Blogheader image.png

TAP Into Technology

Leading the Way in Network Technology

The 6 Levels Of Thwarting Network Security Issues

Posted by Chris Bihary | 8/9/18 8:00 AM

No matter what type of organization you have, you always run the risk of a network security issue. There are internal risks, of course, and every business has connections to outside vendors that introduce your network to the unknown.


Any starting point with a connection to the unknown presents a potential risk. From dedicated banking to suppliers, even your WiFi opens your organization up to network security issues.

Business must proceed, though.

You must learn the necessary steps to limit the risk of such problems, as well as how to protect your network and data from the hackers lurking outside of your security perimeter. It's important to build a foundation of security, starting with Level 1.

Level 1: Identify Your Access Points 

First and foremost, you need to understand where hackers could access your network. These are the areas of your network where you need visibility  – complete and unimpeded.

If identifying your network’s access point is Step 1A, monitoring what hackers are doing outside of these points is Step 1B. With knowledge of what is happening outside of your security perimeter, you are more prepared to thwart potential attacks.

For instance, if you see that you’re getting port scans from a certain IP address, you could simply block that IP address and eliminate the threat long before it gets into your network.

How to Guide: Optimizing Network Design in Security Projects

Level 2: What Does Your Normal Traffic Look Like?

How do you know what kind of traffic indicates a preeminent attack if you don’t know what your typical network traffic looks like?

Think about this fundamental vision in terms of your relationship with your medical provider. Your doctor doesn’t treat you the same way he or she treats other patients. After all, your body functions and reacts differently than the person in the waiting room. Knowledge of your baseline vitals and medical history helps inform your doctor’s decisions.

Similarly, you must always monitor your network traffic to determine what activity is normal and what is not. Establish a baseline of normal traffic flow inside of your network. What kind of IP traffic is typical? What kind of traffic do I see through my firewall(s)?

Level 3: Ensure 100% Traffic And Data Capture With Unhackable Security Tools

A fundamental principle of network security is that your devices cannot be compromised. Especially as it relates to capturing data, you need complete network visibility to know exactly what’s happening on all layers of your network.

Switches and their SPAN ports can be hacked and reprogrammed to hide data loss or other network security issues. Network TAPs, on the other hand, are a physical security device that cannot be compromised or hacked.

If you used security cameras outside of your building, you wouldn’t be comfortable with them working only part of the time or with someone having the ability to shield their lenses. So, why would you be comfortable jeopardizing your view into and outside of your network?

Level 4: Leverage Firewalls

There are a number of different types of firewalls, from traditional firewalls to web and application firewalls.

Leveraging firewalls is an important initial step to screen out hackers, viruses and worms. However, they cannot be your only line of defense. A firewall is a bare-minimum, sensitive device that can be attacked or flooded, and it also needs to be programmed correctly in order to do its job.

Level 5: Segment Your Network By Areas That Need Visibility

No two networks are identical. There is no all-encompassing structure for how you should segment your network. How you do so should be determined on a diagnostic level and based on your network requirements. Break it down by percentages to determine where you need visibility, and place network TAPs in these areas.

For example, your diagnostics might show traffic as follows:

  • 30% Email

  • 20% Business Application

  • 15% Video

  • 15% Miscellaneous Applications

  • 10% VoIP

  • 10% Browsing

In this example, you certainly want to ensure visibility into your email traffic.  

With network TAPs outside of your security perimeter and in critical network layers, you have greater control over potential network security issues.  

Level 6: Next-Level Security Tools

The “next-level” implementations include:

  • Proxy servers

  • DDOS applications

  • Data capture or forensics boxes

  • Intrusion prevention/detection systems

  • SSL decryption devices

  • And more

Many organizations invest a great deal into such applications and devices, but their success is dependent on addressing the preceding five levels first.

With a network designed for security from the ground up, you are far more likely to thwart attacks and the many security issues threatening your network. Ready to learn more? Download our whitepaper today: How to Optimize Network Design in Security Projects

Topics: Network Security, Network Visibility/Monitoring, In Band Security Appliances, Network Design

Written by Chris Bihary

Chris Bihary has been in the network performance industry for over 20 years. Bihary has established collaborative partnerships with technology companies to complement product performance through the integration of network test access points. Previously, Bihary was Managing Partner at Network Critical.