Until now, we have learned about various types of network security attacks that are commonly manifested in computer network systems. We eventually studied Network security and how it works.
In the previous blog of our CCNA 200-301 series , we talked about the solid AAA framework for network security. I recommend you go through it before you jump to this blog.
In this blog, we will learn the important security program elements that make a user aware of the protection against network cyber attacks.
A security program is an enterprise’s set of security policies and procedures. For the CCNA 200-301 exam, there are a few elements you have to be aware of.
We will learn about the various security program elements in this blog. Most importantly, we will discuss the CIA model and its elements. Without further ado, let’s get started!
A security program is an enterprise’s set of security policies and procedures. The following are the main security elements:
1. User awareness programs:
- User awareness programs are designed to make employees aware of potential security threats and risks.
- Not all employees are cybersecurity experts. Someone who works in the Marketing department is probably not aware of all the cyber threats the company is facing. So, user awareness programs will help make those employees aware.
- For example, a company might send out false phishing emails to make employees click a link and sign in with their login credentials.
- Although these emails are harmless, employees who fall for false emails will be informed that it is a part of the user awareness program and they must be more careful about phishing emails.
2. User training programs:
- User training programs are more formal than user awareness programs.
- For example, dedicated training sessions educate users on corporate security policies, how to create strong passwords, and how to avoid potential threats.
- These should happen when employees enter the company and also at regular intervals during the year.
3. Physical access control:
- Another essential element of a security program is physical access control which protects equipment and data from potential attackers by only allowing authorized users into protected areas such as network closets or data center floors.
- This is not just to prevent people from outside of the organization from gaining access to these areas. In fact, access should be limited to those who need access even in the company.
- Multifactor locks can protect access to these restricted areas.
- For example, a door that requires users to swipe a badge and scan their fingerprint to enter.
- Permissions of the badge can easily be changed, for example, permissions can be removed when an employee leaves the company.
- This allows for strict, centralized control of who is authorized to enter where.
CIA Model: The Three Pillars of Security
The most important principle covered in the CCNA Security program (and the entire security certification track) is the three pillars of security. It refers to the CIA model. The three pillars of security are:
These three principles form the foundation of any security system and must be taken into account when implementing and maintaining secure networks. Let us understand each one of them one by one.
- Confidentiality is the protection of information from an unauthorized access.
- The goal is to ensure that only those individuals who intended to have access to the information are the only ones who have access.
- Access control policies and data encryption techniques are used to achieve this.
- Integrity is the assurance that the data stored and transmitted over a network is accurate and untampered.
- Integrity is maintained by techniques such as cryptographic hashing, digital signatures, and data leakage prevention.
- Availability is the assurance that the data is available when needed.
- Availability is achieved through various techniques, such as load balancing and redundant servers.
- The network must be working and available all the time and it must be strong enough to handle cyber attacks.
Cisco Security Products and Technologies
Cisco Security Products and Technologies include a wide range of products and services that assist organizations in meeting their security objectives. These products and services include:
- network security appliances
- endpoint security solutions
- cloud-based security solutions
1. Cisco Security Appliances:
- Cisco Security Appliances, such as the ASA, ISR, and FTD, provide organizations with perimeter defense and internal segmentation.
- These devices can be configured to provide stateful packet filtering, application access control, and encrypted tunnels.
- They can also provide identity-based access control, web filtering, and advanced access control lists.
2. Cisco Endpoint Security:
- Cisco Endpoint Security Solutions help ensure that endpoint devices, such as computers and mobile devices, are securely managed and not vulnerable to external and internal threats.
- These solutions include discovery and protection tools, remediation tools, and patch and vulnerability assessments.
- Cisco Identity Services Engine (ISE) is a network access control solution that provides the ability to control access to the network based on group membership and user identity.
3. Cisco’s Cloud Security Solutions:
- Cisco’s Cloud security solutions enable organizations to identify, detect, and defend against threats and attacks in the cloud.
- These solutions include Cisco Cloudlock, which provides cloud-based security and the ability to detect malicious activity in the cloud.
- Additionally, Cisco has a suite of cloud-based threat defense solutions, such as Cisco Firepower, Umbrella, and ThreatGrid, that can provide organizations with the latest in threat intelligence and response capabilities.
The Cisco Self-Defending Network
The Cisco Self-Defending Network (SDN) is a comprehensive framework for secure network architecture and policy design. The Cisco SDN is comprised of various components, such as:
- Cisco Security Agents
- Identity Services Engine
These are designed to provide end-to-end visibility and control over a network.
The Cisco SDN also includes the Network Access Control (NAC) framework, which is a policy enforcement mechanism that prevents devices from accessing the network if they do not meet certain criteria.
The Cisco Security Agent is an endpoint security solution that is designed to protect endpoints from malware, malicious insiders, and other types of threats. It also provides proactive protection against data leakage and unauthorized access.
The Cisco Firepower solution provides organizations with advanced threat intelligence and response capabilities. Cisco Identity Services Engine (ISE) enables organizations to manage and enforce access control policies through identity-based access control.
The Cisco Security Lifecycle
The Cisco Security Lifecycle is a step-by-step process that organizations can use to implement and maintain secure networks.
The lifecycle consists of five phases:
Each phase has its own set of activities and objectives.
1. Assess Phase:
During the assess phase, organizations evaluate their current security posture and define their security objectives. This phase is also used for risk assessment and vulnerability management.
2. Plan Phase:
The plan phase consists of creating detailed security policies and procedures. In this phase, organizations also develop and document security architecture and design, as well as their budget and timeline for implementation.
3. Design Phase:
The design phase is when organizations begin to implement the solution they have developed in the plan phase. This phase includes tasks such as selecting hardware and software, configuring devices, and setting up policies and procedures.
4. Implement Phase:
The implement phase is when organizations deploy their security solution and complete the actual installation. This phase also includes testing and validation of the security solution.
5. Operate Phase:
The operate phase is when organizations maintain and monitor the security solution they have implemented. This phase includes tasks such as auditing and logging, as well as training and awareness programs.
So far, we have covered what is meant by security program elements and the various security program elements. We also discussed the most important security model, the CIA model which covers the fundamentals of network security.
We also discussed various products and technologies that can be used to secure a network. In addition, the Cisco Self-Defending Network and the Cisco Security Lifecycle provide individuals with an understanding of what is required to effectively design, implement, and maintain secure networks.
By understanding the fundamentals of network security and mastering the tools and techniques used to protect networks, you can achieve the CCNA certification, and become a certified network security engineer.