Go to the FreeLists Home Page Home Signup Help Login 		 



[networknewsletters] || [Date Prev] [10-2005 Date Index] [Date Next] || [Thread Prev] [10-2005 Thread Index] [Thread Next]

Ten steps to secure networking

  • From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
  • To: NetworkNewsletters@xxxxxxxxxxxxx
  • Date: Thu, 13 Oct 2005 12:55:51 -0400
**************************************************************
Network Newsletters Mailing List ©1994
Subscribe - Unsubscribe - Email Preferences
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html

Educational CyberPlayGround Community Mailing Lists http://www.edu-cyberpg.com/Community/
Advertise Network Newsletters Guidlines
http://www.edu-cyberpg.com/Community/Subguidelines.html
**************************************************************

------- // Please Visit Our Sponsors! // -------

ActiveServers, Inc ServerFarm, Co-Location, Point to Point Wireless,
Consulting, and Windows dotnet Servers. Premium Hosting Solutions
on multiple OC-48 redundant connections.

Visit http://activeservers.com

--------------  Thanks Sponsors! --------------


By Pamela Warren
Nortel
October 12, 2005
http://www.techworld.com/security/features/index.cfm?FeatureID=1862

Secure networking ensures that the network is available to perform its
appointed task by protecting it from attacks originating inside and
outside the organisation.

Traditional thinking equates this to a handful of specific
requirements, including user authentication, user device protection
and point solutions. However, the move to convergence, together with
greater workforce mobility, exposes networks to new vulnerabilities,
as any connected user can potentially attack the network.

Application traffic must be securely delivered across the network,
avoiding threats such as theft of intellectual property or private
data. In addition, the underlying infrastructure must be protected
against service disruption (in which the network is not available for
its intended use) and service theft (in which an unauthorised user
accesses network bandwidth, or an authorised user accesses
unauthorised services).

While most organisations focus on securing the application traffic,
few put sufficient infrastructure focus beyond point solutions such as
firewalls. To protect the total network, security must be incorporated
in all layers and the complete networking lifecycle.


Secure networking layers

Secure networking involves securing the application traffic as it
traverses the network. It should encompass these areas:

Perimeter security protects the network applications from outside
attack, through technologies such as firewall and intrusion detection.

Communications security provides data confidentiality, integrity and
non-repudiation, typically through the use of Secure Sockets Layer or
IPsec virtual private networks (VPN).

Secure networking extends this by protecting the underlying
infrastructure from attack.

Platform security ensures that each device is available to perform its
intended function and doesn't become the network's single point of
failure. The network security plan should include antivirus checking
and host-based intrusion detection, along with endpoint compliance, to
ensure that security policies check user devices for required security
software.

Access security ensures that each user has access to only those
network elements and applications required to perform his job.

Physical security protects the network from physical harm or
modification, and underlies all security practices. The most obvious
forms of physical security include locked doors and alarm systems.


Secure networking lifecycle

Providing a secure network is not a one-time event, but rather a
lifecycle that must be continually reviewed, updated and communicated.
There are three distinct stages to be considered:<snip>

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Copyright statements to be included when reproducing
annotations from Network Newsletters

The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:
EDUCATIONAL CYBERPLAYGROUND http://www.edu-cyberpg.com
Network Newsletters copyright
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html 

FREE EDUCATION VENDOR DIRECTORY LISTING
http://www.edu-cyberpg.com/Directory/

HOT LIST REGISTRY OF K12 SCHOOLS ONLINE
http://www.edu-cyberpg.com/Schools/
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>




[ Home | Signup | Help | Login | Archives | Lists ]

All trademarks and copyrights within the FreeLists archives are owned by their respective owners.
Everything else ©2007 Avenir Technologies, LLC.