The Open Systems Interconnection (OSI) Reference model is an important concept in network communication. Its aim is to divide the internet communication system into layers. The OSI model is broken into seven layers that describe the types of networks communication. Let us have a look at the seven separate layers and their functionality:

Layer 7 – Application

The application layer is the layer that the user mostly interacts with. An example is the graphical user interface of an application, such as a web browser. E.g., Mozilla FireFox, Google Chrome, Microsoft Internet Explorer.

Layer 6 – Presentation Layer

The presentation layer provides a mapping between the application layer 7, and the layers beneath. The presentation layer also forms the protocols for communication, formatting functions or compression.

Layer 5 – Session Layer

The session layer controls the connection between devices. The session layer initiates, maintains and terminates the communication session.

Layer 4 – Transport Layer

The transport layer is responsible for the transmission of data for the above layers. The transport layer focuses on flow control, segmentation and de-segmentation, and error control. It essentially ensures that the information between two devices is successfully delivered.

Layer 3 – Network Layer

The network layer provides the end-to-end routing of packets from a device on one network, to a device on another network, still maintaining the quality of service set by the transport layer. Its primary focus is on network addressing and routing. In this layer, Routers are used to route the data between networks, thus routers work at layer 3 and are routed based on the IP address.

Layer 2 – Data Link

The data link layer is responsible for the transfer of data between networks. This layer has two sub layers the Logical Link Control (LLC) that provides the protocol to protocols for flow control, acknowledgement, and error notification; and the Media Access Control (MAC) to ensure successfully communication of packets through frame synchronisation. A switch operates at layer 2 the switch and forward frames within the network based on the MAC address.

Layer 1 – Physical Layer

The physical layer is the actual sending bits (1’s and 0’s) over a communication channel.

The TCP/IP Protocol architecture

Similar to the OSI model, the TCP/IP Protocol Architecture follows a similar structure; however, differentiates by having a 5 layer structure by combining:

· Application and Presentation combined with an overlap of the session layer in the OSI Model to form the Application layer in the TCP/IP model

· Transport and an overlap of the session layer the OSI Model to form Transport layer in the TCP/IP model

· Overlap of the Network layer in the OSI model to form the Internet layer in the TCP/IP layer

· Overlap of the Network layer and the Data Link layer in the OSI model to form the Network Access layer in the TCP/IP layer

· And the physical layer are the same in both models

Layered Protocols

Layered protocols outline the rules on how systems to communicate to each other. It contains:

· HTTP – Sending of the identical message end-to-end

· TCP - Sending of the identical segments end-to-end

· IP – sending of the identical datagram

· Ethernet – sending of the proper frame

· Network Interface and Wiring – sending of the actual bits

Layer 2 (Data Link Layer) Addresses

At layer two, switches forward frames based on the MAC address contained within. The MAC address is determined by the manufacture and the type of equipment it is. The MAC address is a unique identify. The first 3 bytes are the manufacture (MFG) assigned by the manufacture by the IEEE, the last 3 bytes are the serial number.

Layer 3 (Network Layer) Addresses

The network administrator mostly defines the addresses in Layer 3, by creating local subnets. The subnet of a device would usually change based on its location, but for layer 2, the address will remain the same. Thus why routers are required to be able to forward packets to the correct location.

Image by WindowsNetworking

Operating Systems are the heart of computers. Without it, we would not really be able to use computers as we do today. An Operating System is the software that controls the hardware and resources of a computer. Its job is to manage applications to use the CPU, RAM, Hard Disk and other peripherals that may be attached to a computer. In a way, you can think of an Operating System as the Government; they do not really do anything apart from providing an environment for people, and businesses to work in to perform useful tasks.

