Secure network is vitally important for most network systems. Whilst email viruses and denial-of-service attacks (DoS attack) may cause us headaches on our home systems, for businesses, these sorts of attacks can cripple a network for days – costing businesses hundreds of millions each year in lost revenue. Not to mention corporate legitimate to clients.

Creating secure network to prevent this type of malicious attack is usually of paramount importance for network administrators, and while most invest heavily in some forms of security measures there is often vulnerabilities inadvertently left exposed. As we always heard that security is as secure as the weakest link.

Firewalls are the best place to begin when you are trying to develop a secure network. A firewall can be implemented in either hardware or software, or most commonly a combination of both. Firewalls are used to prevent unauthorized users from accessing private networks connected to the Internet, especially local intranets. All traffic entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified criteria. If the packet do not meet security criteria then the system will not allowed those packets entering network system.

Anti-virus software works in two ways. Firstly it acts similarly to a firewall by blocking anything that is identified in its database as possibly malicious (viruses, Trojans, spyware etc). Secondly Anti-virus software is used to detect, and remove existing malware on a network systems or workstation.

One of the most over-looked aspects of secure network is time synchronization. Network administrators either fail to realise the importance of synchronization between all devices on a network or the system simply don’t work. Failing to synchronize a network is often a common security issue. Not only can malicious users take advantage of computers running at different times but if a network is struck by an attack, identifying and rectifying the problem can be near impossible if every device is running on a different time.

Even when a network administrator is aware of the importance of time synchronization they often make a common security mistake when attempting to synchronize their network. Instead of investing in a dedicated time server that receives a secure source of UTC (Coordinated Universal Time) externally from their network using atomic clock sources like GPS, some network administrators opt to use a shortcut and use a source of Internet time.

There are two major security issues in using the Internet as a time server. Firstly, to allow the time code through the network a UDP port (123) has to be left open in the firewall. This can be taken advantage of by malicious users who can use this open port as an entrance to the network system. Secondly, the inbuilt security measure used by the time protocol NTP, known as authentication, doesn’t work across the Internet which means that NTP has no guarantee the time signal is coming from where it is supposed to.

To ensure that you have a secure network, isn’t it time you invested in an external dedicated NTP time server?

Priyo Wibowo | MCP

Other related post:

• » Wireless Security” is an Oxymoron, But There is Hope – Blogger … – Don’t store critical data on a device used outside the secure network. I have a laptop and an iPhone. If they are hacked, there’s no data on either device that would compromise my identity or financial security. …
• How-To Secure Your Browsing Session Before Hitting Starbucks! – Couple of years ago using a secure network such as VPN required more than just the technical know-how, but, now it’s become as easy as installing a software or simply visiting a site to join a VPN that is already setup. …
• Network Security Model – Defining an Enterprise Security Strategy … – Identify transaction protocols required to secure data as it travels across secure and non-secure network segments. Monitoring activities should then be defined that examine packets in real time as a defensive and pro-active strategy …
• Mobile Broadband Security – How Secure is Your Mobile Internet … – Mobile broadband is entirely different from wireless broadband. It uses the mobile phone technology for transmitting and securing data. The greatest advantage.
• What is HTTPS Protocol & How It Keeps Your Data Secure? | VikiTech.com – Using HTTPS Encryption while surfing helps in securing your data when you are using a public Wi-Fi network and gives added protection if you are surfing in a secure network. If you are wondering what the HTTPS protocol means and why …
• Critical Control 16: Secure Network Engineering – Critical Control 16: Secure Network Engineering. Many controls are effective but can be circumvented in networks that are poorly designed. Without a carefully planned and properly implemented network architecture, attackers can bypass …
• A Web 2.0 Documentation Idea Gone Wrong | I’d Rather Be Writing – Posted by Tom Johnson on Feb 06, 2008 in Technical Writing, Web 2.0. Many of us want to integrate innovative Web 2.0 practices into our online help. But if we create blogs, wikis, or other interactive features outside the help file, …
• GFI LANGuard | Free Security for Your Small LAN | Internet … – If you are a LAN administrator, you have to deal with lots of vulnerability issues of different machines, update them with the latest patches and ensure their.
• Technology in the Year 2033 | Impact Lab – The future ain’t what it used to be. In the pre-PC era, futurists predicted huge changes in transportation. By 2008 we would be flitting about in personal.