Glossary

What is Network Security?

What is Network Security?

Network security refers to the tools, policies, and practices used to protect the integrity, confidentiality, and availability of a computer network and its data. It encompasses both hardware and software technologies as well as the processes organizations use to prevent unauthorized access, misuse, and disruption of network resources.

Core components

  • Firewalls — filter traffic between trusted and untrusted networks based on security rules
  • Intrusion detection and prevention systems (IDS/IPS) — monitor network traffic for suspicious activity and can automatically block threats
  • Network segmentation — divides the network into isolated zones to contain breaches and limit lateral movement
  • Virtual private networks (VPN) — encrypt traffic between remote users and the corporate network
  • Network access control (NAC) — enforces policies about which devices and users can connect to the network
  • DNS security — protects against DNS-based attacks like spoofing and cache poisoning

Network security in compliance frameworks

  • PCI DSS — Requirements 1 and 2 address firewall configuration and secure network architecture
  • ISO 27001 — A.8.20 (network security), A.8.21 (security of network services), and A.8.22 (segregation of networks)
  • SOC 2 — CC6.6 requires security controls for network boundaries
  • NIST CSF — PR.AC and PR.PT cover network access control and protective technology

Best practices

  • Implement defense in depth with multiple layers of network controls
  • Regularly scan for open ports and unnecessary services
  • Encrypt data in transit using TLS/SSL
  • Monitor network traffic for anomalies and potential intrusions
  • Document network architecture and maintain up-to-date network diagrams
  • Conduct regular penetration testing to identify network vulnerabilities

How episki helps

episki tracks network security controls, links them to framework requirements, and documents evidence like network diagrams and firewall reviews for auditors. Learn more on our compliance platform.

Related frameworks

cmmcsoc2iso27001pcinistcsf

Related terms

firewallaccess-controlencryptionpenetration-testing

Continue exploring

What is Access Control?

Glossary definition

episki vs Drata

See how we compare

What Makes a CISO Metric Actually Useful?

From the blog

See how episki handles this

Start a free trial and explore controls, evidence, and automation firsthand.
Start free trialBook a demo