Tuesday, May 26, 2020
Networking - Free Essay Example
Sample details Pages: 29 Words: 8736 Downloads: 3 Date added: 2017/06/26 Category Statistics Essay Did you like this example? Introduction About Philadelphia Inc. Philadelphia Inc. is a large multinational company which is emphasis mainly in producing of computer software and manufacturing of computer and its accessories. It has branches all over the world, nearly about 12 countries. The headquarter is in Philadelphia town in USA which has 13 large departments. These are Front-desk Department, Donââ¬â¢t waste time! Our writers will create an original "Networking" essay for you Create order Human Resources Development Department, Accounting Department, Information Technology and Sever Controlling Department, Software Development Department, Hardware Manufacturing Department, Sale and Services Department, Warehouse Controlling Department, International Branches Relationship Department, Marketing Department, Retail Services Department Administration Department, and Administration Department, and The Philadelphia Inc. is one of the fully computerized companies and therefore networking between the branches and headquarter is needed to have a best security as the information of the company is fully stored in Database server in IT and Server Controlling Department. Unfortunately, as the saying, Nothing is perfect, the best security system of Philadelphia Inc. was broken by some kinds of viruses, worms, Trojans and other malicious ones. As the information stored in database server is essential for the Incorporated, thus, the executive director wanted to renew the networking design to enhance the networking security all over the Inc. Type of Network used in Philadelphia Inc. In Philadelphia Inc, all computers in all departments are linked to communicate, share information and others. It also has internet access, via wireless network, which need special take care not to hack the information in Inc. Although the technicians information technology and sever controlling department always check the servers performance, virus, and any other necessary things and also specially check the security of network, unfortunately, some kinds of virus starts break the network down. Among the 13 departments of Philadelphia Inc, the worst two departments that are interrupted by virus is Administration Department and Finance Department, which are very essential departments of Inc. Task 1 Topics Concerning with Network Security 1.1 Access Control There are various definitions of Access Control. From the context of networking, it means that it is a process that router insulate the access by identify the source and destination address by a set of rule to prevent from access the network by attackers. If the source and destination meets the criteria of rule set of router, it will allow accessing, if not so, it does not. This process takes place before forwarding an incoming packet. Form the point of user, access control is the processing of determining the access of network resources by identifying the user accounts type and its group in which user is situated. 1.2 User Authentication The word authentication is adapted from Greek word ae?t which means that real or genius from authentic: from author so this word means that real from author. Therefore authentication is the process of identifying the user by some kind of mark such as retinal scan, finger print and more simply username and password to get the access of network resources for the purpose of security. The authentication process makes the administrator control to whom can access the network resources. 1.4 Firewall Firewall is either physical or software devices that can investigate the packet going in and out and it can prevent some malicious attack by identifying packet by a set of rules. Firewall technology is introduced to construct more secure network. 1.5 Virus Protection Virus is the malicious program that can hide in computer as other program or document to disrupt the computer or network functions by deleting the essential files or they fragmenting the files especially system file. Virus protection is the process of preventing computer or network from attackers, who can create virus, by some kind of hardware or software or by make rule set for user. 1.6 Accessing the Internet Internet is very popular in recent year and nearly every people want to access the internet. The accessing to the internet is the process of connecting the internet by some kind on link system such as dial-up or others to get the internet to computer. There are several ways of access the internet. Some kinds of way to access internet are dial-up, asymmetric digital subscriber line (ADSL) and so on. Task 2 Solving Email Problem E-mail which is an electronic mail that can send and receive in a second have so many problems why user cannot log into the email account. As she, who cannot login into her account and staff of the company, used the outlook express mail which is the company official mail and thus she did not open the internet explorer to access the internet though she cannot log in the account. When she prints, she cannot print the printer which is in network. Thus I determined that it may be network problem. Therefore, I think it is connected the network improperly in physically or logically. No sooner did I reach her office than I check whether the network cable is connected correctly or not. But it is plugged in correctly. It makes me confused. Therefore I asked her a few questions concerning about her experience when she start opening the computer until she cannot print the printer in the network. When I asked her if something warning message occurred when you start using the outlook program and she answered No, I think so as I did not remember. Her answers were blur and made my head aches. Then I asked her if another person used this computer as an administrator account and then she answered It wont never happened as I use this computer with strong careful and I dont allow another person to use this computer. For a moment, I thought and thought and at that time she said with a strange and something-thinking face I think I got the warning Message. AnnI got it! It wrote something concerning about IP. Yes IP. No sooner did i hear it, I check the IP address that is in TCP/IP protocol. By viewing the event viewer and check in the Network place. No sooner I check the TCP/IP protocol; I learned that there was IP conflict problem, the same IP used in two computers of the same network. Therefore, after I had changed the IP address correctly, she could log in successfully into the email. The warning message appears no sooner the computer detected the IP conflict problem. Please refe r to the following picture. I hope the problem of the printers is also a fault of IP address and thus I checked it by printing. To my horror, computer could not print. It made me headache. I checked the internet setting and network setting to ensure the IP address was right and if there was any problem in the computer. But nothing was found. I thought and thought and then I got the idea. I asked her if someone used this computer. Answer me correctly and honestly. She answered me her boyfriend from the Sale and Marketing department used the computer. After he used this computer, this problem