How to Design a Strong Network Security System

Posted on March 5th, 2010 Filed under How To, Security

An organization can have two or more than one site or where each site has their own network. If a large organization, it is very possible these sites have a distinct network administration according to a particular purpose.

If these sites are not connected through the Internet, each site may have their own security policies. However, if these sites are connected via the Internet, the security policy should include the purpose of any linked site.

In general, a site is part of an organization that has multiple computers and resources connected to a network. Resources such as:

Workstations and Laptops
Computer as a host or server
Interconnection: gateway, router, bridge, repeater
Software applications and networks (NOS)
Network cables
The information in the files and databases

The site’s security policy should also consider the security of these resources. Because the site is connected to another network, the security policy must consider the needs of all the interconnected networks. It is important to note because of the possibility of site security policy to protect these sites, but harmful to the resources of other networks.

An example of this is to use IP addresses behind a firewall, where the IP address is already used by someone else. In these cases, infiltration can be done on a network behind a firewall to perform IP spoofing. For the record, RFC 1244 discusses site security detail.

Network Security Policy

Provides security policy frameworks to make specific decisions, for example, what mechanisms will be used to protect the network and how to configure services. Security policy is also the basis for developing a secure programming guidelines to be followed for the user or system administrator. Because of security policy includes a very broad discussion, it is currently the only core issues will be discussed only and will not discuss the things that are specific in terms of technology.

A security policy includes the following:

A detailed description of the technical environment of the site, the applicable law, the authority of the policy and the basic philosophy to be used at the time of interpreting the policy.
Risk analysis that identifies the site’s assets, threats faced by these assets and the cost for damage / loss of assets.
Instructions for system administrators to manage system
Definition for the user of things to do
Instructions to compromise on the media and the application of existing laws, and decide whether to track the intruder or will turn off the system and then restore it again.
Factors affecting the success of the security policy include:
Commitment from the network manager
Technology support to implement the security policy
The effectiveness of the policy distribution
Awareness of all network users to network security

The management computer network set the responsibility for network security, provide training for personnel who served in the field of network security and to allocate funds for network security. Which includes the technical choices that can be used to support the computer network security, among others:

Authentication to the system
Audit system for accountability and reconstruction
Encryption of the system for storage and delivery of critical data
Network tools, such as firewall and proxy

Practical Matters Supporting

Below are practical things that need to be done to support the computer network security, among others:

Ensure all accounts have passwords that are difficult to predict. It would be better when using OTP (One Time Password)
Using tools, such as MD5 CHECKSUMS, a cryptographic techniques to ensure the integrity of system software
Using a secure programming techniques when creating software
Always be wary of the use and configuration of computer networks
Routinely checking whether the vendors have fixes for the latest security holes and always keep upgrading the system to always have security
Routinely examine the documents and articles online about the safety hazards and handling techniques.

Documents and articles like this can be found at sites of incident response teams, such as CERT (Computer Emergency Response Team – http://www.cert.org and Computer Security Incident Response Team – http://www.CSIRT.org)

Auditing systems and networks and regularly check the log list. Some sites that experienced a security incident reported that the audit is collected minimal so difficult to detect and track intrusions

Posts Related to How to Design a Strong Network Security System

Domain Server
Domain Server, What is the most important thing about it ? Domain server is a server that manages all security-related aspects between user and domain ...
Twitter Safety Tips
A growing number of crimes committed in cyberspace. After Facebook, just maybe this time the media of Twitter become the new target of cyber crime. ...
Domain Names
What is Domain Names Definition? A domain name is an identification label that defines a realm of administrative autonomy, authority, or control in the Internet, ...
Linksys Wireless Router Setup
How to Configure Linksys WRT54G as Internet Gateway Linksys WRT54G is Broadband Router equipped with wireless b/g. WRT54G is one of the Linksys Router Family. ...
Linksys Cable Router
Linksys Etherfast/DSL Cable Router Overview Linksys was producing lot of routers but the main frame is dividing into 2 general purposes. The first is Linksys ...

Viewed 337 times, 2 Today

Comments (1)

webbrowser problem says:
January 17, 2011 at 4:13 am
Wow! such unique info on the subject!

TECHBAROS