Job Recruitment Website - Job seeking and recruitment - What is the major of network security?

What is the major of network security?

The definition of network security means that the hardware and software of the network system and the data in the system are protected, which will not be destroyed, changed or leaked due to accidental or malicious reasons, and the system will run continuously, reliably and normally without interrupting the network service. It has the characteristics of confidentiality, integrity, availability, controllability and auditability.

Classification and skill requirements of network security industry

According to different safety standards, application scenarios, technical implementation, etc. Security can be classified in many ways. Here we can simply divide it into network security, Web security, cloud security, mobile security (mobile phone), desktop security (computer), host security (server), industrial security, wireless security and data security. And other different fields. The following focuses on the security direction of network /Web/ cloud according to personal industries and concerns.

1? Network security

Network security is the most classic and basic field in the security industry, and it is also the field where domestic security companies get rich at present. The technical fields studied in this field mainly focus on firewall /NGFW/UTM, gateway, intrusion detection/defense, VPN gateway (IPsec/SSL), anti-DDOS, online behavior management, load balancing/application delivery, traffic analysis, vulnerability scanning and so on. Through the above network security products and technologies, we can design and provide a safe and reliable network architecture to protect the network infrastructure of government/state-owned enterprises, Internet, banks, hospitals, schools and other industries.

Large-scale security projects (fat ...) mainly focus on government affairs network/tax network/social security network/power network ... Telecom network/metropolitan area network (MAN) required by operators (mobile/telecom/China Unicom), bank-led financial network, data center network required by Internet companies, etc. These networks carry core infrastructure and people's sensitive data. Once they are leaked or illegally invaded, the scope of influence will not only be the affairs of an enterprise/company/organization, such as confidential data of the government or the military, national social security identity information, backbone network infrastructure, financial transaction account information, etc.

Of course, in addition to the above, there are other enterprise networks and education networks that also need a lot of security products and services. Network security engineering is generally provided by network security enterprises, system integrators, network and security agents, IT service providers and other technical units with nationally recognized computer system integration qualifications and security industry qualifications.

[Skills Requirements]

Network protocols: TCP/IP, VLAN/ trunk /MSTP/VRRP/QoS/802. 1x, OSPF/BGP/MPLS/IPv6, SDN/Vxlan/Openflow…

Mainstream network and security equipment deployment: Cisco/Huawei /H3C/ Ruijie/Junbo/Feita, router/switch, firewall, IDS/IPS, VPN, AC/AD…

Network security architecture and design: the design and deployment of enterprise network/telecommunication network/government network/education network/data center network …

Information security standard, golden land/golden tax project ...

[Supplementary explanation]

Don't be influenced by the rhythm of movies and news. There are many security engineers fighting in this field, not those who attack others to write attack codes and viruses every day.

In addition to defense and security, related hacking techniques include protocol security (arp man-in-the-middle attack, dhcp flood spoofing, STP spoofing, DNS hijacking attack, weak version of HTTP/VPN or man-in-the-middle attack …), access security (MAC flood and spoofing, 802. 1x, WiFi brute force cracking …) and hardware security (using NSA leak toolkit to attack well-known firewalls and device remote codes).

Learning this security direction does not require much computer programming skills (not taking the R&D route but taking the route of security service engineers), but more needs to master the common security network architecture, analyze network protocols and faults, and be familiar with the configuration of networks and security devices;

2? network security

The narrow field of Web security is the technology to study [website security]. Compared with the field of network security, ordinary users can perceive it more intuitively. For example, the website is inaccessible, the website page is maliciously tampered with, the website is attacked by hackers, and the core data is leaked (for example, the user account of Sina Weibo or Taobao is leaked, which will cause panic and change the password one after another). Of course, in a large-scale security project, Web security is only a branch, and it needs to complement [network security], but Web security pays attention to the upper application and data, and network security pays attention to the lower network security.

With the rapid development of web technology, from the beginning, isn't the Web just a few static pages? Nowadays, more and more services and applications are directly based on Web applications, not just an enterprise website or forum. Nowadays, almost all network applications, such as social networking, e-commerce, games, online banking, e-mail, office automation ... can be provided directly based on Web technology.

Due to the increasing significance of the Web, the corresponding attack means and defense technologies around Web security are also emerging one after another, such as WAF (Web firewall), Web vulnerability scanning, Web page tamper prevention, website intrusion prevention and other more vertical web security products have also appeared.

[skill requirements]? There are too many skills in Web security, because to ensure the direction of the Web means that beginners should know something about Web development technology. For example, to create a website through front-end and back-end technologies, such as [network security], we must first know how to build a network. Then, Web technology involves the following contents:

Communication protocol: TCP, HTTP, HTTPs.

Operating system: Linux, Windows.

Service erection: Apache, Nginx, LAMP, LNMP, MVC architecture.

Database: MySQL, SQL Server, Oracle.

Programming languages: front-end language (HTML/CSS/JavaScript) and back-end language (PHP/Java/ASP/Python).

3 Terminal Security (Mobile Security/Desktop Security)

Mobile security mainly studies the security of mobile terminal products such as mobile phones, tablets and intelligent hardware, such as iOS and Android security. The "jailbreak" we often talk about is actually the category of mobile security. The recent global outbreak of Windows computer worm virus-"WannaCry blackmail virus" or "Panda burning incense" is the category of desktop security.

The technical aspects of desktop security and mobile security research are both in the field of terminal security. To put it simply, one learns computers and the other learns mobile phones. With the migration of our work and life from PC to mobile, terminal security has also migrated from desktop security to mobile security. The most familiar terminal security products are 360, Tencent, Kingsoft Internet Security, Rising, Symantec, McAfee and Norton.

From the commercial point of view, terminal security (mobile security plus desktop security) is an a to C service, which is more oriented to terminal individuals and users; Network security, Web security and cloud security are more A-to-B businesses, facing the government and enterprises. For example, 360 is a typical company that extends from to C security business to to to B security business. For example, 360 enterprise security is to provide security products and services for government and enterprises, while the familiar 360 security guards and antivirus are mainly aimed at individual users.

4 Cloud security

[Cloud security]? It is another security field based on cloud computing technology. The research topics of cloud security include: software-defined security, hyper-converged security, virtualization security, machine learning+big data+security ... At present, there are many security products based on cloud computing, covering the original network security, Web security, mobile security and other directions, including cloud firewall, cloud anti-DDOS, cloud leakage scanning, cloud desktop and so on. And Tencent Cloud, the cloud desktop in China.

Cloud security is all about product form and commercial delivery, which realizes the transformation of security from hardware to software to cloud, greatly lowering the threshold for traditional small and medium-sized enterprises to use security products. In the past, a security project was a million-level project, but based on cloud security, real flexible procurement on demand was realized, which greatly reduced the procurement cost. In addition, the security in the cloud era has also brought more challenges and changes to the standardization and implementation of the original industry. For example, for commercial services hosted in the cloud, how to distinguish the responsibility and boundary of security construction between cloud service providers and customers? How to do information security assessment for cloud security projects?

Network security post classification and recruitment requirements

(1) Safety post

According to the recruitment of security companies, security posts can be divided into R&D department, engineering department and sales department. Different companies have different names for security posts, which are classified according to common names in the industry as follows:

R&D department: security R&D, security attack and defense research, reverse analysis.

Engineering Department: security engineer, security operation and maintenance engineer, security service engineer, security technical support, security after-sales, penetration test engineer, Web security engineer, application security audit, and mobile security engineer.

Sales department: safety sales engineer, safety pre-sales engineer and technical solution engineer.