occurred. I told her not to do this kind of action again. I selected the Control Panel and then to the tag of Administrative Tools double clicked on it And then in the Administrative tool there are ten items that can do changes to the computer. Among these, selected the Services icon then the services windows would appear as below. Among several services, right click the print spooler. title where print spooler is written on the right side of the screen. Now printer can print successfully. From above event, I really want to warn the all staff not to be usable to the other staff or people from accessing the information or other essential things. Task 3 Security Review Report Nowadays, internet, a wide area network that connects a set of different network, is more and more utmost large. The following table shows the internet usage and population statics in the various parts of the world from the 2000 to 2008. It shows that it is obviously increasing in 2008 compared with 2000. Thus as the internet usage increases, security is getting an essential part of network of all types, including from enterprise to home network. The more and more technology is developing, the more and more the threats are born. So how to prevent various threats that is stealing the information from your network? According to the report of CERT? Coordination Center which is a center of Internet security expertise, the security incident are increasing each year and each year. Therefore, for protecting the ever-increasing number and complexity of threats, the enterprises need vigilant approaches that can defect them. They use the network password easier than security. When the password is long and difficult to penetrate, they wrote down on the stick paper and stick beside of computer. They are not careful about any security things that are essential to Network. Although reveling the security-protective things are made difficult to security penetrators, when people dont care about it, security is the place where penetrators enjoy to approach. Therefore, you should need to know how many kinds of threat are there and what are their effects? After that, you should rule a set of assessment that users should have, in short policy. Mark Carter from COO, CoreFacts, LLC, Data Recovery and Analysis Firm said that I have found that inadequate network security is usually caused by a failure to implement security policies and make use of security tools that are readily available. Its vital that companies complete professional risk assessments and develop comprehensive security plans and infrastructures that a re publicly supported by upper management. Not only companies should have network security, legislations should also be made to prevent and control the flow of electronic information. Therefore, to secure the network, especially when connecting to internet from enterprise network, security policies and disciplines and other security-enhanced things are really needed to make. Threats The word threats is very familiar to users of network as they face and hear everyday talking about threats. Thus, what is threat? Threat is something which wants to see others information concerning about financial, bank account and the one that want to destroy the computer or network and makes users confused. In computer aspect, there are so many threats which are human-based, automated, and the last one, natural phenomena. The latter is strange as we know threats are created by human or automated. The natural-phenomenal threat is like power outage to burglar alarm. The table below shows different kinds of security threats that commonly found in network aspect. To prevent the Network User Attack which many be internal employee, enterprises need to have access control and user authentication and essentially policies of using network. That kind of attack cannot protect by firewall but it can be protected by policies. Therefore, policies are needed to develop in either large or small e nterprises. Policy No famous companies satisfy with their written policy. Policy is a set of written statements that can set appropriate expectations of Internet assets of clients and servers. This document makes the companys network easy to draft, maintain, and enforce. Security policies are noses of companies. They can make the users to be more careful and to know what assets they have and they do not have. Every Small and Middle Enterprise (SME) needs a good set of policies that is effective. For Philadelphia Inc, although it has a set of policies and penalties occur when staff broke the rules, as a saying Nothing is perfect, the older set of policies is ineffective and thus this makes trouble to company and other vulnerabilities to allow get into the company network. Therefore, company needs a more set of policy that is perfect and effective in Task 4 of this assignment. To have a secure policy, firstly Access Control which can make the clients who have access to install or remove the software, in short users assets is needed to be clearly defined. Risk Management For risk management, there are various definition concerning about it. Among them, by comparing three definitions, it can be known that risk management is really difficult to meaning and solve. The three definitions are In the dictionary, risk as the possibly of suffering harm or loss Carnegie Mellon Universitys Software Engineering Institute (SEI) definescontinuous risk managementas processes, methods, and tools for managing risks in a project. It provides a disciplined environment for proactive decision-making to 1) assess continuously what could go wrong (risks); 2) determine which risks are important to deal with; and 3) implement strategies to deal with those risks (SEI,Continuous Risk Management Guidebook [Pittsburgh, PA: Carnegie Mellon University, 1996], 22). The Information Systems Audit and Control Association (ISACA) says, In modern business terms, risk management is the process of identifying vulnerabilities and threats to an organizations resources and assets and deciding what countermeasures, if any, to take to reduce the level of risk to an acceptable level based on the value of the asset to the organization (ISACA, Certified Information Systems Auditor (CISA) Review Manual, 2002[Rolling Meadows, IL: ISACA, 2002], 344). In real aspect, risk management includes in business and major subset, technology. In business risk, there most common risks are Treasury management Revenue management Contact management Fraud Environmental risk management Regulatory risk management Business continuity management and Technology. Technology risk management is one of the most common risks in the business risk management itself. In business, the most common risks are as below. Security and privacy Information technology operations Business systems control and effectiveness Business continuity management Information systems testing Reliability and performance management Information technology asset management Project risk management Change management Thus, the risk management is difficult to solve. Therefore, in businesss risk, the decision made is really important. When solving the risk, many important decisions are needed to be made so that the risk will be successfully conducted. In solving the risk management, there are various models describing how to