Definition
Network Security refers to measures taken to protect a network, and by extension any devices connected to that network, from threats that would otherwise result in harm, interference, or unauthorised access, and to ensure network usability and integrity.
Purpose
Investment in network security protects sensitive information and maintains network availability. Robust network security solutions help to protect a network from unauthorised access, misuse, and cyber threats and attacks.
Network security is realised through:
- the definition, planning, deployment, and use of network security measures to protect usability and integrity of government networks and data in a manner suited to the situation-specific circumstances
- the detection of anomalies, and subsequently potential threats to the integrity of the secure network
- protection of data in transit (noting that the protection of data at rest is covered by Information Asset Security)
- considering the capability as part of a complementary suite of Cyber Security Capabilities, including Application Security, Information Asset Security, Privacy, and Permissions.
A mature network security solution incorporates, at a minimum, the following components and practices:
- Firewalls: Act as the first line of defence by monitoring and controlling incoming and outgoing network traffic based on predetermined security rules. Intrusion Detection and Prevention Systems (IDPS): Monitor network traffic for suspicious activity and take action to prevent potential threats.
- Data Encryption: Protects data from unauthorised access during transmission.
- Access Control Systems: Defines who or what can access the network and its resources, ensuring only authorised users and devices have access.
- Antivirus and Anti-Malware Software: Detect and eliminate malicious software that can harm the network and its devices.
- Data Loss Prevention: Prevents sensitive data from leaving the network.
- Endpoint Detection and Response: Detects threats Protects devices connected to the network from various threats.
- Security Information and Event Management (SIEM): Provides real-time analysis of security alerts generated by network hardware and applications.
Objectives
The objectives of this content are to:
- ensure network security solutions across government are implemented to a high standard
- ensure alignment with relevant legislation, as well as existing guidelines and frameworks
- identify or establish and implement consistent standards or designs for network security
- maximise the potential for reuse across government when implementing new, or updating existing, network security systems
- ensure that new network security solutions draw from preceding investments, implementations, and learnings
- ensure whole-of-government purchasing arrangements for the supply of network security infrastructure, systems, software, and expertise are leveraged where they exist and are suitable.
Whole-of-government applicability
On 22 November 2023, the Australian Government released the 2023-2030 Australian Cyber Security Strategy, a roadmap that will help realise the Australian Government’s vision of becoming a world leader in cyber security by 2030.
The Data and Digital Government Strategy (DDGS) sets a vision for 2030 to deliver simple, secure and connected public services for all people and business, through world class data and digital capabilities.
Maturity in network security will be of critical importance to the DDGS missions:
- Trusted and secure: The Australian Government commits to improving and maintaining trust in its use of data and digital technologies including through securing networks, systems and hardware.
- Simple and seamless services: The Australian Government commits to ensuring technology is scalable, secure, resilient and interoperable, with new systems and infrastructure that supports data access and discoverability.