Network Security
Firewalls, IDS/IPS, VPNs, network segmentation, and traffic analysis.
Overview
Network security protects data in transit and network infrastructure.
Key Concepts
- Firewalls ā Traffic filtering and control
- IDS/IPS ā Intrusion detection and prevention
- VPNs ā Encrypted remote access
- Segmentation ā Network isolation
- Traffic Analysis ā Monitoring and detection
Firewall Types
Packet Filtering
- Examines packet headers
- Rules based on IP, port, protocol
- Fast but limited inspection
Stateful Inspection
- Tracks connection states
- Context-aware filtering
- More secure than packet filtering
Next-Generation (NGFW)
- Deep packet inspection
- Application awareness
- Threat intelligence integration
Network Segmentation
Architecture Diagram
Internet
ā
āāāāā“āāāā
ā DMZ ā ā Public-facing services
āāāāā¬āāāā
ā
āāāāā“āāāā
ā FW ā
āāāāā¬āāāā
ā
āāāāā“āāāāāāāā
ā Internal ā ā Workstations
ā Network ā
āāāāāāāāāāāāā
VPN Technologies
| Type | Protocol | Use Case |
|---|---|---|
| Site-to-Site | IPsec | Branch connectivity |
| Remote Access | SSL/TLS | Employee remote work |
| WireGuard | UDP | Modern, fast VPN |
| OpenVPN | TCP/UDP | Open-source solution |
IDS/IPS Signatures
Architecture Diagram
# Snort rule example
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (
msg:"SQL Injection Attempt";
content:"SELECT"; nocase;
content:"FROM"; nocase;
classtype:web-application-attack;
sid:1000001;
)
Practice
Configure firewall rules to protect a web server and analyze network traffic.