Model Network Security - Definition of a strategy for Enterprise Security

View

These are the five main security groups that should be considered with any type of corporate security. These include security policies, perimeter, network, security of transactions and control costs. These are all part of an effective strategy for the safety of society. Each network has a scale that all the devices and circuits, which is on external networks, both public and private connection. The internal network consists of all servers, applications,The data and devices are used by the company. The demilitarized zone (DMZ) is located between the internal network and perimeter firewalls and servers contain public. That allows some access to outside users on network servers, and denies that such data would have on internal servers. This does not mean that all external users are denied access to internal networks. In contrast, require an appropriate security strategy on who can access what and from where. ForExample teleworkers perimeter with VPN concentrators on access to servers on Windows and Unix. In addition to business partners may use an extranet VPN connection for access to the S/390 mainframe business. Define what security is required on all servers to protect corporate applications and files. Identify transaction protocols are needed to protect data as it travels over secure and nonsecure network segments. Monitoring activities should be established to verify that packets arereal-time as a defensive strategy and proactive protection against internal and external attacks. A recent survey showed that internal attacks from disgruntled employees and consultants are more likely to hacker attacks. the detection of virus should be addressed, this session can be carriers of the virus could at the application level with an e-mail or file transfer.

Security Policy Document

The policy document describes the different security policiesAll employees of the company using the system. It defines what an employee is authorized to do and by what means. The directive does not include employees as well as consultants, having completed its business partners, customers and employees. In addition to security policies defined on the Internet and e-mail virus detection. It defines what is appropriate cyclical process used to review and improve security.

Perimeter Security

This term describes a first line of defenseExternal users must authenticate first lots on the network. And 'safety for traffic whose origin and destination is an external network. Many members are used to secure the perimeter of a network. The evaluation of the total perimeter devices currently in use. Typical devices perimeter firewalls, external routers, servers TACACS, RADIUS server, dial-up servers, VPN concentrators and modems.

Network Security

In this way, all definedServer and legacy host security, which is implemented for authentication and authorization of internal and external employees. If a user has been authenticated through the security perimeter, it is the certainty that all applications must first be treated. The existing network in order to carry traffic between the workstations and network applications. network applications are on a shared server, which could be executed, implement an operating system like Windows, Unix and MVS mainframes. And 'theThe responsibility for the operating system to save data to respond to requests and to provide data security for the data. Once a user authenticates to a Windows ADS domain with a specific user account that has privileges that are granted to this account. These privileges would be some directories on one or more servers, start applications for access and management of some or all of the Windows server. If the user is authenticated to the Windows Active Directory services are distributednot a specific server. And 'huge and the availability of the advantages is that since all the accounts from the point of view and the central security database will be copied to managed are managed on different servers across the network. Unix and mainframe hosts usually require registration on a particular system, but the network rights can be distributed many guests.

· Network operating system domain authentication and authorization

• Windows Active DirectoryAuthentication and authorization

· UNIX and mainframe host authentication and authorization

Use · Authorization Server

• The registration of files and data

Transaction Security

Transaction Security working in a dynamic perspective. Try to ensure each session, with five primary activities. They are non-repudiation, integrity, authentication, confidentiality, and virus detection. Transaction security guaranteedthat session data is transported by the company or the Internet safe. This is important when dealing with the Internet, because the data is vulnerable to those who would use the important information without permission. E-commerce has around industry standards such as SSL and SET, to describe a set of protocols, non-repudiation, integrity, authentication and confidentiality. In addition to virus detection, provides the security of transactions by checking the files for testingVirus infection before being transported to an internal user, or before they are posted on the Internet. The following describes industry-standard protocols for secure transactions.

Not resignation - RSA digital signatures

Integrity - MD5 authentication via

Authentication - Digital Certificates

Confidentiality - IPSec/IKE/3DES

Virus detection - McAfee / Norton Antivirus Software

Security Monitoring

Monitoring network traffic forsecurity attacks, vulnerabilities, and unusual events is essential to any security strategy. This assessment identifies the strategies and applications are used. The following is a list that describes some typical monitoring solutions. intrusion detection sensors for monitoring reports of real-time traffic as it arrives in your area. IBM Internet Security Scanner Vulnerability Assessment Test is an excellent tool for the organization should be considered. SyslogMessaging Server is a standard Unix program found at many companies that write security events in a log file for testing. It 'important to record audit trail of changes and help with network security problems of isolation. Large companies use a lot of open lines use analog dial-up modem dial-up scanners sometimes the lines that could be exploited by hackers to determine safety. Security organs is access to devices and distinctive traditional servers, business-critical data.Access badge systems record the date of the time that each employee entered the room of telecommunications and left. Cameras to record activities that at times were also carried out.

Intrusion Prevention Sensor (IPS)

Cisco Intrusion Prevention markets sensors (IPS) for enterprise customers to improve the security situation in the corporate network. Cisco IPS 4200 Series sensors use strategic positions within and outside the network to protectSwitches, routers and servers from hackers. IPS Sensor monitors network traffic in real time or in line with the packages of predefined signatures. If the sensor detects suspicious behavior, will send an alarm, drop the packet and some evasive maneuvers to counter the attack. The sensor can inline IPS IPS, IDS will be used where the traffic does not flow through the device or a hybrid device. Most of the sensors within the Right Data Center Network IPS is designed with dynamic securityFeatures counter attacks when they occur. Note that IOS intrusion prevention is now available as an option with the router.

Vulnerability Assessment Test (VAST)

IBM Internet Security Scanner (ISS) is a scanner vulnerability assessment for enterprise customers to assess the vulnerability of the network in terms of external and internal. The software works with agents and scan multiple network devices and servers for known vulnerabilities andpotential vulnerabilities. The process includes Network Discovery, data collection, analysis and reports. The data collected from routers, switches, servers, firewalls, workstations, operating systems and network services. vulnerabilities were analyzed by non-destructive testing and recommendations for correcting any safety problems. There is a reference system available with the scanner that the information presented findings to company employees.

SyslogMessaging Server

Cisco IOS is a Unix program called syslog, which contains a number of activities and repair conditions. Most routers and switches generate syslog messages that are sent to a Unix workstation designated to review. If your console network management (NMS) with the Windows platform, there are programs that can view the log files and syslog sending files between Windows and Unix-NMS.

Thanks To : MP3 Player remotepcaccess