Networking is one of those things that, once you take a good look at the entry level certifications, seems like it would take a lot of time to really understand and purchase. Thankfully, this is not the case. Combining some fundamental understanding with experience in industrial network switch can do wonders for your network administration skillset.
Threats and Attacks
Network intrusion is easily one of the most common types of attacks in the enterprise. With each iteration of technology, hackers are coming up with new ways to trick our IT departments and gain entry into otherwise secure systems.
Each network with poe media converter has a defined architecture, quite often with a number of different devices that various groups have access to. Let’s look at an example:
Any time you hear about a company getting hacked, it’s usually because they left their wireless open for unauthorized access. What’s on your wireless network isn’t just used by employees, but rather anyone who wants to come check out your favourite websites or play games on your IP devices.
This means it’s up to you to protect that network and keep it secure. There are several different methods to securing your wireless network, the easiest being using a WPA Supplicant.
A WPA Supplicant (also known as a RADIUS account), is something that is configured for your wireless clients and can be configured to block all traffic except for authentication.
This screenshot shows you some of the settings you can use when choosing a password:
Network Security Groups
Network security groups (NSGs) have been around since Windows 2003, but their purpose wasn’t quite clear until recently. NSGs are meant as a way to restrict network traffic to/from specific subnets/hosts.
Wireless networks, in my experience, are by far the most susceptible to attack. Traditionally, network administrators have used a WPA configuration for their wireless networks due to its ease of use and the integration into Active Directory. The problem with WPA is that there are no configuration settings or options that can be used to lock down devices and networks by IP address or MAC address.
The IP address range in the above example can be changed as long as the SSID is kept constant and all clients know what SSID they should be connecting to. There are wireless devices than come with default configurations pointing them towards common SSIDs.
Wireless networks have a much greater range than traditional wired networks, which means that not everyone has to be in the same room to access the network. If someone were to connect to your wireless router without permission, they can access all of your data. In fact, most people wouldn’t even notice unless they were sitting right next to you observing the traffic on their own wireless devices. Wireless networks transmit data in clear text which means that anyone with a half decent sniffer can see all of your sensitive data (email addresses, passwords, etc.).