepage

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Home

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

(703) 359-9211

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

Macro Systems Blog

Comprehending Network Security

Comprehending Network Security

Modern business relies very heavily on IT. As a result, to keep their computing network and infrastructure running efficiently, they need to have a network and cybersecurity policy established. With the development and use of organizational computer networks with multiple endpoints, comprehending the basics of network security is helpful when implementing and employing network security systems. Let's review aspects of your network, their functions, and what you need to do to protect them.

Network Hardware
Your organization's computing network, at the very least, consists of two connected machines set up to share resources. Usually, a business network consists of centralized computers called servers, and endpoints called workstations. Major networking components include: network switches (that permits multiple workstations to be connected in packets); a router (that allows for wired or wireless connection to the network); and the modem (that connects the network to the Internet). All kinds of other accessories such as printers, scanners, copiers and more can be found on your network.

In this modern era, wireless networks have been deployed to provide additional mobility. In this case the router, which would have to have Wi-Fi capabilities, permits mobile endpoints (laptops, smartphones, tablets, and IoT devices) to connect to, and share the files on, an organization’s network. This promotes mobility by allowing the sharing and utilization of files without being physically connected to the network.

Network Protocol
The network protocol consists of a set of rules that work to regulate communications between devices connected to the same network. They make connections and set rules for data packaging for both sent and received messages. Popular protocols include:

  • Transmission Control Protocol and Internet Protocol (TCP/IP)
  • Address Resolution Protocol (ARP)
  • Domain Name System (DNS)
  • Secure Shell (SSH)
  • File Transfer Protocol (FTP)
  • Dynamic Host Configuration Protocol (DHCP)
  • Hypertext Transfer Protocol (HTTP)
  • Hypertext Transfer Protocol Secure (HTTPS)
  • Internet Group Management Protocol (IMAP4)
  • Post Office Protocol version 3 (POP3)
  • Simple Mail Transfer Protocol (SMTP)

There are many more protocols, all of which are basically the building blocks of a deliberate interaction. Each protocol works to connect one part of a computer to another. Much like a bank has procedures in place to help keep your money secure, protocols are the procedures at work to keep your data secure.

Securing TCP/IP is especially vital. TCP/IP communications are made up of four layers that work together. When a user wants to send information across networks, the information is passed via each layer, each adding data. Each layer features a header and a payload. The header holds layer-specific information, while the payload consists of the information that has come from the layer above it. To illustrate this more clearly, below we describe the four layers in TCP/IP communications:

  • Application Layer: This layer sends and receives the information for specific applications, with protocols such as DNS, HTTP, HTTPS, and SMTP. Each application is required to have its own specific protocol.
  • Transport Layer: This layer of connected (or connectionless) services are for transporting application layer services between networks and works to ensure that connections are reliable. TCP and User Datagram Protocol are usually used in the transport layer.
  • Internet Layer: This layer routes the data packets across networks. Internet Protocol (IP) is at the heart of this layer. IP specifically permits information streams to be broken up into segments known as data packets and works to define and establish the Internet, as we use it, through addressing and routing.
  • Network Access Layer: Last, the network access layer is in place to define the method of utilization within the scope of the local network link. It adds the protocols used to define the relationships used to transmit and receive data packets from the other layers.

With so many moving aspects every time you send and receive information over the Internet (and within your own Intranet), you can see how hard it is to keep the network safe from threats. Now that you’ve got an introduction to what each layer in your TCP/IP-run command does, we can now look at the vulnerabilities and fixes.

Vulnerabilities
The top security problem with any kind of network is the “unauthorized user”. An attacker can connect via an unsecure hub/switch port. As a result, wireless networks traditionally are considered less secure than wired networks because they can be accessed without a physical connection. Once in, a wicked intruder can steal valuable information, deny service to legitimate users, or spoof the physical identity of the network to steal more data. Here are a few other TCP/IP vulnerabilities:

  1. ARP spoofing - Used to steal sensitive information, or to facilitate denial-of-service-attacks, session hijacking, man-in-the-middle attacks and more.
  2. Port scanning - Used to see what services are vulnerable to exploit.
  3. IP spoofing - Sending packets from what is seemingly a trusted address, while sending malware or stealing data.
  4. DNS spoofing - The Domain Name System associates domain names with IP addresses. So devices that connect to the Internet can have their DNS spoofed and reroute the info to a different IP address.

What To Do
Once the “bad” data has been sent to you there is not much you can do. That’s why we tell everyone that they need to be proactive about keeping their sensitive information and data secure. At Macro Systems, we can help you meticulously maintain your software, monitor your files, permissions, and access, and deploy today’s strongest network and cybersecurity strategies to keep threats from hacking your business. For more information, contact us today at 703-359-9211.

The Positives and Negatives of Streaming in Your O...
Analyze Your IT’s Value Against the Cost
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, August 16, 2018

Captcha Image

Customer Login

Contact Us

Learn more about what Macro Systems can do for your business.

(703) 359-9211

Macro Systems
3867 Plaza Drive
Fairfax, Virginia 22030