Defence Strategies And Network Management Tools: A Comprehensive Essay.

1.In this paper, you ill define the security strategies of Defense in Depth and Layered Security along with comparing and contrasting the strategies by explaining, at least, two advantages and disadvantages of implementing each security strategy

2.you will research and report on network management tools associated with (1) policy compliance, (2) bandwidth management, and (3) asset management. Compare and contrast, at least, one tool for each of the three network management areas. What is the best tool for each area? Can one tool be used for managing more than one area? 

Defence Strategies in Networking

Internet service providers face malicious threats from hackers every now and then that had formed the source of various risks associated with the transferring of internet to the clients. Therefore it is required that a network is made absolutely impermeable to assure that there is no risk associated with the networking system (Chang & Ramachandran, 2016). It becomes necessary that the defender system in a networking system focuses on implementing defence strategies and network management tools to prevent impending or ongoing attacks. The following report would thus comprise of network defence strategies, layered security systems, with the comparison of the strategies and the advantages and disadvantages of implementing them. The next part of the report would comprise of the network management tools for policy compliance, bandwidth management and asset management; suggesting the best tool for each area of network management and if any tool can be used to serve for in more than one area of network management.

According to reports, more than 42 percent of organizations have been under the threat of cyber security issues along with the augmented harm it has brought to these organizations and ameliorated attack method. The data that resides in a private network becomes one of the most expensive assets for an organization (Gregory et al. 2016). Therefore, it is required that few strategies be implemented for any network of an organization or an internet service to defend the malicious attacks that any networking system witnesses. These strategies are known as Defence Strategies in Networking. The security solution that the defence strategies provide is not only the proactive resources like firewall and anti-malwares but also the reactive strategies that provide enhanced intense security in urgent basis. A Security Defence Strategy has to consider the matters of random attacking behaviours of malicious threats, collaborative attacks and non-deterministic turn of nature. Defence security mechanism is much more comprehensive and encompasses the mechanism of layered security systems also. It does not only provide security to the network system but also provides alerts to the security breaches and malicious threats. 

Layered Security, or the security system better known as Layered defence mechanism, is the security mechanism that combines multiple mitigating factors and security controls to provide defence strategies for controlling and protecting resources and data. These strategies are used as multiple components to function over a number of levels or layers (Hoffmann, Vlassenroot & Büscher, 2016). The primary idea of using layered security as a network defence strategy is that it is effective in not just one layer of the network system but works on multiple layers of a network system providing more security to a network. It involves of security protocols at the system levels or network levels where the security experts focus on data at use over the data at rest. It addresses problems like hacking or phishing, service denial attacks and other cyber security threats.

Layered Security in Networking

Both the Defense Security and the Layered Security may seem similar but to some extent they are different from each other. The similarity prevailing between both these mechanisms are that they both have been defense strategies that help network systems to prevent the malicious attacks (Jeong et al. 2015). However, there are distinct contrasting features that prevail between both the strategies applied to the network systems. The two concepts are different at the levels as defense security in depth approach widens the scope of attending to security and encourages flexibility in the policies that work well in newest conditions ensuring total security from unexpected threats. Where on the other hand, layered security Layered Security on the other hand provides treatment of data threats simultaneous attacks on the different layers of the network system, which the defense security approach are unable to perform. Where defense security focuses on one level, layered security works on various layers all at the same time providing protection to simultaneous threats. 

Advantages of defense security strategy: The advantages that defense security strategy provides are that it makes highly available bandwidth providing a virtual connectivity environment and it also provides a network system with Commercial off-the-shelf or COTS Technology than proprietary solutions for network that has a potential to lock in users.

Advantages of Layered Security Strategy: The advantages of layered security strategy are that it helps in filter the spam messages in email security systems enabling strict delivery rules (Jeong et al. 2015). Again, it provides a network system with firewall that forms a filtering wall between an internal network of a user with the public channels and their connectivity to the network.

Network Management tools are essential to maintain the network security of a successful enterprise (Shin et al. 2016). It helps in identifying the hazards, exposures, uncertainty, liabilities and other risks that has formed threats on the network security of an organized system. Below are the description about few network management tools that would provide information about their mechanism and the ways it helps in the management of a network system.

(1) Policy compliance

Policy compliance is a network management tool that verifies that all the controls of a network management system are defined by the policy (Riedel et al. 2014). That is, it is implemented and remains operational as implemented. It can be regarded as a continuous process for implementation, verification and monitoring of an implemented network policy. It may form confusion that policy compliance is a tool better handled by auditors, in IT operations, it becomes essential. Policy compliance configures the proper management of the policies set to function in a network system. 

Comparison between the Defence Security and Layered Security

(2) Bandwidth management

Bandwidth management tools are used to measure the amount of bandwidth being consumed by a network system with the help of different devices and applications (Pollutro, Tran & Kumar, 2017). It uses the IT infrastructure to analyze the bandwidth consumption by measuring the amount of data transferred from one point to the other within a network system for a specific amount of time. An abundance of tools are present that adjusts the individual bandwidth consumption of a device, such as a router or a switch, based on the respective setting of the devices.

(3) Asset management

The asset management tool is the dedicated software application that enables recording and tracking of assets through its life cycle. That is, involving the process of procurement and disposal of the software (Paul, Devarajan & Sinha, 2016). It provides the network system with the solutions to the problems like the location of certain assets, the information about the users using the services and the methods that are used for utilizing the assets. The management of assets include both hardware and software assets.

If as an instance, it is taken that the Bandwidth Management tool is taken to serve as the three network management areas that along with the Bandwidth Management tool, the Policy Compliance tool and the Asset Management tool also serves (Pathan, 2016). It could be seen that the Bandwidth Management tool is able to handle the purpose that asset management handles. However, it provides little help when implemented in place of the policy compliance tool as the bandwidth management do not provide if the use of network systems are complying to the policy of the organized network system. 

Best tool for each area

The best tool that serves each of these areas is the Bandwidth Management tool, which provides intricate information about the data that is being used by each of the devices in a network system in an organized area (Cordray et al. 2015). This is because, to some extent, it provides information about the amount of network policy and its compliance and also the information about the management of assets. Therefore, Bandwidth Management tool can be used to serve more than one area in this regard.

Conclusion

In conclusion, it can be said that, in any organized network system, it is essential that defender system be implemented for providing maximum permeability against malicious hackers and strategies be applied in correlation to the systems. These strategies may seem similar in nature, since both defense and layered security provide help in defending a network, their mechanism are different. A layered system provides help simultaneously to various network layers; however, defense system provides help to one layer at a time. Again, network system tools are also essential to implement in a network system that would provide assistance to various aspects of the network management of an organized system. The tools may vary in characteristics; however the bandwidth management system provides help in more than one aspect of a network management system. 

References

Chang, V., & Ramachandran, M. (2016). Towards achieving data security with the cloud computing adoption framework. IEEE Transactions on Services Computing, 9(1), 138-151.

Cordray, C., Link, D., Chart, R., & Ginter, K. (2015). U.S. Patent No. 9,077,611. Washington, DC: U.S. Patent and Trademark Office.

Gregory, T. L., Lemmon, A. N., Veitenheimer, J. M., Jacobs, J. R., & Ainsworth, M. E. (2015). U.S. Patent No. 9,002,679. Washington, DC: U.S. Patent and Trademark Office.

Hoffmann, K., Vlassenroot, K., & Büscher, K. (2016). Multi-layered Security Governance as a Quick Fix? The challenges of donor-supported, bottom-up security provision in Ituri (DR Congo). JUSTICE AND SECURITY RESEARCH PROGRAMME PAPER, (33), 1-27.

Jeong, J., Seo, J., Cho, G., Kim, H., & Park, J. S. (2015, March). A framework for security services based on software-defined networking. In Advanced Information Networking and Applications Workshops (WAINA), 2015 IEEE 29th International Conference on (pp. 150-153). IEEE.

Pathan, A. S. K. (Ed.). (2016). Security of self-organizing networks: MANET, WSN, WMN, VANET. CRC press.

Paul, N., Devarajan, S., & Sinha, A. (2016). U.S. Patent No. 9,369,433. Washington, DC: U.S. Patent and Trademark Office.

Pollutro, D. V., Tran, K. T., & Kumar, S. (2017). U.S. Patent No. 9,781,114. Washington, DC: U.S. Patent and Trademark Office.

Riedel, N., Peponides, Y. M., Petranovich, J. E., Yonge, L. W., Katar, S., Ayyagari, D., ... & Chan, W. C. T. (2014). U.S. Patent No. 8,737,420. Washington, DC: U.S. Patent and Trademark Office.

Shin, S., Xu, L., Hong, S., & Gu, G. (2016, August). Enhancing network security through software defined networking (SDN). In Computer Communication and Networks (ICCCN), 2016 25th International Conference on (pp. 1-9). IEEE.