The growth in popularity and general acceptance of the internet as a network for commerce and communications has been unprecedented. However, security was not part of the original design of the Web so it is susceptible to security breaches. Further exacerbating the lack of security measures in the original design of the Web, many organizations are aggressively moving applications to the Web that were originally created for an internal network environment. The push to make applications available sometimes outweighs thorough security testing of the applications, and potentially opens the door to unanticipated vulnerabilities being uncovered once the application is available on the Internet. Because of this increased focus on network security, network administrators often spend more effort protecting their networks than on actual network setup and administration.
When you connect your private network to the Internet, you are physically connecting your network to a massive number of unknown networks and all of their users. While such connections open the door to many useful applications and provide great opportunities for information sharing, most private networks contain some information that should not be shared with outside users on the Internet. In addition, not all Internet users are involved in lawful activities. While protecting your information may be your highest priority, protecting the integrity of your network is critical in your ability to protect the information that it contains. A breach in the integrity of your network can be extremely costly in time and effort, and it can open multiple avenues for continued attacks. When considering what to protect within your network, you are concerned with maintaining the integrity of the physical network, your network software, any other network resources, and your reputation. This integrity involves the verifiable identity of computers and users, proper operation of the services that your network provides, and optimal network performance—all of these concerns are important in maintaining a productive network environment.
New tools that probe for system vulnerabilities assist in these efforts, but these tools only point out areas of weakness instead of providing a means to protect networks. Network security solutions, such as firewalls and intrusion detection systems, were designed to meet this threat. These solutions, however, are never a substitute for a sensible tool that recognizes the nature of what its handling and behaves appropriately and can improve the effectiveness of security solutions such as firewalls and intrusion detection systems.