A focus on network security solely in terms of the wireless aspect is understandable. Hackers have breached a company’s system via Wi-Fi by detecting its SSID and launching a cyber attack beyond its premises. However, considering the overall threats from insiders and outsiders, the security of the wired aspect of the network should receive the most emphasis. The following are the first 4 of 8 simple precautions that a business should take for the protection of its systems and data. It is advisable to consult with an IT support expert for effective implementation.
Although the deployment of 802.1X authentication does not provide Ethernet traffic encryption, a user would be prevented from sending over the network and accessing resources until providing login credentials. This authentication may also be applied to Wi-Fi, implementing enterprise-level WPA2 security utilizing AES encryption. An additional advantage of 802.1X authentication is the capability of dynamically assigning users to virtual local area networks (VLANs).
For a comprehensive understanding of an entire network’s infrastructure, auditing and mapping is necessary. This entails detailed diagramming the connectivity of servers, computers, printers, and other devices, along with firewalls, routers, switches, Ethernet cabling and ports, and wireless access points. Accurate auditing and mapping helps to spot vulnerabilities in security and find methods of improving performance, security, and reliability.
MAC address filtering can be circumvented by skilled cyber criminals, but it can be utilized as a network’s first security layer. Although it does not provide protection against hackers, MAC address filtering can stop staff members from creating security holes, such as permitting guests to access the private network. Additional oversight and control over devices allowed is also possible.
The total encryption of a network should also be considered. For example, a Windows Server may act as an IPsec server. Unfortunately, encryption will cause effective throughput rates to decrease dramatically. However, networking vendors can offer proprietary network encryption solutions that utilize a Layer 2 approach instead of Layer 3, which IPsec uses, to decrease latency and overhead.
Choosing an expert computer technology-support provider is an important decision for your business. Alpha Engineering Associates has been a trusted partner of many companies in the Washington, Baltimore and Annapolis areas since 1990 and offer:
For affordable client-focused network consulting services and solutions, please call Alpha Engineering Associates today at 410-295-9500.