Network Security Basics
Understanding Network Security Basics
Hello, my name is Brian Largent, and this is another episode of Three Minute Thursday. Today, I’m going to be talking about the very basics of network security. Now at one time, the basics of network security were very basic. You’d buy a firewall, maybe have a switch, throw some computers and servers behind it, and you were pretty much done. In this day and age, there’s a lot more to the basics and the fundamentals, and I think a lot of organizations missed these new basics. So let’s cover them. The subtitle of today’s video is ArcLight: Removing plausible deniability since 2008. Well, we were founded in 2008, and I’ve been giving this speech to clients, potential clients for many years now. And after giving this speech, most clients understand the need to secure their environment to a greater degree than they were previously. First thing we’re going to talk about is a perimeter network.
Perimeter Network
The perimeter network’s going to set a firewall. Now, a firewall’s basic purpose is to keep bad guys from coming into your network. It can do more than that, but that’s its basic purpose. And what’s happened over time is companies have gotten smart, technology’s become advanced, and they’ve started to combine multiple different tools into one device. So your firewall where it used to just prevent bad guys from coming in now, also does routing. It’ll also give you wireless access. It’ll filter content like websites. It’s going to block viruses. It’s going to have an intrusion detection system and intrusion prevention system and anti-malware all on the perimeter, which is great because you really want to block that stuff before it ever gets into your network. But what comes at a cost on a firewall these days, the modern firewalls, is the subscription that you have to have, which is a recurring, usually an annual subscription to be able to get those updates, to get the latest content filtering, to get the latest intrusion detection system updates in the antivirus and anti-malware.
So you have to have a subscription based firewall to really secure your environment these days. And just behind your firewall, usually is going to sit a switch. A network switch gives you connectivity from your printers, your computers, your servers are all going to connect to that switch. And then from the switch to the firewall and the firewall to the internet. And in order to extend your network, you’re going to install a wireless access point. That’s going to be connected to your switch and grant access to wireless devices, such as phones or laptops. And when you put it all together, it’s going to look something like this. In the picture on your screen, you’re going to see a globe in the top middle. That globe represents the internet. So that’s going to connect down to your firewall, from your firewall down to your switch. And then your switch connects to all of your different devices, your computers, your printers, copiers, your wireless access points that in turn, then connect your wireless devices such as your laptop and your phone.
How to Segment Your Network
So now we need to talk about how you segment your network. That’s called V landing or virtual local area networks, where you create a separate network for certain types of device with certain types of traffic. For instance, you want your phones on their own VLAN, like I mentioned before, so that you can give them priority bandwidth. In the picture, you’ll see that I have multiple colors breaking down what the VLANs might look like. Computers and copiers and printers all on one VLAN, security cameras on their own VLAN, phones on their own VLAN, your server infrastructure on its own VLAN. And then if you look on the bottom right, there’s a green circle, which might be a guest network, completely segmented from your network only granting internet access to devices that you can’t control.
And as I said before, this is a basic look at network security. It’s not a blueprint, but it should give you some talking points that you can take to your current IT infrastructure support people or your internal IT staff. If you have any questions or concerns, contact us. Have a wonderful rest of your week.
Share the Knowledge
Managed Service Provider CHECKLIST
Land on the best IT solutions partner for your needs with this easy-to-follow, one-page download.