Designing Network Security: Chapter 5, Threats in an Enterprise Network

Written by Merike Kaeo; Published by Cisco Press

This excerpt is from Chapter 5, Threats in an Enterprise Network of Designing Network Security written by Merike Kaeo and published

    Requires Free Membership to View

by Cisco Press. Read the entire chapter here.

Today, there is an ever-growing dependency on computer networks for business transactions. With the free flow of information and the high availability of many resources, managers of enterprise networks have to understand all the possible threats to their networks. These threats take many forms, but all result in loss of privacy to some degree and possibly malicious destruction of information or resources that can lead to large monetary losses.

Knowing which areas of the network are more susceptible to network intruders and who is the common attacker is useful. The common trend in the past has been to trust users internal to the corporate network and to distrust connections originating from the Internet or from remote access networks using virtual private networks (VPNs), dial-in modems and Integrated Services Digital Network (ISDN) lines. It is important to place trust in the employees internal to the network and in authorized people trying to use internal network resources from outside the corporation. However, trust must also be weighed with reality. According to some sources, at least 60% or more of attacks are perpetrated by corporate insiders, and there is an increasing trend not to trust internal users and have stricter security measures in place. Wireless networks are becoming in more widespread use, and more stringent security considerations are often required in these instances. Restricted use of network infrastructure equipment and critical resources is necessary. Limiting network access to only those who require access is a smart way to deter many threats that breach computer network security.

Not all threats are intended to be malicious, but they can exhibit the same behavior and can cause as much harm -- whether intended or not. Unfortunately, many networking infrastructures have to deal with the increasing issue of viruses and malware that can be found on compromised computing resources and pose unintentional security threats from unsuspecting employees. It is important to understand what types of attacks and vulnerabilities are common and what you can do at a policy level to guarantee some degree of safe networking.

This book does not address the many common host application vulnerabilities in detail; instead, it is more concerned with securing the networking infrastructure. In discussions of areas in which host vulnerabilities can be deterred or constrained in the network infrastructure, more details are given.

Read the rest of the chapter here.

For more information on this topic, visit these other resources:

This was first published in November 2003

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.