Processes

Let us first look at what a process is. Essentially, a process is a task that needs to be performed. The Operating System job is to ensure processes are completed and that the relevant hardware resources required can be accessible. If you are using Unix, you can see the processes running on a computer by using the PS or TOP commands, and on windows, you can use the Task Manager. It is important to note that a CPU can only perform one process at a time. So when multiple processes have to be performed, the Operating System ‘time-slices’ processes to ensure that all processes are completed. Processes also contain threads, which are simultaneous paths of execution.

There are two terms that you need to become family with – spawn and fork. Spawn are dependent processes that performs a task, and then performs another task that was dependant on the previous task. For example, a parent process cannot continue until the child process runs and feeds the information back to the parent process. However, fork is independent, so it essentially does not wait for the child process to run, and it makes the child process run in the background.

In a practical sense, think of it like cooking a sausage. With spawn, you butter your bread, once that is done, you put on the BBQ and cook your sausage. With fork, you put your sausage on first, and while it is cooking, you butter your bread.

Operating Systems Access Controls

As mentioned previously, the operating system is in charge of all the computers resources, so it needs to control them. However, not all parts of the system, or even users, need to be able to access the processes, so there is a need for access controls. Access controls are based on the system's configuration and policies set by the administrator of the computer, or the Operating System itself. Therefore, there is a need to associated users with a set of permissions for system resources. What is required to be set is read, write, and execute.

In a conceptual level, each process and system resource has a single owner who belongs to a group. The owner can then give a group reading access, writing access, or execution access. However, the root user (UNIX), or the Administrator (Windows) can overwrite these permissions.

File Systems

The file system is important for a computer as it stores all the information regarding the Operating System, and the applications and device drivers that the system uses. Hard Drives do need to be formatted with a particular file system. The file system structures the hard disk so that data can be easily written too and retrieved by the Operating System. The file systems that the Windows Operating System uses are FAT, FAT32, and NTFS; while UNIX uses ext2, ext3, ext4. The file system stores data into sectors and blocks (or clusters in Windows). Think of this like painting car park spaces. A sector could be a specific level of the car park, a block can be a row of car parking spaces, with the individual data being the cars in each space.

Hard Disks also contain Swap Space. This is used for the virtual memory for the operating system. This space provides a secondary storage location for the RAM for data that may not fit in the RAM.

Hard Disks may also be partitioned which essentially splits the hard disks into two sections. The benefits of this to allow two Operating Systems as each Operating System has its own boot manager, and data on each partition can be better managed, as one partition can be formatted, while the other partition is still intact.

Other Terms

There are a few other terms that Operating Systems use that should be mentioned:

· Device Drivers – A file or compiled code that allows higher-level computer programs to interact with a piece of hardware. For example, an Operating System requires device drivers for your sound card, network interface cards, and your graphics cards to be able to use those devices

· Kernel – The main codebase of your operating system

· Sources and Packages – Used in Unix: Sources is the binary file of source code, and packages are pre-configured binary files that are ready for distribution

· Initialisation Scripts – Are scripts that run to prepare files or configurations

· Symlink – Symlinks are categorised into Hard Link, and Soft Link and are used to essentially have two copies of the same file. A Hard link is an association between two or more files, usually one file storing information about another, or a Soft Link which is one file points to another file (like a shortcut in Windows)

As a System and Network Administrator, there are two Operating Systems that you would likely deal with. They are Microsoft Windows and Unix/Linux.

This post will briefly outline the differences between the two operating systems, and the advantages and disadvantages of them.

How Is UNIX Different From Windows

Free Vs Paid

The UNIX Operating System is Open Source which means everyone can use it, edit it, and pretty much do what ever you want with it. Adopt new ideas; create hacks and a whole heap more. UNIX is basically community orientated. Without the community backing it, it would probably not be nearly as popular as it is today.

Because UNIX is community oriented, there are many different flavours of UNIX. This basically means that users take the base of the UNIX kernel and adapt it to their own needs. Mac OS X is even a flavour of UNIX. Some other flavours include:

• FreeBSD
• Novell
• HP/UX
• Solaris
• Linux
  • Red Hat
  • Debian
  • Ubuntu
  • SuSE

On the other hand, Windows is not, it was coded and created by Microsoft. People are not able to edit it, or change the code in any way.

