الفهرس Only 14 pages are availabe for public view
 |  | from | 151 |  |  |
| | | from | 151 | | |
Abstract
The open nature of the Internet makes it is increasingly important for the
businesses and non-businesses organizations to pay a great attention to the security of
their networks, in order to achieve strong protection for their sensitive and valuable
resources. The technologies and procedures used should guarantee; Confidentiality,
Integrity, Availability, authentication, and authorization which are the main functional
elements of the network security. Security attacks main objects are trying to destroy a
system or disrupt normal system or network behavior by taking an advantage of
vulnerabilities. The suitable network security technology must be selected to prevent
and mitigate any security attacks that violate the network security policy, and to meet
the network performance requirements.
This thesis presents a survey on some network security technologies and
procedures, and compares their impact on the various network performance
parameters. Firewall is a hardware or software solution implemented within the
network to enforce security policy by controlling network access (in and out). Virtual
Private Network (VPN) is a private network that uses a public network (usually the
Internet) to connect remote sites or users together in a secure manner. Virtual Local
Area Network (VLAN) is a logical grouping of network computing devices without
regard to their physical location.
The thesis proposes some network management modules that enhance some of the
network performance parameters that affected negatively by implementing these
technologies. Parallel firewalls modules (VLANs based, traffic direction filtering
based, load balancing filtering based) limit the delay caused by application proxy
firewall’s full inspection process, improve the response time of HTTP server, and
moreover they enhance the network availability. A Demilitarized Zone (DMZ) module
that is implemented with VPNs enhances the Database query response time and other
parameters affected by VPNs, and moreover provides more protection to the privateIII
network. Fortunately the most performance parameters improved due to partitioning
local network into VLANs. A great agreement found between the results obtained
practically and a simulation results related to VLANs and network performance.
Key Words
Network Security, Security Policy, Attacks, Firewalls, Parallel Firewalls, Load
Balancing, Virtual Local Area Networks (VLANs), Virtual
Private Networks (VPNs), Demilitarized Zone (DMZ), Network
Performance, Availability, Private Network Protection.