Networking is one of basic skill required for hacking, it is very important to understand and master basic networking before getting head around hacking. A network engineer who mastered ethical hacking can perform Network Penetration Testing to determine exploitable vulnerabilities in the network by discovering open ports and services, grabbing system banners and attack his/her own network before malicious attacker will do. A Wireless networks with poor configuration and encryption leave it open to attack. Malicious hackers can use Wi-Fi vulnerabilities to penetrate an entire network.
When designing a secure network the following need to be considered:
- Access ensure authorized users are provided means to communicate to and from a particular network.
- Confidentiality ensure sensitive and confidential information in the network remain private.
- Authentication ensure the users in the network are who they say they are.
- Integrity ensure the message has not been modified in transit.
- Non-repudiation ensure the user does not repute that he used the network.
Network Architecture Designs, is the organization and design structure of hardware and software resources that enable a network to accessible, connection, and communication. However, a well design Security Architecture is necessary along with a designed network. Network Security Architecture is also a combination of security segments in a network infrastructure. A Network Infrastructure consist of computer systems, servers and their respective applications running that allow connected users to access and communicate is the network. Each computer and server running in a network have efferent protection approach.
The followings are common security segments necessary for simple network (home/office) and , mostly complex network (enterprise):
- Workstation / Host Security
- Server Security
- Application Security
- Email Security
- Web Security
- Wireless Security
- Data Security
- Mobile Device Security
- Other type of methods using for network security countermeasure are: Firewall, IPS & IDS, and VPN.
In a network infrastructure, one or multiple of network security categories are required for securing specific systems or servers that in turn secure the entire network.