GUI / Command Line

The main difference that many people will find is that Windows is purely GUI-based where as UNIX is mostly know for its text-based GUI, however it does have a GUI like windows. Many System and Network Administrators prefer to use the command-line in UNIX rather than the Graphical User Interface as the command-line providers more functionality.

Files and File Structure

In Windows, there is a registry which contains system configuration information; files and folders. In UNIX, everything is a file and folders are called directories. Since everything is a file, disks and partitions are mounted as directories, devices appears as files in /dev and so are running processors which appear in /proc.

In Windows, the main folders are C:/Windows, C:/Program Files, C:/Users (for Windows Vista, 7 or C:/Document and Settings for Windows XP). In Unix, the file system layout is very different.

• /boot – Where the boot image files are stored
• /mnt – The mount points for the partitions
• /dev – Files of all the connected devices (USB, Printers)
• /proc – Dynamic process information
• /sys – Dynamic system configuration information
• /var – Log files and system subdirectories
• /tmp & /spool – Temporary files
• /home – User accounts home directories
• /usr & /user/local – A replicate tree for users and contains administrative tools
• /bin & /sbin – Essential system executable files
• /etc – System configuration files
• /share – Common read only files
• /lib & /include – Shared library files and system development

Comparisons

Here are a list of some other comparisons between UNIX and Windows

• Scrips Vs .BAT files
• Shells Vs DOS Command Windows
• /etc config files Vs System Registry
• Shared library’s Vs DLL’s – Dynamic Link Libraries
• Kill Vs Task Manager
• Mkfs / newfs Vs Format and label

Source: MyBestRatedWebHosting

So that is a very short comparison between Windows and UNIX. Just remember, with UNIX, take things slowly, because unlike Windows, you will not be prompted “Are you sure you want to do this”

Introduction  Image Source: Hexablogs

The OSI Network Management model is a model for Network and System Administrators to understand the major functions of network management systems. In this model, there are 5 areas’ of functions which is also known as FCAPS.

The aim of the model is for Network and System Administrators to understand a number of issues and aspects. These include:

• Fault management and recovery
• Configuration and change management
• Accounting User Management
• Performance Management
• Security Management
• Application support
• Integration and Migration
• Planning for growth and acquisitions

Source: Cisco

Fault Management

In Fault Management, the aim is to recognise, isolate and correct, and log faults on the network. As System and Network Administrator, it is your duty to put in place monitoring tools so you are alerted to when faults exist. For example, you want to be alerted when a critical service goes down on the network. If there is a fault, you have to test, fix, update, and repair any faults that occur on the network.

Configuration Management

On of the main issues which causes a system to fault is someone changes a configuration setting. Configuration management facilitates the control of any system configuration both on the hardware and software side. It is important that you record all configuration changes such as what has been changed, why and who did the change; and document system configuration standards. If a fault does arise (it may not be instantly, but a couple of months later), you can track who completed the configuration change.

Accounting Management

Accounting Management is concerned with aspects of the system users. It mainly focuses on charging and billing users for services, and regulating service use.

For example, some organisations charge its users or departments on:

• Printing
• Internet/Bandwidth
• Disk space
• CPU
• Application and Software use

Therefore, it is important to implement ways to properly charge use of IT facilities.

Performance Management

Performance Management involves analysing your network and gather information so that you can prepare it for the future. The performance of a network varies all the time. Most organisations find that the internet is very slow during lunch as many of the staff is browsing the internet, yet in the morning, it will be super quick.

Not only this; but the performance of the network must meet the users and organisations desires. The network and systems services must be available, the speed must be efficient, their must not be bottlenecks and the network should never be used to its maximum capacity for prolonged period of times.

