A network security passively monitors and records the traffic present on a local area network, wide area network, or other type of computer network, without disturbing or otherwise interfering with the flow of the traffic. In order to properly detect policy violations and patterns of misuse, security products often must place the packets of data in contexts relevant to such connection criteria as space, time, and event. Starting from the characteristics of the computer information network security and network security factors, a network security system designed set includes virus protection, dynamic password authentication, firewall access control, information encryption, intrusion detection and other protective measures for our computer the improvement and development of the information Network Security provides a useful reference.
To allow the communication among the devices a computer network includes several devices, such as switches and routers connected (Weiss, 1993). The devices are often categorized into two classes: end stations s and network station. End station contains devices that primarily supply or consume information such as work stations, desktop PCs, printers, servers, hosts, fax machines, and; and network station includes devices such as switches and routers that primarily forward information between the other devices (Wiegel, 2002).
As the use of local area networks (LAN’s) and other computer networks proliferate, the problems of providing adequate security for the various resources available on the network become increasingly important (Weiss, 1993). Reliability, stability and real-time of business running on the network, the continuity of business processes and business operation’s confidentiality and non-repudiation are the components of network security (Hongli, 2012).
Network security can be further described as follows: the integrity of network process sets and data sets, the running reliability and real time of network process set, and the non-repudiation of processes running and writing operation on data set (Hongli, 2012). Network security products such as intrusion detection systems (ID systems) and firewalls can use a passive filtering technique to detect policy violations and patterns of misuse upon networks to which the security products are coupled (Wiegel, 2002). The passive filtering technique usually comprises monitoring traffic upon the network for packets of data. A signature analysis or pattern matching algorithm is used upon the packets, wherein the packets are compared to “attack signatures”, or signatures of known policy violations or patterns of misuse (Gleichauf, Teal, D. M., & Wiley, 2002).
Network security threats includes hacker attacks, backdoor covert channels, computer viruses, Trojans, internal and external leaks, worms, logic bombs, information loss, tampering, destruction, network and service attacks (Tang, Zhang, S. J., & Jiang, 2014). Network Security have following features or characteristics:
From all aspects of network information security problems, we must first figure out the factors that trigger network security. Factors affect network security includes both natural factors, including human factors, now, human factors network security hazards (Dong, 2014).
The operator has no intention to mistakes:
Such as operator safety security vulnerabilities caused by improper configuration, user security awareness is not strong or user password selection carelessly account arbitrarily lent to others or share with others the threat posed by the illegal operation of the operator or resource access control caused by the irrational network system to destroy and will inadvertently cause a great deal of damage to the security of the network system (Weiss, 1993).
Network virus and malicious attacks:
The network viruses belonging to the man-made malicious attack, a malicious virus invades can break through the defense of network security, host intrusion to the network, computer resources have been seriously damaged, and even caused the paralysis of the network system (Hongli, 2012).
System software vulnerability:
Hackers use of open protocols or tools to scan the entire network or subnet to find the host system security flaws, then by Trojan invasion, once the operating system, can do whatever they want on the system, including the establish a new security vulnerability or backdoor on the system or implanted Trojan, which pose a significant threat to network security (Weiss, 1993).
Confidential information stored in the network system, when the system is under attack, such as do not take measures, it is easy to collect and cause leaks (Dong, 2014).
Internal LAN, login to the legal status of some illegal users of fraudulent use of legitimate users password to view confidential information, modifying the information content and the destruction of the running of the application system (Weiss, 1993).
The wide application of computer network security and the increasingly serious threat to computer information confidential work put forward higher request, but it is safe computer network system is not zero, zero risk means that the network (Hongli, 2012). Network security is a very complex issue; traditional static defense technologies with a single function cannot be good way to ensure the safety of network (Tang, Zhang, S. J., & Jiang, 2014). The information security industry, and gradually establish independent intellectual property rights-based operating systems, network infrastructure, information security system in the top of the key chip technology, from fundamental of computer information network security system the comprehensive upgrade needs to be enforced and network security law should be enforced (Dong, 2014).