Network security ensures the integrity, availability and performance of an organization's network, by protecting IT assets from threats like spam, spyware and denial-of-service attacks. An essential component of network optimization, network security helps prevent costly service interruptions and increases business productivity by keeping networks functioning properly.
The Traditional Approach to Network Security: Defending the Perimeter
In general, network security is concerned with the implementation and maintenance of physical controls such as data center access controls and surveillance cameras as well as technical controls including firewalls, hardened routers, and intrusion detection systems. To effectively prevent unauthorized intrusion and other harmful attacks targeting the enterprise's network, information security best practices require the proper configuration and frequent patching of such security tools in addition to the network devices they were designed to protect.
A robust network security program will also address data security policies, contingency and disaster recovery planning, and the need for regular vulnerability scanning and penetration testing. By simulating a real-world attack on an organization's network, network penetration testing allows the enterprise to evaluate the effectiveness of its security controls and procedures and the behavior of IT staff in response to incidents.
The Difficulty of Maintaining Network Security in Today's Threat Landscape
Even with the appropriate network security tools and policies in place however, many companies still find it difficult to effectively protect their networks. Skilled hackers are capable of bypassing perimeter defenses, and no single security solution can sufficiently shield a network from every type of attack. Moreover, recent technology trends such as BYOD, cloud network innovation, and IT consumerization have made network security complicated for IT shops and expensive for businesses. Confronting large, highly interconnected networks, complex computing environments, and an unpredictable threat landscape, IT departments struggle to secure the expertise and resources necessary to safeguard their networks.
A Multi-Layered Approach to Network Security: Supplementing Perimeter Defense with Cloud-Based Forward Defense
For IT shops that want to both simplify and fortify network security—and for business managers seeking to reduce spending and boost productivity—cloud-based security services provide the solution. Akamai offers users of the global Akamai Intelligent PlatformTM a suite of cost-effective web security solutions, equipping your organization with multi-layered defense capabilities—defense-in-depth that stops attacks at the edges of the Internet before they reach your data center. These cloud-based solutions include:
- Site Shield protects your origin server by "cloaking" it from the public Internet, essentially removing it from the Internet-accessible IP address space.
- Kona Site Defender mitigates the threat of bandwidth-consuming DDoS attacks by absorbing DDoS traffic targeted at the application layer and deflecting DDoS traffic directed at the network layer.
- Web Application Firewall detects potential attacks in HTTP and SSL traffic upstream, filtering out malicious traffic as close to the source as possible.
Learn more about how Akamai Cloud Security Solutions can help protect your network and web applications.