An enterprise comprises systems and applications. The systems are interconnected through a network. The systems, applications and network (Intranet) combined together becomes an infrastructure. The infrastructure is connected to the Internet for various purposes.
The Internet is un-secured huge public network and the enterprise network is private secured network. There should be line of control for security between the Internet and Intranet which will protect the Internal Network from the cyber threats coming from the Internet. For this, we would need Network Security which is collection of many security technologies embedded in platforms like Firewall, Intrusion Detection/Prevention System (IDS/IPS), Web Application Firewall (WAF), DoS/DDoS protectors. Proxy etc. The traffic coming from the Internet (untrusted network) to the Intranet (trusted network) will be scanned to detect and prevent attacks coming towards the enterprise infrastructure.
The internal network also has different zones of security levels. The local Data Centre where the applications are hosted will be at higher security zone (trusted) while the end users network will be all in the lower security zone (untrusted). Firewalls, IPS/IDS or WAF also will be put between these different security zones as attacks might also come from inside malicious users or compromised internal users.
Network Security is the process of implementing security on the perimeter between different types of networks protecting the trusted network (higher security zone) from the untrusted networks (lower security zone).