Overview

These are the 5 primary security groups that must be considered with a model of corporate security. These include security policy to control the perimeter, network, security and transaction. They are all part of a strategy for effective enterprise security. Each company has a perimeter network that connect all cables and devices on external networks, both public and private sectors. The domestic network of all servers, applications, data and equipment used for farming purposes, together. Demilitarized Zone (DMZ) is a place between the internal network and perimeter includes firewalls and public servers. It allows access to certain that users outside the network servers and blocks the traffic that the servers. This does not mean that all external users are denied access to internal networks. Instead, an appropriate security policy, who does what and where access. Use access such as remote workers VPN concentrators on the perimeter, Windows and Unix servers. As a business partner and could use a VPN Extranet to access the company S/390 mainframe. Define what security is required for all servers to protect corporate applications and files. Cause transaction logs are needed to secure data as it travels across network segments, and certainly uncertain. Surveillance activities should be defined to examine the packets in real time as a defensive strategy and pro-active protection against internal and external attacks. A recent survey showed that internal attacks from disgruntled employees and consultants are more common than attacks by hackers. Detection of virus must be addressed, because sessions are intended to be carriers of a virus on the application layer with an e-mail or file transfer.

Security Policy document

The policy document describes the different security policies for all employees with the corporate network. It specifies what the employee is entitled to do so and by what means. The directive does not include employees and consultants, business partners, customers and employees laid off. In addition to the security policies are defined for Internet e-mail and virus scanning. It determines whether this cyclical process is used to test and improve security.

perimeter

This describes a first line of defense that external users have to do with the network before authentication. It is the security for communication with the source and destination is an external network. Many components are used to secure the perimeter of a network. The analysis examines all devices currently in use perimeter. Typical devices are perimeter firewalls, external routers, servers, TACACS, RADIUS server, the server dial, VPN concentrators and modems.

Network Security

It is as if all the servers and internal security heritage that is defined for authentication and authorization of staff internally and externally. If a user is authenticated by a perimeter security, the security that must be addressed before the start with all applications. The network traffic between workstations and network applications. Networking applications are implemented on a shared server could be an operating system like Windows, Unix or mainframe MVS. It is the responsibility of the operating system to store data, respond to requests data and maintaining the security of this data. Once a user is authenticated to a Windows domain with a specific user account, they have privileges granted to this account. These privileges would have access to certain directories on a server or servers, startup applications and administer all or part of the Windows servers. If the user is authenticated distributed on the Windows Active Directory Services, there is no special server. It is the management of huge benefits and availability, as all accounts from a central point of view and make copies of database security are managed, are available on different servers across the network. Unix and mainframe hosts usually require application of a particular system, but the rights of the network can be spread to many hosts. ·

· network operating system, domain authentication and authorization

• Windows Active Directory Services authentication and authorization

• UNIX and host authentication mainframe and registration

• Application Authorization Server

File and authorization data

Transaction Security

Transaction security is working in a dynamic perspective. He tries to resolve each session with five major activities. They are non-repudiation, integrity, authentication, confidentiality, and virus detection. Transaction security so that data is transported safely sitting in front of the entire enterprise or over the Internet. This is important when it comes to the Internet because the data is vulnerable to those who have the relevant information without permission to use. E-commerce has around industry standards such as SSL and SET, describe a series of protocols that allow the non-repudiation, integrity, authentication and confidentiality. Virus detection and provides transaction security by examining the data for signs of infection, before sending them to an internal user or before being transported sent through the Internet. The following table describes the security protocols industry-standard transaction

Non-repudiation -.

– RSA digital signatures

Integrity – MD5 authentication route

Authentication – Digital certificates

Privacy – IPSec/IKE/3DES

Detection of viruses p security and surveillance equipment

monitor network traffic for security attacks, vulnerabilities, and unusual events for each security strategy. This assessment identifies strategies and applications in the labor market. The following is a list that describes some of the traditional monitoring solutions. Intrusion detection sensors to monitor traffic in real time as it arrives in your area. IBM Internet Security Scanner is a tool for assessing vulnerability tests good that should be taken into account for your business. Syslog Server is a messaging standard Unix program in many companies, the security events in a log file to write the review found. It is important to have audit trails to accommodate changes in the network and help to isolate vulnerabilities. Large companies that use a large number of analog telephone lines for modems sometimes online scanner used to determine the open lines which could be exploited by hackers security. Facility Security is typical badge access to devices and servers, business-critical data reception. Badge access systems, the date and time that each employee entered the room certain telecommunications and left. Cameras may record what specific activities were also carried out.

Sensors Intrusion Prevention (IPS)

Cisco markets improve Sensors Intrusion Prevention (IPS) for enterprise customers to the security status of the network companies. Cisco IPS 4200 Series sensors use at strategic locations in the network inside and outside protected areas, switches, routers and servers from hackers. IPS Sensors monitor network traffic in real time or on-line comparison of packages with pre-defined signatures. When the sensor detects suspicious behavior, he will send an alarm message, delete the package and evasive maneuvers to counter the attack. The IPS sensor can online IPS, IDS, where the traffic flows can not be used by a device or a hybrid. Most of the sensors in the network of data centers are named IPS-mode with its security features dynamic counter-attacks as soon as they occur. Note that IOS intrusion prevention is now available as an option with the router.

Vulnerability Assessment Test (VAST)

IBM Internet Security Scanner (ISS) is a vulnerability scanner-based corporate clients to assess vulnerabilities on the network from the standpoint of external and internal. The software runs on agents and scans of various network devices and servers for known vulnerabilities and potential vulnerabilities. The process includes network discovery, data collection, analysis and reporting. The data were collected from routers, switches, servers, firewalls, workstations, operating systems and networking services. potential vulnerabilities are by non-destructive testing and recommendations be right to security problems. There is a reporting available with the scanner that the results presented information to company employees.

Syslog Server Messaging

Cisco IOS has a program called Unix Syslog reports on a variety of fringe activities and error conditions. to generate Most routers and switches syslog messages that are sent to a Unix workstation designated for review. If your console management system (NMS) uses the Windows platform there are programs that allow the visualization of log files and sending files between Unix and Windows Syslog NMS.

Network Planning and Design Guide is available and Shaun Hummel author of several books and technical solutions has a website focused on technological research job information and certifications.

http://www.networkjobsolutions.com

Syslog Server