As a Network Administrator, you need to have a very clear understanding of Concepts, Procedures, and Terminologies used in Network Security.
The ultimate objective of Security is in CIA Triad, which is Confidentiality, Integrity, and Availability. Ensuring Confidentiality means Information would not be disclosed to the users other than the intended ones. Integrity Means the Information reaches the destination without any alteration, and Availability says the information needs to be available as and when needed.
Malware’s are Malicious Software used for malicious activity to hamper either or all elements of the CIA. Depending on the functionality and its use there are various types of malware such as viruses, Trojan, Spyware, Botnet, etc.
Incorrectly configured devices and Services are the main threat to Information Security. As a Network Administrator, you need to understand various Network Topologies. You need to identify the threat to Network Infrastructure and Defend Network attacks.
Secure Access (Protecting the Network Infrastructure )
Network Services such as NTP, SNMP are used to provide facilities such as time synchronization among all devices, health status, etc. If these Services are not configured properly, these become vulnerable to attacks.
RADIUS and TACACS+ are used to provide Secure Authentication, Authorization and Auditing facilities. RADIUS is Open Standard Protocol whereas TACACS+ is Cisco Proprietary.
Virtual Private Network (Secure Connectivity Over Insecure Medium)
VPN can be used within an organization or to connect many organizations to transfer the data to and fro securely even over the unsecured network.
Understanding of Cryptographic Algorithms and hashes used in VPN, VPN Deployments modes, Digital Signatures is required. The Ability to Configure and Troubleshoot VPN Deployments is also required.
Secure Routing and Switching
To achieve Network Security, we need to Secure every element involved, be it data plane or Control Plane. Control plane traffic is used to control the flow of network Services.
Router Security involves securing user, configuration and user sessions on the Router. To secure Routing Protocols we need to create a key-chain that needs to be attached to the interfaces where the Routes are Advertised.
