Network security in On-Premise and Cloud is one of the most important moments for safe and correct working of the computer systems and networks.
There are few types of network security devices:
- active devices – firewalls, antivirus scanning devices, content filtering devices, which block the surplus traffic;
- passive devices, such as intrusion detection appliances, which identify and report on unwanted traffic;
- preventative devices – penetration testing devices and vulnerability assessment appliances, which scan the networks and identify potential security problems;
- Unified Threat Management (UTM) devices, such as firewalls, content filtering, web caching, which serve as all-in-one security devices.
With regard to network-based controls, consider the following network security devices and elements.
- Defence in depth
- VLANs
- Access controls
- Secure protocol usage (that is, IPSec and TLS)
- IDS/IPS system deployments
- Firewalls
- Honeypots / Honeynets
- Separation of traffic flow within Host from guests via the use of the separate switches
- Zoning and Masking of storage traffic
- Deployment of virtual security infrastructure
- Implementation of SIEM solution
- Critical Security Controls
- Strict Change and Management Controls
- Link and End to End Encryption
- Traffic flow Security
- Physical secueity
Must have Cloud Security Features
- Advanced Perimeter Firewall
- Intrusion Detection Systems with Event Logging
- Internal Firewalls for Each Application & Databases
- Data-at-Rest Encryption
- IV Data Centers with Strong Physical Security