This presentation from the Palo Alto Networks Cybersecurity Academy; network security and why it matters, explains why every one of us needs to have a fundamental understanding of networking security. Networking is a major part of our day-to-day lives. We interconnect and participate in numerous networks by phone at work, school and even just watching television. Many of us are not even aware that we are often engaged in an always on state of networking entities called the Internet of Things or IoT. IoT members include cars, home appliances, energy meters, medical equipment, and so much more. We're participating in all of these networks without us sometimes even knowing about it. Interconnectivity that provides seamless and transparent access to an endless array of internet resources is something we all enjoy. Yet it is very difficult to identify where your devices are connected and who can see your network presence and your network activity. Network and app providers often maintain an active point of presence on your connected devices. Using their services requires acceptance of their Service Level Agreements. These SLAs often permit the vendor or provider to monitor, harvest and market your network activities. Personal smart devices also make it easy and convenient to extend your personal networking space into both private and public networks. Whether it's for file sharing, teleconferencing, or making purchases and payments. But as a result, these personal area network connections are increasing at a significant rate. With all of these interconnectivity, one of the biggest challenges is identifying what devices are actually on your network. The first steps in enumerating or network discovery are often to identify the names and addresses of these devices. Device addresses usually appear in two different ways: logical and physical. Logical names and addresses are often dynamically assigned and can be changed. Physical addresses on the other hand, are considered static or fixed. Physical addresses are often hard-coded into a device when it's manufactured. Let's take a look at wireless LAN and look at ways to discover those physical and logical device identities. Many wireless network connectivity devices are set by default to broadcast their service set identifiers or SSIDs. If your wireless network is secured and isolated, for example, a company or wireless network that provides services in a remote area, then an SSID broadcast may not present a significant vulnerability. However, for a more public environment or a home wireless LAN, disabling the SSID broadcast will enhance network security as your wireless routers and switches will be functioning in stealth mode. Network administrators need to conduct regular surveys of these networks, both wired and wireless, and ensure that no rogue or improper devices have a network Point of Presence. A packet capture application or sniffer like Wireshark, can provide information about not only device identities, but also pocket types, ports, and protocols that are in use throughout your network. Another significant network security issue is name resolution. Both local devices and network name resolution services can easily be hijacked or corrupted. End users are susceptible to clickbait and spam, and they may even willingly connect to an infected website that poisons their local address resolution tables and domain in caches. While it may be too difficult for a standard user to monitor their network trial, and ensure they are properly accessing trusted name resolver services, every user should be able to clear their browsing history and cookie caches and browse within private or incognito mode settings, and also regularly restart their devices. Aside from personal computers, phones and tablets that connect to internet services, there are multitudes of devices in the home and workplace that maintain an always on connection to the internet and make up what is known as the Internet of Things. The Internet of Things has become the world's largest interconnected space and is comprised of billions of small portable devices, industrial tools and appliances, navigational aids, vehicles and more. Defining these numbers of devices that are joining the IoT every day is an impossible task, and securing them is an even more impossible task. Market research confirms that consumers love convenience, even when convenience is accompanied by acknowledged and significant security risks. Despite the fact that IoT security cameras and voice recognition systems manufacturers openly disclose their device and network security vulnerabilities, consumers continue to deploy them inside their supposedly secure networks. Networks security professionals need to understand and mitigate the built-in security risks that these many IoT devices introduce. That's easily said. But how can you actually minimize your security risks? One fundamental security approach is to employ a firewall that can perform network segmentation and place a secure boundary between your local networks and external networks. There are firewalls of many different types of configurations that can effectively limit traffic that passes in and out of your local network. But one drawback with traditional firewalls, is they do not monitor traffic or identify devices that reside inside an internal trusted network. When a phone or tablet is introduced into an internal network, that device can also introduce infected apps and other significant security risks can then occur for your internal network. The solution is to incorporate a next-generation firewall, perhaps from Palo Alto Networks, which can effectively reduce these risks by identifying and monitoring content, application and user network activities. As our networking worlds grow ever more crowded and complex, there's a tremendous need for skilled networking technicians who have not only demonstrated proficiency with networking standards, but also have demonstrated proficiency through certification. There is an even more significant need for network technicians who have network security skills and certifications. In the end, networking security skills are all about ensuring critical communications for device connectivity, support and human interactions. Please visit us at paloaltonetworks.com/academy to learn how you can apply security controls throughout your networks and how you can enhance your career with security certifications.
