6 Types of Network Security Protocols

The Use of Network Security Protocols

Network security protocols are used to provide vital protections for data flowing over a network. For example, many early network protocols were implemented without data encryption, allowing anyone who eavesdropped on the network traffic to read potentially sensitive data.

Implementing network security protocols helped to address these potential security risks. For example, Transport Layer Security (TLS) encloses unencrypted connections in an encrypted wrapper, protecting them against potential eavesdroppers.

Types of Network Security Protocols

In general, network security protocols are designed to provide confidentiality, integrity, and authentication or some combination of the three for network traffic. The following are some examples of widely used network security protocols.

IPsec and Virtual Private Networks (VPNs)

Virtual private networks (VPNs) can operate at different layers of the OSI model. For example, IPsec, a common VPN protocol, runs at Layer 3. However, it’s also possible to implement VPNs using HTTPS, which is a Layer 7 protocol.

Regardless of their implementation method, VPNs are used to create an encrypted tunnel for traffic to flow over. Like with SSL/TLS, VPNs often begin with a handshake designed to set up the encryption key used to protect the network traffic. Then, all future traffic is encrypted by the sender before being sent over the network to the recipient, who decrypts it.

VPNs can be used in one of two paradigms. Remote access VPNs are designed to connect a user’s computer to a remote server located on a corporate network. Site-to-site VPNs, on the other hand, are designed to connect two geographically distributed networks over the untrusted public Internet.

SSL/TLS

Secure Sockets Layer and Transport Layer Security (SSL/TLS) are a network security protocol that operates at Layer 5 of the OSI model. This protocol offers several benefits for network traffic, including data encryption, authentication, and integrity protection.

SSL/TLS connections begin with a handshake designed to set up a secure connection between the client and the server. During this handshake, the communicating parties agree on the cryptographic algorithms to be used during the session for encryption, authentication, and integrity checking.

Authentication also is performed during this initial handshake. At a minimum, the server will provide an X.509 digital certificate to the client that verifies the server’s identity. However, the two systems may also perform mutual authentication during this handshake.

The role of SSL/TLS is to wrap other, less secure protocols in an encrypted, authenticated, and integrity-checked wrapper. For example, the HTTPS protocol runs the insecure HTTP protocol within an SSL/TLS tunnel.

Datagram Transport Layer Security (DTLS)

SSL/TLS is designed to work with the Transmission Control Protocol (TCP), which establishes stable, reliable connections. However, the User Datagram Protocol (UDP) is another commonly used protocol that offers connectionless transmission.

The Datagram Transport Layer Security (DTLS) protocol operates at Layer 5 of the OSI model and is derived from SSL/TLS but designed for use with connectionless, unreliable datagrams. This protocol helps to ensure data integrity and privacy for applications that require low latency and lag, including video conferencing, VoIP, and online gaming.

Kerberos

Kerberos is a widely used Layer 7 protocol for authenticating service requests. It is designed to authenticate requests between trusted systems over untrusted public networks.

Kerberos is built around the concept of tickets, which are used to provide proof of identity and authentication. A centralized authentication server is used to verify the user’s identity and generate these tokens. Then, each system or application that trusts this server can verify the user’s right to make a particular request.

Kerberos is supported by most operating systems, including Windows, Mac, and Linux. However, it is the default authentication protocol for Windows and is a core component of its Active Directory (AD) service.

SNMPv3

The Simple Network Management Protocol (SNMP) is a Layer 7 network protocol for monitoring and managing an organization’s devices. The SNMP manager can query devices, and an agent on the device provides responses to these requests or performs the requested actions.

Early versions of SNMP were insecure, lacking encryption, authentication, and integrity protection. SNMPv3 is an updated version of the protocol introduced in 2004 that offers all of these features using modern, secure cryptographic algorithms.

HTTPS

HTTP is a Layer 7 network protocol used for web browsing. HTTP is one of the earliest network protocols and was implemented as an unencrypted, human-readable protocol.

Anyone eavesdropping on network traffic has the ability to read and modify HTTP traffic en route to its destination. As the Internet increasingly was used to transmit sensitive data, such as payment card information or login credentials, this introduced a significant security risk.

HTTPS is a secure version of the HTTP protocol that offers data encryption, integrity protection, and authentication. Rather than rewriting the protocol from scratch, HTTPS was implemented by running HTTP within an SSL/TLS wrapper. After an SSL/TLS tunnel is established, it provides the necessary encryption, authentication, and integrity protection for the HTTP traffic used to carry data between the client’s browser and the web server.