Network Security Controls
The list of security attacks is very long, and
the news media carry frequent accounts of serious security incidents. From
these, you may be ready to conclude that network security is hopeless.
Fortunately, that is not the case. Previous chapters have presented several
strategies for addressing security concerns, such as encryption for
confidentiality and integrity, reference monitors for access control, and
overlapping controls for defense in depth. These strategies are also useful in
protecting networks. This section presents many excellent defenses available to
the network security engineer. Subsequent sections provide detailed
explanations for three particularly important controls—firewalls, intrusion
detection systems, and encrypted e-mail.