Network security risks, threats and prevention techniques
The rapid growth of the network has resulted into an increase of security risk. Many of these security risks is resulting from hacking, network device vulnerabilities and improver use of network resources. Therefore, network security is defined as the protection of access to file and directories in a computer against unauthorized changes made to the system, hacking and misusing of computer resources. Network security is relevant and achieved by focusing on only individual devices not on how the devices are interacting and connective tissue between the devices.
Network security comprises the process of protection implying configuration of the network system. Detection entails the process of configuring when the system has changed as well as indicating the time when the network system indicates a problem. Network security is important when quick response is given immediately when the network traffic is detected to have a problem, the response given should return the system into a safe state. University institution has to ensure that their network is secure from all vulnerable risks by incorporating all network security elements.
Literature Review
According to SULAIMON ADENIJI, 2012, network attach has been described as the illegal system that tries to penetrate into the organizational computer network within the organization. The network attacks are known to be either unintentional or intentional, some of the intruders might have an interest of targeting the protocol platform used to secure communication between the computers[1]. As the illegal access of communication in an organization is increasing, high level of security solutions are generated, the expert tends to incorporate all their knowledge and technical skill to prevent attackers from accessing the network security.
According to CHIEM TRIEU PHONG, 2014, GFI LanGuard is a well-known network assessment tool. It is a vulnerability assessment tool that facilitate an advance network security for an organization.GFI LanGuard is a tool that presents its result in a use friendly manner but it does not provide free-open source of attacks or hacking[2].
According to Jamie O'Hare, 2012, OpenVAS is a vulnerability assessment tool that enumerate through a specific target. While attempting to identify target range and exploit their vulnerabilities, the assessment tool tends to interrogate the running services by highlighting the fingerprint process that is considered to be week. When the weak target is identified, the assessment tool denies the illegal access of the network by demanding the authentication access[2].
Unstructured threats
According to Guettier, C., 2007, the unstructured network security threat is the type of threat that is created by a person who has no experience or knowledge of accessing the computer network. The common hacking tools during the activity of unstructured threat comprises password cracker, shell scripts. The university institution should have a good security system in order to detect such threats from affecting their communicating that exist between computer networks[2]. According to MacLean, G, 2010, unstructured attack should not be underestimated because they can cause fatal damages to the network system of an organization[3].
Structured network security threats
Structured network security threats are the opposite of unstructured security threat. According to the research conducted by Perlman, Kaufman, &Speciner, 2016, the structured security threats are performed by the person who has enough knowledge. The hackers are well trained and that they use highly sophisticated hacking tools, because of highly sophisticated weapons, the hackers can break into business or government computers system to extract information[4]. The research conducted by A Shostack, 2014, on designing the security system states that structured security threats are carried out by the organized crime or the industry competitors.
External security threat
According to Sharma, &Rawat, 2015, external security threat is a type of security threat that is caused by the person who is part of the organization but they do not have any access to the organization information. The hackers usually break into the company network or server, structured and unstructured security threat hackers can externally carry out the security threat affecting the computer network systems[5].
Physical installation attack
The physical installation attacks are form of security attacks that can be seen but cannot be prevented, they are referred to be physical since they can be seen physically. Their impact tempers with the physical installation of the computer systems. These physical threats comprise the advance whether conditions such as heavy rainfall, and high temperatures. According to, the physical security threat affects the hardware installation of the network system of a computer.
The old age of computers is also termed as the physical security threat that affects the computer network. According to Roman, R., Lopez, & Mambo, 2018, the electricity threat can cause extreme damages to a computer network, this threat is common when there is a shortage in power supply causing computers to fail from performing their usual functions.
Network Security Tools
Large organization such as a university institution tend to reflect on the limitation resulting from security attacks. Their evaluation of security attacks compels them to acquire security tools that are relevant in preventing their network security from any vulnerable attack. Expert have extensively incorporated all knowledge, skills and resources to ensure that they develop tools that provide security surveillance to a computer network[6].
The vulnerable security threats are the possible factors that can damage or completely erase the important information from the computer network. University institution have a defined network program that carries relevant information, the weight of organization information to its stakeholder is defined by the security techniques that are installed to prevent them from attacks or any form of security attack[7].
GFI LanGuard
GFI LanGuard is a leading network security scanner and patch management solution that is known to be a virtual security consultant. The network security tool is reflected to be convenient since it gives a complete overview of the network setup, providing risk analysis as well as helping to maintain the whole network with minimal effort. GFI LanGuard is a security scanner that can audit over 60, 000 vulnerable issues that can affect the computer network of an organization. The security tool is sued to perform mult-platform scanning to MacOs, Linux, iOS, Android and windows phones and computers that are interconnected to one server. However, the tool is used in analyzing the security setups and status[2].
Increasing incidence of hacking has affected the operation of many institutions, especially institution like universities. External attack can be conducted by members or students who have no access the server to destroy the institution network system. GFI LanGuard has played a key role in ensuring that the vulnerable attacks are prevented before resulting to damage. GFI LanGuard allows a person to identify and correct threats before hackers performed their activities such as vandalism. The security tool scans the devices, ascertaining and categorizing the security vulnerabilities as it recommends on the immediate course of action. After detecting and exploiting the attacked, the GFI LanGuard enables automatic download as it installs the service pack and patches for the MS operating system[6]
OpenVAS
OpenVAS is a network security framework that provides a comprehensive and powerful vulnerability scanning solution to an organizational network system. The security tool is vulnerable scanner that was splinted from the last version of Nessus security tool. Unlike the other network security tools, the OpenVAS security tool does not require any amount of memory to operate in a computer system. The network security system requiresan amount of 3 GB RAM sufficient to scan small number of computers at once.Vulnerable scanners often have poor reputation of their management misunderstanding, OpenVAS provide vulnerability scanning that provide information that prevent disappointment of host crashing hence losing of information.
OpenVAS is the cheapest and easy to use network security tool since it can be made available to the local machines.Accepting the self-singed certificate allows the user to log in an have the network tool operating on the local machines, this is by being presented to the login page and authenticated to the dashboard.
OpenVAS provide exceptional services of preventing the server from being exploited by the hackers. When the security threat is performed, OpenVAS schedules all the task to accessed and provide authentication of the task. The authentication approach in OpenVAS prevent information from being accessed from the servers[7].
Threat Mitigation techniques
The threat mitigation techniques are the measures that can be used to secure computer information from being accessed or attached by hackers. when security treat has been affected, the organization has to mitigate it by implementing on the below measures[1].
Patch management
The patch management contains the updates that are authenticated to the operating systems to make them more secure from any threat. Clients have to ensure that they perform automatically windows update to access latest version of software that prevent network security threats[6].
Policies and procedures
Security procedures and policies are the major techniques of mitigating the network security attack. The policies must be developed by the organization to make every person aware of the consequence that arises from misusing or illegal access of computer network. Relevant procedures should be displayed to prevent both internal and external attack[1].
Training and awareness
Training and awareness is the most considerable form of mitigating the network security threats in an organization. The best way of preventing mistakes from the users is by training them to understand all procedures of accessing the computer network[5].
Conclusion
Network security comprises the process of protection implying configuration of the network system. The rapid growth of the network has resulted into an increase of security risk. Many of these security risks is resulting from hacking, network device vulnerabilities and improver use of network resources.
External, internal, structured and unstructured are the primary threats defined to sabotage the importance of network security within an organization. The paper has presented GFI LanGuard and OpenVAS as the primary tools used to prevent network security threat.Patch management, Policies and procedures and Training and awareness are the essential techniques of mitigating the reality of the threat.