IT Security Outsourced IT

LAN and WAN Security

What is LAN and WAN Security?

Your network connects any number of resources including servers, computers, printers, and more, and makes it possible to share software, information, and files. Network security is critically important as sensitive and confidential information is being stored and shared within your network. Understanding network security risks can help you to thoughtfully design your IT architecture.

Local Area Network (LAN) security. Your LAN is comprised of computers and peripherals that are connected to a server and are sharing resources. Whether your LAN is comprised of two or two-hundred computers, the LAN needs to strive to reach a maximum level of security in order to protect sensitive and confidential data and to meet regulatory compliance requirements for securing personally identifiable data (PPI) such as full names, addresses, social security numbers, driver’s license numbers, passport information, email addresses, phone numbers, and other sensitive personal information.

Wide Area Network (WAN) security. Your WAN creates private networks that can be accessed in-between networks. This structure allows you to share resources, files, and information between buildings or across the company. The WAN needs to be configured to ensure that it is only accessible to authorized users, in order to protect and secure your assets.

Examples of LAN and WAN security elements include:

Boot loader. Boot loader security prevents unauthorized access to the BIOS of the switch by requiring passwords to access boot options.

Secure Shell (SSH). SSH protects data integrity and confidentiality by encrypting management sessions when remotely logging in to monitor a switch.

Simple Network Management Protocol (SNMP). Network management systems provide secure access through SNMP with authentication and encryption of SNMP management data used to check the status of any device on the network, such as reporting on devices that are offline or are behaving unusually.

Site-to-site virtual private networks (VPNs). Site-to-site VPNs use firewalls to connect a branch office network in one location to the network in another location.

Software Defined WAN (SD-WAN). SD-WAN allows enterprise customers to use existing physical branch office firewalls which are connected by low-cost internet connections and VPNs.

Network access control (NAC). NAC, also known as network admission control, is the process of restricting unauthorized users and devices from gaining access to a corporate or private network.

Port security. Port security enables you to configure each switch port with a unique list of MAC addresses of devices that are authorized to access the network through that port. This security enables individual ports to detect, prevent, and log attempts by unauthorized devices to communicate through the switch.

Spanning Tree Protocol (STP). STP creates a tree of links in the ethernet switched network. Links that cause loops in the network are disabled, thereby providing a single active link between any two devices.