There are different types of network security devices and tools.
Types of Network Security
1. Access control
Access control in network security is a process of checking user identity and the quality of the data before granting access to a network or a system. There are different categories of access control.
Authentication is the process of identifying a user as a valid member of a system or a network. Also, authentication may be performed by the user himself/herself, or by an external system. In computer security, authentication is commonly performed by users entering a username and password into a login prompt, but other techniques such as biometrics may be used as well.
The means to authenticate a user may include a token device, a smartcard, a cryptographic challenge-response protocol, or a simple challenge-response scheme such as “What is your mother’s maiden name?” It can be done either by something you have, something you know (password), or both (multi-factor authentication).
Authorization is the process of granting permission to a subject (user) to access a resource. Moreover, an authorization may be granted by an external system, or by the owner of the resource. Authorization policies can be based on factors such as time of day, type of resource, and whether the subject is authenticated and authorized to use the resource.
4. Confidentiality and data integrity
Confidentiality is the property that information is not made available or disclosed to unauthorized individuals, entities or processes. Data integrity is a related property where data has not been altered or destroyed in an unauthorized manner. Encryption is often used to provide confidentiality when storing or transmitting data on computer systems.
Cryptography is the practice of enciphering information to keep it secure from unauthorized users. There are several types of cryptographic algorithms used in computer security including symmetric cryptography and asymmetric cryptography.
A firewall is a network security system that controls network traffic using rules. A firewall typically establishes a barrier between a trusted internal network and an untrusted external network, such as the Internet.
Firewalls are categorized as either network firewalls or host-based firewalls. A network firewall operates at OSI Layer 3, whereas a host-based firewall operates at OSI Layer 7 (the application layer). Firewalls can also be categorized based on their location within the network topology: point-to-point, point-to-multipoint, or multipoint-to-multipoint topologies are all possible arrangements of firewalls about the network they protect.
The most common arrangement today uses multipoint firewalls with multiple interfaces. Perhaps that sit between two distinct networks that connect protected networks into secure zones that are separate from one another by the firewall itself.
7. Intrusion Prevention System
An Intrusion prevention system (IPS) is a security device that monitors network or system activities for malicious activities or policy violations and then takes action to stop the offending activity.
It is an automated system that monitors network or system activities for any suspicious activity and then takes preventive measures to stop the suspicious activity from causing any harm. An IPS can detect attacks occurring in non-secured areas, such as DMZs. An IPS consists of an engine, sensors, rules, policy enforcement points, and signature updates.