Overview

In this chapter, you will learn to:

• Identify the need for network security

• Recognize the causes of network security problems

• Distinguish the four primary types of threats

• Know the four primary types of network attack

• Discover Cisco AVVID and SAFE, and how they relate to network security

• Learn about the Cisco Security Wheel

• Understand network security policy

• Improve network security

To understand, in part, why we are where we are today, you only have to remember that PC is the acronym for personal computer. The PC was born and, for many years, evolved as the tool of the individual. In fact, much of the early interest and growth came as a rebellion to what appeared as exclusionary attitudes and many restrictions of early data-processing departments. Admittedly, many PCs were tethered to company networks, but even then there was often considerable flexibility in software selection, settings preferences, and even sharing of resources such as folders and printers.

As a result, a huge industry of producers developed and sold devices, software, and services targeted at meeting user interests and needs, often with little or no thought about security. Prior to the Internet, a person could keep their computer resources safe simply by being careful about shared floppy disks.

Today, even the PCs of most individuals routinely connect to the largest network in the world (the Internet) to expand the user’s reach and abilities. As the computing world grew, and skills and technology proliferated, people with less than honorable intentions discovered new and more powerful ways to apply their craft. Just as a gun makes a robber a greater threat, computers give the scam artist, terrorist, thief, or pervert the opportunity to reach out and hurt others in greater numbers and from longer distances.

Author's Bias

One of the reasons hacking and other forms of network intrusions occur so often is because too many people inside and outside the industry think something is special about computer crime. A mystique surrounds some activities. Some even go so far as to create colorful terms, such as “ethical hackers” or “white hat hackers.” The bottom line is this: the person who gains unauthorized access to another's computer is no less a criminal than the burglar who gains access to your home. Web site hackers are no more honorable or deserving of special treatment than any other vandal, regardless of their cause or motivation. Once you own, or work for, a company that's had to waste the equivalent of many annual salaries to defend against attacks, fight off an attack, or restore damaged resources, the “victimless” rational of computer crime goes up in smoke.

This book provides a variety of techniques and technologies to protect computing resources from unauthorized access and loss. This chapter lays the foundation by looking at the need for network security. What are the threats? Who are these people who threaten the data, and what are some of the methods they use? In addition, you’ll find many references to outside resources for additional information.

While this book addresses the requirements of the various certification exams, recognizing that the diversity of security threats is far too large for any single book is important. Furthermore, the nature and source of many threats changes on a daily basis, making it important to start building a set of resources, such as web sites, news groups, trade associations, vendor distribution lists, and so forth that can help you try to stay abreast of the changes. Each technology, such as wireless, voice, web pages, and e-mail systems, has its own set of threats that a person must remain aware of.