How to Design a Safety Network to Access Digital Services

Andres Aliaga LIGA
Sep 6, 2018 · 3 min read
Photo by Goran Ivos on Unsplash

Most organizations need to protect the information contained in their computer networks, however, the fact that currently both internal and external users in the network, can connect locally or remotely, considerably increases the likelihood of attacks, which is why different tools and strategies have been developed, both hardware and software, to detect and prevent intrusive access to the network with malicious intentions.

To avoid attacks coming from external sources organizations currently use firewalls and Virtual Private Networks (VPNs); such tools restrict the traffic of unknown services, in the case of firewalls, by blocking ports. In spite of this, there is still a security gap from the outside the network by the means of encapsulating the attacks in the service traffic allowed by the device. Moreover, these tools do not control the attacks that are generated from inside the network.

Due to the magnitude of the information that is generated by an average organization and the classification of this, most organizations have suffered different attempts of intrusion towards their servers that have, in many cases, obtained confidential information, or in other cases the same Organization members carried out tests to verify the reliability and safety of the Network, the services and the technological infrastructure of the On-premises Data Center.

Photo by Samuel Zeller on Unsplash

Preventing these risks requires to design a network to generate dynamic tunnels and secure authentication for the prevention of unauthorized access to the Organization’s digital services, by granting credentials to the personnel.

The project presented in this article implements the tunneling technique that involves encapsulating a network protocol over another encapsulating network protocol, creating an information tunnel within a computer network. Encryption has also been used in the design to hide user data with a key so that it cannot be interpreted by those who do not have it and the digital certificates that the user will use to authenticate their identity and to encrypt data so that only the recipient of the document can access its content.

Diagram by Andres Aliaga

A scenario of high connectivity like the current one, brings innumerable opportunities, but at the same time it also entails that the risks in the handling of confidential data and in general, the security of the information is one of the most important issues that any new organization, can glimpse as an impact.

Today’s Organization´s concern is not only to be productive and to generate new products or services, but also to be protected against any type of computer attack and that, if the attacks occur, the continuity of the decision-making processes related to mission and vision of the organization is still operational at different levels, despite the adversities.

APP:Reality

Explaining tech applications to real humans. Promoted by the IEEE Student Branch the Military School of Engineering. We receive submissions in English and Spanish. — Explicando aplicaciones de tecnología a humanos. Promovida por la Rama Estudiantil IEEE EMI. En Ingles y Español.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade