What is Network Security? | IBM

At a foundational level, network security is the operation of protecting data, applications, devices, and systems that are connected to the network.

Though network security and cybersecurity overlap in many ways, network security is most often defined as a subset of cybersecurity. Using a traditional “castle-and-moat analogy,” or a perimeter-based security approach – in which your organization is your castle, and the data stored within the castle is your crown jewels – network security is most concerned with the security within the castle walls.

In this perimeter-based scenario, the area within the castle walls can represent the IT infrastructure of an enterprise, including its networking components, hardware, operating systems, software, and data storage. Network security protects these systems from malware/ransomware, distributed denial-of-service (DDoS) attacks, network intrusions, and more, creating a secure platform for users, computers, and programs to perform their functions within the IT environment.

As organizations move to hybrid and multicloud environments, their data, applications, and devices are being dispersed across locations and geographies. Users want access to enterprise systems and data from anywhere and from any device. Therefore, the traditional perimeter-based approach to network security is phasing out. A zero-trust approach to security, wherein an organization never trusts and always verifies access, is fast becoming the new method for strengthening an organization’s security posture.