Network security systems consist of hardware and software components that help protect a network from unauthorized access, misuse or denial of service to networks and their data. Network security components often include anti-virus, anti-malware and anti-spyware software; hardware and software firewalls; intrusion protection systems, or IPS; and virtual private networks, or VPNs. These and other components working in tandem protect the usability, reliability, integrity and safety of a network and its data against an ever-changing array of threats.
Network security strives to protect public and private networks from attack from a wide variety of threats including viruses; worms and Trojan horses; spyware, adware and other forms of malware; and hackers and crackers. Other threats include zero-day or zero-hour attacks, denial of service attacks, data theft or interception and identity theft.
Anti-virus, anti-malware and anti-spyware software helps thwart security exploits including rootkits and keyloggers, which aim to steal authentication information to access the network. Firewalls enforce policies that define a network user's access to resources as well as what constitutes unauthorized access. Intrusion protection systems prevent unauthorized access to network resources and raise red flags should breaches occur. Virtual private networks allow for the safe access to network resources and the confidential passing of authentication information and data to and from a network. Honeypots, or decoy resources, direct attention away from legitimate resources and can help identify and monitor exploits during or after an attack.
The policies and procedures adopted to prevent and monitor threats to the network as well as their implementation and maintenance together make up a network security solution. Network security solutions encompass everything from restricting physical access to network resources, to the use of passwords or other authenticating information to access those resources, to the encryption of data stored within or transmitted to or from the network.