Intrusions of every kind have now become very common occurrences and to prevent these unlawful entries effective Security Systems have become practically mandatory. Some of the most familiar intrusions occur both in the home and in the corporate and industrial environment. Unlawful entry into homes for the purpose of theft and into Corporate Networks for industrial theft or for pure malice are just examples.
Security Systems for homes basically consist of a Main Control Panel, Magnetic Sensors, Motion Sensors, Remote Video Cameras, Hooters and usually come with a Remote Control. An added feature generally available is a Gas Leak Detector, which, even if not an intrusion detector can be taken to be one since it detects the unwanted presence of leaking gas. These gadgets are available from simple devices consisting of just the basic configuration specified above to extremely sophisticated ones.
- Main Control Panel – This is the brain of the security system and all sensor and other accessories are remotely connected to it which in turn is connected to an Online 24 ×7 Alert Service. It receives information from the sensors and activates the hooter and the Online Alert Service.
- Magnetic Sensor – Senses unauthorized entry through doors, windows and other openings.
- Motion Sensor – Senses unidentified movement in front of it.
- Remote Video Cameras – Can make video recordings of the activities going on both inside and outside the establishment. Useful more in shopping centers than in homes.
- Gas Leak Sensor – Detects leakage of gas fro a LPG or CNG source.
- Hooter – It acts as a deterrent to the attempting intruder.
- Remote Control – Used for arming or disarming the system and can also be used for calling for help in an emergency.
Techniques for intrusions into Corporate Networks has become more and more sophisticated and keeping them safe has developed into a very challenging and daunting task for the Security Personnel entrusted with the safety of these networks. There are, in general, six types of Network attacks.
- Network Intrusions – where an individual without access privileges attempts to enter into the Network with malicious intent or to steal industrial secrets.
- DoS/DDos – here the intent, as is evident in the name itself, is Denial of Service involving one system and Distributed Denial of Service linking a number of computer systems. Sometimes the network may consist of hundreds of computers and the enormity of the damage defies imagination.
- Viruses & Worms – A virus, a very small computer program, infects other programs – usually executable ones – and damages them rendering them useless. It also has the capability to copy itself into other programs. These viruses are transmitted via email and when an infected program obtained from an external source is executed in the host machine. A worm is distinct from a virus and is capable of replicating itself and cn contain viral code.
- Adware and Spyware – Adwares are programs that install themselves in a computer system almost always without the consentof the user and display advertisement banners which may be in the form of popup windows or bars. These are practically except for their annoying attribute. Spywares are somewhat similar to Adwares in that they establish themselves without authorization but differ in that they keep track of the preferences of the user and convey his or her personal information to other parties without the user’s knowledge.
- Rootkits – Rootkits embed themselves into the Operating System, hiding between the Operating System and the programs that use it thus controlling what the user program does or sees.
- DNS Poisoning – Domain Name System servers readdress internet traffic to other malicious site that it is not intended to.
Threats appear with disquieting promptness and no one is immune from such attacks. These attacks are so sophisticated and regular that the import of the term “secure network” has to be redefined just as regularly. In fact, IBM’s Security team have discovered more that 7000 Internet Security related vulnerabilities during 2006 and that nearly 88% of these were attempted to be broken into or broken into remotely.
Anti-Virus Programs, Anti-Adware, Anti-Spyware and Firewalls are the some of the security systems generally employed to guard against these unwanted intrusions in both single computers and a network of computers.
- Anti-Virus Programs – These a are programs written specifically, incorporating a defined of set of rules etc., to detect and destroy viruses, worms and other destructive programs that have invaded a system or network. Since hundreds of viruses appear practically every day, the anti-virus program provider has to have the mechanism to detect them and provide the updated rules to their clients and the clients have to regularly update their systems to the latest rules etc.
- Anti-Adware and Anti-Spyware – These programs are just like Anti-Virus programs except that they are meant to remove Adware and Spyware.
- Firewalls – A firewall is a specifically written computer program running on another computer, which keeps track of the network traffic passing through it, and denies or permits its passage based on a predetermined set of rules and has to be configured properly.
Networks become more and more exposed to such attacks every time they undergo a significant change or a major growth. Simple firewalls are just not capable of providing the required security as networks become increasingly complex and one of the emerging concepts in the field of Corporate/Network Security is the concept of Unified Threat Management.
In this concept, instead of having separate security systems for each type of intrusion such as a virus attack or otherwise, the product wholly and severally takes care of the job of detecting and removing viruses, adware & spyware and also monitoring of the internet traffic. Such a tool is designated as a Unified Threat Management Tool (UTM Tool) and has to meet a set of specifications laid down for it.