Communication and Network Security covers the design and protection of enterprise network architecture, secure communication channels, and the technologies used to move and protect data across those networks.

In Part 1, we covered the application of secure design principles in network architectures, including the OSI and TCP/IP models, IPv4 and IPv6, authentication and VPN protocols, and network attacks. In Part 2, we continued through multilayer protocols and network topologies. In Part 3, we’ll look at securing network components and implementing secure communication channels. Let’s dive into the final part of this domain and cover the material by following the ISC2 exam outline.

4.2 - Secure network components

Operation of infrastructure (e.g., redundant power, warranty, support)

It’s important to be familiar with secure network components like redundant power, warranties, and support because they are fundamental to ensuring business continuity, minimizing downtime, and maintaining the resilience and availability of critical infrastructure. These components help minimize operational downtime, increase reliability and resiliency, and improve disaster recovery capabilities.

Redundant and protected power, such as uninterruptible power supplies (UPS), generators, and surge protectors, is important to protect business processes and production.

Warranties are important for secure network components because they help ensure operational reliability, provide financial protection against hardware failures, and ensure access to critical technical support and updates. They are a key part of an overall risk management strategy that supports business continuity.

Of course, vendor support is critical for secure network components because it ensures access to essential resources to help maintain the component’s security posture and specialized expertise to maintain business continuity.

Some best practices to consider when purchasing important infrastructure components include:

• Before signing a contract, evaluate the vendor’s security posture, incident history, and compliance with relevant industry standards. Also consider the costs of support, for instance, if (or how long) standard technical support is included, and the associated costs, as well as requirements for internal support of the product.

• Explicitly detail security expectations, data protection obligations, and incident response protocols in the vendor contract and SLA. Include clauses for audit rights, breach notification requirements, and penalties for non-compliance.

• Regularly monitor vendor activity on the network, review security reports, and conduct periodic security assessments to ensure ongoing compliance with established requirements.