Essay On Physical Security

Defense in depth identifies the need for many security layers to be utilised in defense of the system from the bottom as physical security to the top as Data security.

This is a security system that was executed in software or hardware that is used to prevent unauthorised access to or from an intranet which is a private network, firewalls are frequently used during that time. They work by filtering packets of data as they enter or leave the network, on the other hand they apply security to some particular applications, firewalls are like the front line for defence, they make sure that everything is secure before they allow anyone to enter or leave the network, which can help keep not only the computers but also the organisations and information safe.

According to Objective Interface Systems, the Application Layer is “responsible for enforcing application layer security policies” (2015). These security polies can include encryption protection firewalls, and/or IDS settings. This layer is located on top of the middle layer. This layer is unique as the applications security can be evaluated on its own aside from the security of the entire system (Xining & Yameng, 2012).

Duke Energy should carefully plan and address the security aspects of its network by implementing appropriate firewalls. Duke Energy should implement appropriate security management practices and controls when maintaining and operating a secure network. It is imperative to ensure that the architecture of its network complies with industry standard security requirements. Duke Energy 's IT organizations should commit to the ongoing process of maintaining the security of device connected to their network.

* An Intrusion Prevention System (IPS) is a device that controls access to IT networks in order to protect systems from attack and abuse. It is designed to inspect attack data and take the corresponding action, blocking it as it is developing and before it succeeds, creating a series of rules in the corporate firewall, for example.

Firewalls prevent unauthorized users from accessing a private network when it is linked to the Internet. Intrusion detection systems monitor private networks from suspicious network traffic and attempts to access corporate systems. Passwords, tokens, smart cards, and biometric authentication are used to authenticate system users. Antivirus software checks computer systems for infections by viruses and worms and often eliminates the malicious software, while antispyware software combats intrusive and harmful spyware programs (Laudon and Laudon, 2009, p.260)

Safeguarding - is to protect all the children against abuse, maltreatment, neglect, unfair treatment and violence.

The goal of intrusion detection is to monitor network assets, detect anomalous behavior, and identify misuse within a network (Ashoor, Gore, 2011). An intrusion detection system (IDS) is a device or software application that monitors network system activities for malicious activity or policy violations and produces reports to a management station (Kashyap, Agrawal, Pandey, Keshri, 2013), additionally there are three types of IDS:

Firewalls is categorized as a preventive control which is used as a defense shield around IT systems to keep intruders and hacking from occurring, whereas, an Intrusion Detection System (IDS) which is categorized as a detective control is used to detect intrusions that have already occurred (Cavusoglu, Mishra, & Raghunathan, 2005). However, IDSs are not

** Network-based –It analyzed the flow of the packets that transferring in the network and can detect malicious packet even if the firewall fails to notice the activities.

The nature of security makes its implementation more difficult, since users are not security oriented by default, not deliberately but instinctively. Defense against attacks should be deployed on end-systems as well as LAN-wide boundary controllers. In addition, it better to specify a white-list of hosts that should never be blocked. The white-list is a simple means to prevent spoofing attacks from tricking the defense into blocking essential services (ÖNDER 2007).

Ied. A widely accepted alternative or at least complement to host-based security services is the firewall. The firewall is inserted between the premises network and the Internet to establish a controlled link and to erect an outer security wall or perimeter. The aim of this perimeter is to protect the premises network from Internet-based attacks and to provide a single choke

Upon startup, the intrusion detection system must be able to recover its previous state and resume its operation unaffected.

This IDS looks for attack signatures in network traffic via a promiscuous interface. It analyzes all passing traffic. A filter is usually applied to determine which traffic will be discarded or passed on to an attack recognition module. This helps to filter out known un-malicious

layers. Outer layers (site perimeter and grounds) and inner layers (building perimeter, rooms, areas, and containers). A VSS provides benefits to customers at each layers of a physical security design through: