Week 7 Network Management and Infrastructure Cantwell

  

TCP/IP is essential for communication, but it was never designed to fully protect modern data on its own. After reviewing NIST’s Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations, it became clear that secure communication today depends on layering additional protections on top of the basic TCP/IP model. TCP still plays a critical role by ensuring reliable and ordered delivery of data, but confidentiality, authentication, and stronger protection of data in transit now rely heavily on TLS.

One of the biggest takeaways from this topic is how much expectations around security have changed over the last five or six years. In the past, some organizations may have treated encryption as something extra, but now it is viewed as a basic requirement. Modern cybersecurity expects secure defaults, stronger encryption standards, and the removal of outdated cryptographic methods. NIST’s guidance reflects that shift by recommending TLS 1.2 and TLS 1.3 while moving away from older and weaker options such as SHA-1, CBC mode, and outdated key exchange methods.

This topic also highlighted that network security is not just about one protocol or one device. It requires multiple layers working together. TLS helps protect communications, but it must be supported by proper certificate management, secure configurations, firewalls, patching, and monitoring. That layered approach is especially important because attackers often look for weak points in exposed services, poor configurations, or unpatched systems rather than in the protocol alone.

Overall, this discussion showed that securing TCP/IP traffic is really about combining reliable communication with modern security controls. The lesson that stood out most is that security has to be intentional. Strong protocols, careful configuration, and ongoing monitoring are all necessary to protect data and maintain trust in network communications.