Network Security encompasses the policies, practices, and technologies designed to protect computer networks and their data from unauthorized access, misuse, modification, or denial of service attacks—operating across multiple layers from physical infrastructure through application level using defense-in-depth strategies. This discipline has evolved dramatically since early perimeter-based defenses to embrace Zero Trust principles, assuming breach and verifying every access attempt regardless of location, while modern threats like ransomware and AI-powered attacks demand continuous monitoring, behavioral analysis, and automated response capabilities. Understanding network security means recognizing that traditional castle-and-moat approaches are obsolete—attackers already inside networks move laterally for months undetected, making east-west traffic monitoring and micro-segmentation as critical as north-south perimeter controls for containing breaches before they become catastrophic. In 2026, the convergence of IT and OT networks, shrinking TLS certificate lifetimes, and post-quantum cryptography migration have added new urgency to building crypto-agile, resilient infrastructure.
What This Cheat Sheet Covers
This topic spans 20 focused tables and 158 indexed concepts. Below is a complete table-by-table outline of this topic, spanning foundational concepts through advanced details.
Table 1: Firewall Types
Firewalls are the first line of perimeter defense, but over 60% of enterprise-focused zero-day exploits in 2025 targeted security appliances themselves—making layered architecture and prompt patching as important as the firewall type chosen. Understanding each variant's inspection depth and blind spots is essential for building effective layered defenses.
| Type | Example | Description |
|---|---|---|
Palo Alto PA-5400Cisco Firepower | • Combines stateful inspection with deep packet inspection, application awareness, intrusion prevention, and threat intelligence • inspects Layer 7 content and user identity | |
iptables --state ESTABLISHED,RELATEDASA access-list | • Tracks connection state tables to remember active sessions, allowing return traffic automatically • Layer 4 filtering | |
AWS WAFCloudflare WAF | • Filters HTTP/HTTPS traffic to protect web apps • defends against OWASP Top 10 attacks including SQL injection, XSS, CSRF • operates at Layer 7. | |
Azure FirewallPalo Alto Prisma Access | • Delivered as cloud service • scales automatically • centralized policy management for distributed resources • supports remote and hybrid workforces |