How to Design a Strong Network Security System
An organization can have two or more than one site or where each site has their own network. If a large organization, it is very possible these sites have a distinct network administration according to a particular purpose.
If these sites are not connected through the Internet, each site may have their own security policies. However, if these sites are connected via the Internet, the security policy should include the purpose of any linked site.
In general, a site is part of an organization that has multiple computers and resources connected to a network. Resources such as:
- Workstations and Laptops
- Computer as a host or server
- Interconnection: gateway, router, bridge, repeater
- Software applications and networks (NOS)
- Network cables
- The information in the files and databases
The site’s security policy should also consider the security of these resources. Because the site is connected to another network, the security policy must consider the needs of all the interconnected networks. It is important to note because of the possibility of site security policy to protect these sites, but harmful to the resources of other networks.
An example of this is to use IP addresses behind a firewall, where the IP address is already used by someone else. In these cases, infiltration can be done on a network behind a firewall to perform IP spoofing. For the record, RFC 1244 discusses site security detail.
Network Security Policy
Provides security policy frameworks to make specific decisions, for example, what mechanisms will be used to protect the network and how to configure services. Security policy is also the basis for developing a secure programming guidelines to be followed for the user or system administrator. Because of security policy includes a very broad discussion, it is currently the only core issues will be discussed only and will not discuss the things that are specific in terms of technology.
A security policy includes the following:
- A detailed description of the technical environment of the site, the applicable law, the authority of the policy and the basic philosophy to be used at the time of interpreting the policy.
- Risk analysis that identifies the site’s assets, threats faced by these assets and the cost for damage / loss of assets.
- Instructions for system administrators to manage system
- Definition for the user of things to do
- Instructions to compromise on the media and the application of existing laws, and decide whether to track the intruder or will turn off the system and then restore it again.
- Factors affecting the success of the security policy include:
- Commitment from the network manager
- Technology support to implement the security policy
- The effectiveness of the policy distribution
- Awareness of all network users to network security
The management computer network set the responsibility for network security, provide training for personnel who served in the field of network security and to allocate funds for network security. Which includes the technical choices that can be used to support the computer network security, among others:
- Authentication to the system
- Audit system for accountability and reconstruction
- Encryption of the system for storage and delivery of critical data
- Network tools, such as firewall and proxy
Practical Matters Supporting
Below are practical things that need to be done to support the computer network security, among others:
- Ensure all accounts have passwords that are difficult to predict. It would be better when using OTP (One Time Password)
- Using tools, such as MD5 CHECKSUMS, a cryptographic techniques to ensure the integrity of system software
- Using a secure programming techniques when creating software
- Always be wary of the use and configuration of computer networks
- Routinely checking whether the vendors have fixes for the latest security holes and always keep upgrading the system to always have security
- Routinely examine the documents and articles online about the safety hazards and handling techniques.
Documents and articles like this can be found at sites of incident response teams, such as CERT (Computer Emergency Response Team – http://www.cert.org and Computer Security Incident Response Team – http://www.CSIRT.org)
Auditing systems and networks and regularly check the log list. Some sites that experienced a security incident reported that the audit is collected minimal so difficult to detect and track intrusions