Network Perimeter SafetyHow to Protect Your Network from Internet Threats Network security is a big issue for financial institutions. From a small home office's DSL connection to a corporation's high-speed fiber connection, a company's network needs to be protected from outside threats.
Various technologies exist to help ensure security, and the ones that you choose to use typically depend on the expense of the technology versus the level of risk mitigation, or reduction.
Small home office:
For small business working out of the home or small office, typically with 10 or fewer computers, most of the more advanced technologies are not cost-effective.
Anti-Virus software packages are very important to keep installed and up-to-date on individual computers. Most of these software packages include firewalls that are crucial in helping protect individual computers.
Setting up a server or converted PC to handle domain authentication is a big help in network security for a small network environment. Domain authentication allows network users to share resources on the network, while blocking out users who do not have domain access.
Large corporate network:
Larger companies with advanced network with advanced routers and switches have a higher need for network-based security measures to protect their increased number of users. A few of these technologies are listed below, and their usage should be evaluated by security professionals before installation.
Large networks have advanced firewalls running on dedicated machines just for this purpose. Often numerous dedicated machines make up a firewall cluster, which is placed between the network and Internet for filtering.
Intrusion Detection System (IDS)
In more secure networks, sometimes an IDS is put in place behind the firewall to detect attacks. IDS technology is more intelligent than a firewall, as it looks for patterns in network traffic, rather than just blocking data based on single rules like a firewall. An IDS can work in conjunction with an Intrusion Prevention System (IPS), to block or create an alert if the IDS detects unusual activity.