The term computer security encompasses many related, yet separate, topics. These can be stated as security objectives, and include:
Control of physical accessibility to the computer(s) and/or network
Prevention of accidental erasure, modification or compromise of data
Detection and prevention of intentional internal security breaches
Detection and prevention of unauthorized external intrusions (hacking)
Network security solutions are loosely divided into three categories: hardware, software and human. In this chapter, we will provide an overview of basic security concepts.
Then, we will examine the four security objectives and look at each of the three categories of security solutions.
It is important that each of the objectives be addressed in a comprehensive, documented security policy. At the end of the chapter, we will focus on how to design a security policy for your organization and how to incorporate ISA Server as a part of your overall network security plan. Before we discuss these specifics, let's briefly review some basic security concepts and how they apply to computer networking.