System and Network Administrators must actively monitor the network performance to ensure problems do not occur.

Security Management

Security management is important as you control user access to network resources. Without it, your network will be exposed, as well as all the information and document it contains. As a Network and System Administrator, you are to address network authentication and security auditing to detect and prevent network sabotage, abuse and to prevent unauthorised access.

Administrators are required to:

• Record logs
• Have a Firewall setup
• Control Spam
• Prevent Viruses, Trojans, Spyware
• Upgrade software, install OS patches
• Implement authorisation techniques and password control (which is linked to accounting and configuration management)

Source: Grandlord

You are now aware of the 5 categories of the Network Management Model which is also known as FCAPS. It is a fundamental requirement that all IT infrastructures facilitate this model to protect its environment. Without it, many system downtimes would occur and the organisation may suffer a large financial loss.

Being a System or Network Administrator of a large computer network can be a difficult, and time consuming task. It is not as simple as people might think. Yes, once it is all running well, the life of a Network Administrator may seem easy, but when things go wrong, it can be a living hell. Network Administration is more than just simply connecting a whole bunch of computers together; it is a full time role to ensure that those critical servers and applications remain up almost 100%.

The Main Role Of A Network and System Administrator

As a Network Administrator, your role is to essentially build (integrate existing services), maintain, and upgrade a network of computers, devices, and servers.

If you (or the previous System and Network Administrators) get the build phase right, maintaining and upgrading the network in the future will become much easier. You have to carefully plan your requirements and plan for future growth. In doing so, you have to keep in mind a number of things:

• How many users will be using the system?
• What are the network capacity demands?
• What will the network capacity demands reach in the future?
• What is the geological spread of the network?
• What access controls do you users require?
• What sort of devices and hardware do you require?
  • Desktops
  • Laptops
  • Servers (Web, File, Print, DNS, Backup)
• Do you need remote administration?
• How are you going to support your users?

Source: Wikimeda Common

If the above are planned well, future growth, maintaining and upgrading the network will be much easier. Just remember to analyse your requirements; design and plan the network; implement policies and constraints; and construct and install your network with suitable hardware. Remember to always think of the future. Once it’s all implemented and built, you can administer your network.

When administrating a network, you have to ensure critical services have as close to 100% uptime, because if they are down, your users are going to hassle you all the time – and that can be quite annoying with some users. When maintaining a network, you also have a number of other tasks to perform every day. These include:

• User management
  • Adding, removing and apply security to user accounts and groups
• Hardware
  • Upgrading hardware
  • Replacing faulting hardware
• Software
  • Providing support for applications and operating systems
  • Ensuring critical data is being backed up
• Monitoring
  • Monitor the system
  • Checking logs
  • Conducting security audits
• Support
  • Attending to users help requests
  • Writing documentation

One of the hardest challenges in administrating a network is application support. You can very rarely just add a major application or a network service without any issues. Your network will need to support it. For example, you cannot host a website if you only have dialup internet. Other factors that are needed to be taken into consideration are:

• Does it need to be secured? – Both physically and virtually; internally and externally
• Can the application be supported – Are their people who know how to use the application?
• What risks will it introduce? Viruses, Hackers, privacy?
• Is there enough network capacity to support it? Can you network handle the bandwidth requirements?
• Does data need to be migrated across to the new system from the old system?
• Who should be able to access the new application

Depending on how large your organisation is, these tasks can be broken down in to departments or groups.

As you probably have already found out, you are faced with a number of challenges as it is more than just installing computers and networks. You have to make sure your network:

• Is designed efficiently,
• Is capable of mass management – updating multiple machines at once
• Is secured from threats, and internal and external hackers
• Meets all of your users requirements and needs

And not only for your network, you to have to also:

• Understand the users and organisations needs and wants
• Be able to troubleshoot and fix problems and errors quickly
• Be up to date with the latest technical knowledge and computer news
• Be able to write documentation and instructions

Troubleshooting Problems

Every System and Network Administrator will tell you that they have faced issues that they do not know how to solve, or even know what the actual problem is when they are faced with an issue. That is why they need to have good problem solving skills... and Google!

