--Originally published at Mr. Robot's Imaginary Friend
A network has been defined as any set of interlinks lines resembling a net, a network of roads an interconnected system, a network of alliances. A computer network is simply a system of interconnected computers.
Network Security is an organization’s strategy and provisions for ensuring the security of its assets and of all network traffic. Network security is manifested in an implementation of security hardware and software. There are three things that defines:
- Policy
- Enforcement
- Auditing
The policy is the principal document for network security. Its goal is to outline the rules for ensuring the security of organizational assets. Employees today utilize tools and applications to routines and focuses on the safe enablement of those tools to its employees. The enforcement and auditing procedures for any regulatory compliance an organization is required to meet must be mapped out in the policy as well.
Most definitions of network security are narrowed to the enforcement mechanism. Enforcement concerns analyzing all the network traffic flows and should aim to preserve the confidentiality, integrity and availability of all systems and information on the network. These three principles compose the CIA triad that I talked about in previous post.
Strong enforcement strives to provide CIA to network traffic flows. This begins with a classification of traffic flows by application, user, content. All applications must be first identified by the firewall regardless of port, protocol, evasive tactic or SSL. Proper application identification allows for full visibility of the content it carries. Policy management can be simplified by identifying and mapping their use to a user identity while inspecting the content at all times.
The concept of defense in depth is observed as a best practice in network security, prescribing for the network to be secured in layers. These layers apply an assortment of security controls to 
- Access control
- Identification
- Authentication
- Malware detection
- Encryption
- File type filtering
- URL filtering
- Content filtering
These layers are built through the deployment of firewalls, intrusion prevention systems and antivirus components. Among the components for enforcement, the firewall is foundation of network security.
The auditing process of network security requires checking back on enforcement measures to determine how well they have aligned with the security policy. Auditing encourages continuous improvement by requiring organizations to reflect on the implementation of their policy on a consistent basis. This gives organizations the opportunity the opportunity to adjust their policy and enforcement strategy in areas of evolving.
Collaborative work with Gabriel Avilés Robles
