Table of ContentsPreviousNextIndex

Importance of Internal Network Security

Internal Network security is, more often than not, underestimated by its administrators. Very often, such security does not even exist, allowing one user to easily access another user's machine using well-known exploits, trust relationships and default settings. Most of these attacks require little or no skill, putting the integrity of a network at stake.

Most employees do not need and should not have access to each other's machines, administrative functions, network devices and so on. However, because of the amount of flexibility needed for normal operation, internal networks cannot afford maximum security. On the other hand, with no security at all, internal users can be a major threat to many corporate internal networks.

A user within the company already has access to many internal resources and does not need to bypass firewalls or other security mechanisms which prevent non-trusted sources, such as Internet users, to access the internal network. Such internal users, equipped with hacking skills, can successfully penetrate and achieve remote administrative network rights while ensuring that their abuse is hard to identify or even detect.

In fact, 80% of network attacks originate from inside the firewall (ComputerWorld, January 2002).

Poor network security also means that, should an external hacker break into a computer on your network, he/she can then access the rest of the internal network more easily. This would enable a sophisticated attacker to read and possibly leak confidential emails and documents; trash computers, leading to loss of information; and more. Not to mention using your network and network resources to turn around and start attacking other sites, that when discovered will lead back to you and your company, not the hacker.

Most attacks, against known exploits, could be easily fixed and, therefore, be stopped by administrators if they knew about the vulnerability in the first place. The function of GFI LANguard N.S.S. is to assist administrators in the identification of these vulnerabilities.


Table of ContentsPreviousNextIndex