The basics steps for solving a computer related problem are:

1. Detect the fault of problem
2. Isolate the problem
3. Troubleshoot on how to fix the problem
   • (Make sure you document your steps or make a backup before you do anything)
4. Carry out tests and use tools to diagnose the problem
5. Solve the problem and document a fix

If your network is critical, you cannot just simply reboot a machine, or click a few random buttons to see if you can fix the problem. You have plan how you will fix the problem in the quickest amount of time without causing more disruption to your users, or break it even more.

1. First of all – be systematic. Try the simple things first. If a computer won’t start, make sure the power is turned on.
2. Read logs – Logs provide a lot of information on when things go wrong. So make sure you read and understand what the logs are telling you
3. Pay attention to all the facts
4. Read the documentation – yes, it does help and it’s not always there to take up space in the packaging
5. Talk to others – get on the internet, forums, blogs because other people would likely have faced your issue or know how to help, and ask your colleagues
6. Use test environments – see if you can cause the issue again, and then test the ways on how you can fix it. In a test environment, you know you can’t break the production server any more
7. Know your tools – you usually need something to work out how to fix the problem, or even to find out what the problem actually is. You might not know you have a virus if you don’t conduct a scan
8. Work out the root cause of the problem – hardware failure, user interaction, external event?
9. Have a backup in place – make sure that you can restore the system to what it was like before the problem
10. Do it quickly – Users are being affected and can have a large financial loss to the organisation if the system is down. Fix it first, and then discuss the politics

Source: FutureOfRealEstateTechnology

Change Management

One tip I would like to bring up in System and Network Administration is Change Management. Change Management is very crucial to follow correctly, especially in large organisations. Although it may seem like a waste of time, it is very important step to do. Change Management essential records every change you do (and plan to do), allows you to get permission from bosses (in case something goes wrong) which than allows you to implement a change.

The steps in Change Management are:

• Note the change – what are you actually going to do?
• What are the repercussion – what effect will this Change have, who is going to be affected and when?
• Note the back out plan – if something goes wrong, can the Change be reverted back to the original configuration?
• Revise the policy – are you actually allowed to implement the Change – does your organisation support it?
• Inform impacted users – make sure that all users who will be affected are aware of this change so they don’t call you up saying their system is down
• Make the change/Do the work – disable (take down) services if required
• Inform users that change it is done

A while ago, Virgin Mobile was updating their CRM system which entailed a weekend outage that would affect a number of users and its services. Customers were aware of the change, and were encouraged to plan for this change. One of the services to be affected was mobile phone and SIM card activations. I purchased a phone during the upgrade weekend for my mum, which meant I couldn’t activate the phone. In the mean time, she wasn’t able to use her mobile phone. To make it even worse, Virgin Mobile had problems with the system upgrade, and the system was down for a further 1.5 days. A lot of customers, including myself where unhappy as the change took longer than it should have, and were impacted. Reports on forums, a lot of customers left Virgin Mobile due to it.

The Skills Required for System and Network Administrators

Not everybody has the required skills to be a System and Network Administrator. For example, a person who designs website layouts may not particularly know how to setup a web server. So what are some of the skills that a System and Network Administrator should know?

• UNIX – how to use, install, configure and run
• Scripting – shell, bash, C++, Java
• Network – TCP/IP, Hardware, Communication, Network Standards
• Infrastructure – DNS, DHCP
• Storage – SAN, NAS, NFS, CIFS
• Directory Services – LDAP, WINS, NIS
• User Services – Databases, e-Mail, Office Tools, Web Tools
• System Implementation
• System Troubleshooting
• Security Concepts
• Communication

So that is a brief introduction into the life of a System and Network Administrator. It can be a very difficult task, especially when things go wrong.

