INFORMATION TECHNOLOGY - NETWORK SECURITY TOOLS

INTRODUCTION

Network scanning and vulnerability assessment tasks are critical to ensure protection for network resources from hostile attackers to maintain the integrity, availability, and confidentiality of information in cyberspace. Attacks from the internet aim to exploit the vulnerabilities discovered in applications, which occur because of weaknesses in system configurations, use of default passwords, and poor software design and implementation. GFI LANGUARD Security vulnerability assessment, Tenable Nessus Network Vulnerability assessment, and Saint Vulnerability assessment tools have a suite of tools for vulnerability assessment, which when run on the network generate reports about the status of the security of the network and suggest appropriate countermeasures.

GFI's LANGUARD SECURITY MANAGEMENT TOOL

GFI LANGUARD is one of the best commercially available tools for conducting network vulnerability assessment and scanning to detect and correct application weaknesses based on multiplatform functionalities in one security solution (Comprehensive network security for businesses 1). The term multiplatform implies that GFI LANGUARD can run vulnerability assessments and port scanning on Mac OS, Windows, and Linux operating systems, which enables IT security professionals, to remediate security threats and identify the resources vulnerable to attacks.

NETWORK SECURITY

Network security encompasses all the steps taken to protect the integrity of a computer network and the data within it. Network security is important because it keeps sensitive data safe from cyber attacks and ensures the network is usable and trustworthy. Successful network security strategies employ multiple security solutions to protect users and organizations from malware and cyber attacks, like distributed denial of service.

IMPORTANT OF NETWORK SECURITY

1. Operational risks. An organization without adequate network security risks disruption of its operations. Businesses and personal networks depend on devices and software that cannot operate effectively when compromised by viruses, malware and cyber attacks. Business also rely on networks for most internal and external communication.
2. Financial risks for compromised personally identifiable information (PII). Data breaches can be expensive for both individuals and businesses. Organizations that handle PII, such as Social Security numbers and passwords, are required to keep it safe. Exposure can cost the victims money in fines, restitution and repairing compromised devices. Data breaches and exposure also can ruin a company's reputation and expose it to lawsuits. Financial risk for compromised intellectual property.
3. Regulatory issues. Many governments require businesses to comply with data security regulations that cover aspects of network security. For example, medical organizations in the United States are required to comply with the regulations of the Health Insurance Portability and Accountability Act (HIPAA), and organizations in the European Union that deal with citizens' data must follow the General Data Protection Regulation (GDPR). Violations of these regulations can lead to fines, bans and possible jail time.

TYPES OF NETWORK SECURITY SOFTWARE AND TOOLS

• Access control. This method limits access to network applications and systems to a specific group of users and devices. These systems deny access to users and devices not already sanctioned.
• Antivirus and antimalware. Antivirus and antimalware are software designed to detect, remove or prevent viruses and malware, such as Trojan horses, ransomware and spyware, from infecting a computer and, consequently, a network.
• Behavioral analytics. This method analyzes network behavior and automatically detects and alerts organizations to abnormal activities.
• Intrusion detection system (IDS). An IDS detects unauthorized access attempts and flags them as potentially dangerous but does not remove them.

FEATURES

To effectively provide the required security solutions, GFI LANGUARD has integrated various components into a single security solution in an architecture that allows for scalability and reliability. Among the features integrated into the GFI LANGUARD architecture includes a GUI management console to enable one to access administration and functionality tool to initiate network security scanning, vulnerability sessions for remediation, and patch deployment. Using the GFI LANGUARD one is able to configure scanning options, view scans in real-time, report filters, and save scan profiles, and run background operations using GFI LANGUARD attendant (“Comprehensive network security for businesses” 1).

VULNERABILITIES

According to Saint: Vulnerability Management, Penetration Testing & Compliance (1), the areas of concern for Saint Vulnerability assessment tool include cross-site scripting, vulnerable browsers, and information access on a host configuration like finger information and FTP bounce, and privilege escalation. Saint checks for application weaknesses that can be exploited by hostile attacker, common application configuration errors which, when discovered in a system provides holes for attacks, system vulnerabilities, database vulnerabilities, and default and weak configuration settings.

CONCLUSION

The three vulnerability assessment tools come with a suite of tools that enables one to scan the network for threats and identify the vulnerable points that can be exploited by hostile attackers to compromise the system. The tools are commercially available and have different graphical user interfaces to enable the user run the tool on the appropriate platform. Tenable Nessus and FI’s LANGUARD Security Management tools run on different operating system platforms while Saint can only be installed and used on a Linux platform.