Network Security
Firewalls, IDS/IPS, VPNs, network segmentation, and traffic analysis.
Overview
Network security protects data in transit and network infrastructure.
Key Concepts
- Firewalls β Traffic filtering and control
- IDS/IPS β Intrusion detection and prevention
- VPNs β Encrypted remote access
- Segmentation β Network isolation
- Traffic Analysis β Monitoring and detection
Firewall Types
Packet Filtering
- Examines packet headers
- Rules based on IP, port, protocol
- Fast but limited inspection
Stateful Inspection
- Tracks connection states
- Context-aware filtering
- More secure than packet filtering
Next-Generation (NGFW)
- Deep packet inspection
- Application awareness
- Threat intelligence integration
Network Segmentation
π
Internet
ποΈ
DMZ
Public-facing services
π₯
Firewall
π’
Internal Network
Workstations
VPN Technologies
| Type | Protocol | Use Case |
|---|---|---|
| Site-to-Site | IPsec | Branch connectivity |
| Remote Access | SSL/TLS | Employee remote work |
| WireGuard | UDP | Modern, fast VPN |
| OpenVPN | TCP/UDP | Open-source solution |
IDS/IPS Signatures
Architecture Diagram
# Snort rule example
alert tcp $EXTERNAL_NET any -> $HOME_NET 80 (
msg:"SQL Injection Attempt";
content:"SELECT"; nocase;
content:"FROM"; nocase;
classtype:web-application-attack;
sid:1000001;
)
Practice
Configure firewall rules to protect a web server and analyze network traffic.