In the next few months, I will be looking into “Network and System Administration”. I will be writing about a number of topics providing information, definitions, and techniques all related about administrating systems and networks.

This page will act as a table of contents for each post.

• An Introduction To Network And System Administration – The main role of a network and system administrator, troubleshooting problems, change management, the skills required for system and network administrator
  • This article focuses on what it is like to be a system and network administrator, some of the tasks involved, and why it is crucial to have 100% uptime (or close to it) on critical services
• The OSI Network Management Model – fault management, configuration management, accounting management, performance management, security management
  • The OSI Network Management model is a model of the major functions of network management systems. This post outlines the importance of each section, also known as FCAPS
• A Brief Comparison Between UNIX and Windows for a System and Network Administrator – How is UNIX different from Windows
  • This article outlines a number of reasons why UNIX is different to the Microsoft Windows Operating System

In today’s era, almost every single organisation uses a computer and has a computer network to send, receive and store information. Whether it’s sending emails, storing documents, or serving information through a web server, it is very important to focus on security, especially if your network contains sensitive, confidential and personal information.

The Importance of Network Security

Network security affects many organisations, whether they are large, small, or government organisations. If network security is breached an intruder can do all sorts of harm. That is why people need to be aware of and to be educated about network security and how to secure their computer and network. Systems are required to be updated regularly as new security flaws are discovered. Without being up to date, it makes it easy for a hacker to gain unauthorized access to the system.

Security Focus

If you are in charge of network security in your organisation, there are a few areas of focus:

1. Deter – To educate people and discourage people to break into systems for illegal and malicious reasons
2. Prevent – To put in place measures to prevent unauthorised access. This can be authorising uses with special access, encrypting communication, and updating security systems
3. Detect – To become aware of a security breaches. This could be setting up logs to record who has accessed items or used the system
4. Correct – To implement a fix to the flaw discovered in a system. If someone has breached the security of the system, implement measures to prevent it from happening again

Security Attacks

Not only do you have to focus on security, you also have to be aware of the types of security attacks that can happen on your computer network. Before we go on to discuss about the types of security attacks, an attacker may aim to do one of the following:

• Interruption – Interruption is an attack on availability such as a denial of service attack (or DOS). An interruption attacks’ aim is to make resources unavailable. Not to long ago, Wordpress.com, a popular Blog Hosting Site was faced with a DOS attack taking down the servers so the service was unavailable to its users
• Interception – Interception is an attack to gain unauthorised access to a system. It can be simple eavesdropping on communication such as packet sniffing or just copying of information
• Modification – Modification is an attack that tampers with a resource. Its aim is to modify information that is being communicated with two or more parties. An example of a modification attack could be sending information that was meant to go to one party but directing it to another.
• Fabrication – A Fabrication attack is also known as counterfeiting. It bypasses authenticity checks, and essential is mimicking or impersonating information. This sort of attack usually inserts new information, or records extra information on a file. It is mainly used to gain access to data or a service.

Keeping the above in mind, there are two main types of attacks whose aim is to compromise the security of a network – passive attack and an active attack.

Passive Attack

A passive attack can be split into two types. The first type of passive attack is to simply monitor the transmission between two parties and to capture information that is sent and received. The attacker does not intend to interrupt the service, or cause an effect, but to only read the information.The second type of attack is a traffic analysis. If information is encrypted, it will be more difficult to read the information being sent and received, but the attacker simply observers the information, and tries to make sense out of it; or to simply determine the identity and location of the two communicating parties.

A passive attack is usually harder to detect as there is little impact to the information communicated.

Active Attack

On the other hand, an active attack aim is to cause disruption, and it is usually easily recognised. Unlike a passive attack, an active attack modifies information or interrupts a service. There are four types of an active attack:

• Masquerade – To pretend to be someone else. This could be logging in with a different user account to gain extra privileges. For example, a user of a system steals the System Administrators username and password to be able to pretend that they are them
• Reply – To capture information to send it, or a copy it elsewhere
• Modification – To alter the information being sent or received
• Denial of service – To cause a disruption to the network

Even though a passive attack doesn’t sound harmful, it is just as bad as an activate attack, if not worse.

Security Services

Security services is a service that provides a system with a specific kind of protection. The X.800 OSI Security Architecture defines 6 major security service categories, that once a system satisfies these 6 categories, the system is X.800 compliant.

• Confidentiality – Protects data from being read or accessed by unauthorised personnel
• Authentication – Ensures that no one can impersonate someone to be legitimately authorised to access a services they should not access.
• Integrity – Ensures data cannot be alternated and messages that are sent and received have not been read, duplicated, modified or replayed to another party.
• Non-repudiation – Prevents the sender or receiver from denying the transmission of a sent or received message. The sender and receiver are to be able prove that they sent or did not send or received a message
• Access control – Limits and control access to certain system applications to certain users
• Availability – Ensures the service is only available to legitimated users and not available to users who do not have access to the application

Security Mechanism

Security mechanisms are ways to detect, prevent, or recover from a security attack. It is important for systems to have implemented as many security mechanisms as possible as required for their system.

Specific Security Mechanisms

• Encipherment – Encrypting and decrypting communication
• Digital signatures – An electronic signature to assure the genuineness of a digital document
• Access controls – To only allows people with permission to access something
• Data integrity – Ensure data is in full and unchanged
• Authentication exchange – The exchange of communication that takes place when authorising someone
• Traffic padding – Determining what is legitimate data and what is false data
• Routing Control – Sending information through a specific line or path
• Notarisation – Official documentation of procedures

Pervasive Security Mechanisms

• Trusted functionality – How well you trust the information
• Security labels – Label information with a particular security attribute
• Event detection – Logging events that take place
• Security audit trails – Checking security to ensure that measures are being followed and intrusions have not occurred
• Security recovering – Recovering from a security issue

Network Security Model

The network security model is a model that determines how the information is sent securely over a communication line.
The components the model contains are:

• Sender – who sends the information
• Receiver – who receives the information
• Communication line – the line in which the communication is sent over
• Encryption / Decryption – to encrypt and decrypt the communication over the information channel
• Trusted Third Party – who distributes the secrete key and information  between the two parties to be able to communicate securely

The tasks that network security model performs is to be able to have the two parties communicate with each other without any other parties being able to read and understand the information being sent. To do this, the model needs to:

• Have a suitable algorithm to encrypt the messages (Secure Socket Layer – SSL)
• Generate a secrete key to be used by the algorithm (SSL Provider)
• Develop methods to distribute and share the secrete key (SSL Provider)
• Specify a protocol to be able to transmit the information (https)

Security Management

The OSI Security Architecture defines three main areas of security management. These activities are to be preformed System Administrators.

• System security management – The management the entire computing environment focusing on the security aspects
• Security service management – The management of particular security services
• Security mechanism management – The management of particular security mechanisms

Conclusion

Information and network security is an important and critical issue that all computer systems need to have implemented some sort of security control. Without having security, sensitive information can be easily gained, so it is important that we deter, prevent, detect, and correct security issues.

There are a number of security attacks that can take place, and system administrators need to implement measures to ensure security breaches do not occur.

The next article in this series will look at encryption techniques to ensuring communicates are encrypted so they cannot be read my other parties.

Image Credit: Barcoding.com

Over the next few months, I will be looking into "Information and Network Security". I will be writing about a number of topics providing information, definition, and techniques to secure systems.

This page will act as a table of contents for each weeks posts.

• The Importance of Network Security And The Types Of Security Attacks - Security Focus, Security Attacks, security services, security mechanisms, security management.
  • This article focuses on the introduction to security and they types of security attacks to look out for and ways to prevent security attacks.