Learnabout the security-relevant characteristics of application data and how it can contribute to improving network security.
- Remember, software applications that communicate through the internet are the senders and receivers of data in a network packet. They are the users of the packet delivery service provided by a network infrastructure, including operating systems, switches, and routers. And these applications are also referred to as network applications. Keeping track of the heaLth and status of a network application is a critical aspect of network security because ensuring its proper operation by mitigating threats is the ultimate goal of network security.
A popular mechanism used to collect this kind of information is logging done by the network application itself. Logging includes producing error messages and alerts when there is a catastrophic anomaly like a system crash, as well as a less severe event such as a failed login attempt. Logging can also be used for routine monitoring. For example, you can design your server program to generate log entries, also known as heartbeats, every once in a while to report that the system is alive and running.
To indicate the severity of various events reported by log messages, labels are typically used. They range from Debug all the way to Emergency. Logs are not useful when they are not closely examined and constantly checked. Therefore, to get the most out of logging, a central collection system is a must. Log servers are a conventional solution to this problem. More recently, a more specialized option specifically optimized for network security purposes has been available and gaining popularity in the form of sim.
- Network security concepts
- The basic functions of a firewall
- Intrusion detection and prevention systems
- Using network data to improve security
- Using log servers to collect data
- Collecting application data
- Collecting OS data
- Network forensics
- Network security visualization