along the way, giving other users the opportunity to intercept, and even alter it. It does nothing
to protect your data center, other servers in your network, or a malicious user with physical
access to your EnGarde system.
In this simplest case, the approach could be a decision to implement no security at all.
Security through Obscurity
In this model, a system is secure simply because nobody knows about its existence and
contents. This approach cannot work for too long, as there are many ways an attacker can come
to know about it.
In this scheme, the security for each host is enforced individually. This is a very safe
approach, but the trouble is that it cannot scale well. The complexity and diversity of modem
sites/organizations makes the task even harder.
Network security is the security provided to a network from unauthorized access and risks.
It is the duty of network administrators to adopt preventive measures to protect their networks
from potential security threats. Computer networks that are involved in regular transactions and
communication within the government, individuals, or business require security. The most
common and simple way of protecting a network resource is by assigning it a unique name and
a corresponding password.
In this modern era, organizations greatly rely on computer networks to share information
throughout the organization in an efficient and productive manner. Organizational computer
networks are now becoming large and ubiquitous. Assuming that each staff member has a
dedicated workstation, a large scale company would have few thousands workstations and
many server on the network.
It is likely that these workstations may not be centrally managed, nor would they have perimeter
protection. They may have a variety of operating systems, hardware, software, and protocols,
with different level of cyber awareness among users. Now imagine, these thousands of
workstations on company network are directly connected to the Internet. This sort of unsecured
network becomes a target for an attack which holds valuable information and displays
In this chapter, we describe the major vulnerabilities of the network and significance of network
security. In subsequent chapters, we will discuss the methods to achieve the same.
Access control is a way of limiting access to a system or to physical or virtual resources.
In computing, access control is a process by which users are granted access and certain
privileges to systems, resources or information .In access control systems, users must present
credentials before they can be granted access. In physical systems, these credentials may come
in many forms, but credentials that can't be transferred provide the most security.