Do you ever stop to think about all of the different network security protocols out there? Probably not, but it’s a pretty interesting topic once you get into it.
In this post, we’re going to take a look at some of the most common network security protocols and what they do. So without further ado, let’s get started!
Network Security: What is it?
Network security is the protection of computer networks and their data from theft or damage. It involves using a combination of hardware and software to protect networks from unauthorized access or damage, usually by users.
The main purpose of network security is to ensure that the business data is secure and confidential.
Network Security Protocols: What is it?
Network security protocols are the rules that network applications must follow to ensure communication between them is sound.
The main purpose of network security protocols is to ensure that the business data is secure and confidential.
When users try to access a secured network, they are asked for a username and password. This process is known as authentication. The credentials you provide must match those stored on the server. If they do, the server lets you in; if not, it denies your access.
Also, if you try to access a secured network but enter incorrect credentials, you are denied access. If you enter the correct credentials but they do not match those of the server, you are denied access.
The Most Common Network Security Protocols:
There are a number of well-known security protocols that have been in use for many years and they include the following
The Password Authentication Protocol
This protocol uses a password or secret key to authenticate a user. This protocol is implemented in the operating system through a challenge-response sequence. The challenge is also sent by the server, and the response is sent by the client.
The sequence of events is as follows:
The client sends a request for access to a secured resource, such as a file or directory on the network. This request contains a random challenge number known only to the client and server. The server sends back its own random challenge number along with a message requesting that the client send back the correct challenge-response or risk being denied access.
The client calculates its own response based on its knowledge of the random challenge number and returns it to the server. The server compares this response with its own calculated response. If they match, then the client has successfully authenticated itself; if not, then it is denied access.
The Challenge Handshake Authentication Protocol (CHAP)
This protocol operates in a similar way to PAP except that it makes use of an encrypted three-way handshake between client and server instead of sending passwords in clear text across the network. CHAP provides a more secure authentication mechanism than PAP but it has some limitations, namely:
It uses only one shared secret per session between client and server It relies on trusted server host authentication It does not provide protection against replay attacks A replay attack occurs when an intruder intercepts valid messages between two parties and then resends these messages later in order to fool both parties into believing they are talking to each other when they are actually talking to an imposter
IP Security (IPSec)
IPSec is used to provide data privacy across public networks such as the internet by encrypting all traffic carried by public IP addresses belonging to hosts belonging to different private networks. IPSec also provides authentication services, preventing denial-of-service attacks by impersonating authentic hosts.