solve the risk. Among these, the selection two models are described briefly. The first one is General risk management and the last one is risk management in software management. They have the same methods to solve the risk. They solve through the same phases like Identify Analysis Plan Track Control In general risk management, there is slightly different. In general, the phases are Asset identification (identify) Threats assessments Impact definition and Quantification Control Design and evolution Control Design and evolution The risk management is repeated as the residual risk management is the step where the risk has been neutralize but need to manage so the threat cannot be the risk again to the organization. If is again to become the risk, it is needed to solve through the above steps. The risks are essential to the organization and thus risk management is more important than other things. The above description is only a brief of the risk management only. Advantages and disadvantages of Network Security As the above description, nowadays, security is an essential to everything. For the enterprise, the network security is really important not to steal the information by others, not to get the virus and other malicious programs and to prevent other important things. There is no doubt that for the enterprises having network even extended to internet really needs to have security. But having network security has advantages and disadvantages. In real world, network having security can promise that all important data cannot be stolen by other hackers. Having firewall, one of the important security things, can prevent from entering the malicious things into the network. The virus, which may be man-based or not, can destroy the entire network and the only way to prevent this destroyable thing, is preventing the entire network by non-hold security, the most secure thing. Security can make network not to penetrate by threats thus the data and information are secure. The email and other communication can do without any limited as security can filter the virus from the other from entering the network. Therefore, security can give the network more trusted. As security does not have any intelligent, thus it can filter things that are not malicious code. As security will do as human command, human can accept to enter the malicious code into the network by closing the security. Firewall can prevent the email that is really not a virus, but firewall thinks it wrongly. If email is not important, it makes nothing to the enterprise. But if it does not like that, it makes the whole enterprise shocked. Sometimes security does not work well and thus it prevents or allows all information from the outsides of the network. In summary, as security is man-made, thus, even the most secure network can be destroyed by virus or other malicious code. Security is very good when it works properly. When something starts wrong, security can make the problem to the network. Thus, to have secure network, security should be controlled and is needed to check whether it is working correctly or not and dont allow other users to allow the things that are prevented by security. When security is used correctly and controlled, it will give advantages to the network. If not so, it wont. 3.1 Access Control Access control makes the process of determining and controlling the legitimate users activities, which can do or not. Access control makes restrict users who can install the software in computer but who cannot, who can change the IP address in computer but who cannot. Therefore, access control means that it restricting the users activities on computers. There have built-in access control accounts in Operation System, especially in Microsoft products such as Windows XP, 2000, vista and 7. They have various user accounts and its assets. The table below shows the account type and its asset. For a typical user account, the table is constructed according to the Windows Server 2003s user accounts. Group Rights Administrators Has complete control over the computer and domain Account Operators Can administer user and group accounts for the local domain Backup Operators Can back up and restore files that users normally cannot assess Guests Is permitted guest assess to domain resources Print Operators Can add, delete, and ,manage domain printers Server Operators Can administer domain server Users Has default access rights that ordinary users accounts have Source: Guide to Networking Essential 5th edition by Greg Tomsho, Ed Tittel and David Johnson. Table 3.3 User Accounts and Their Rights In normally or ordinary clients windows operating system, there are typically have Administrator, Standard and Guest accounts. By defining the users of network the account types according to the level, it can prevent changing the default setting of network or operation system. It is the simplest and easiest way of Access Control. The one important thing of setting the users account is placing the password that is not familiar and long and difficult for the other person but easier to remember myself. There are several rule of setting the password. Some of these are 1. Passwords should not be the parents name and spouse or husband or wifes name and childrens name. 2. Password should be mixed with numbers and alphabets. For example, adm1sn1s!ra!or or no24557raytheo 3. Although password should be difficult for the other users, it should not be difficult myself, that is, password should be easier and familiar with myself The above access control is simplest and easiest as I said above. The more effective and secure access control is containing the various restricting way of assets of users. The first way of secure access control is access control matrix, which is constructed by rows and columns and also describing the capability of the user. The second way is building the access control list that has one column at one time having the right of performance types and what kind of actions can be performed. It is short and simple. But it has many disadvantages. Account control List (ACL) is most suited where the data is accessed from the clients computers or stored in computers, which is most commonly in universities campus or universitys science labs. It is not suited where the clients or usurers are flooded and changing to the time and when users want to have delegate authority to install the program to use for a period of time. Although the ACL is easily to implemented, it is not effective as it needs security checking at runtime, when the user access the file or program as the operation system can readily knows what programs are accessed by user and users assets but it cannot know users access which file or folder unless operation system needs to check file at every time or to keep track of active assets of users or clients. The last one is that in ACLs, it makes tedious work that files or folders which are accessed by clients are searched. For instance, it is really a tedious job to do which is finding the files and folder of millions on the network and delete password or another of employs account is fired by Chief to ensure not to access network from the outside network. Another access control is Role-Based Access Control, defined mainly based on the roles and responsibilities of clients which access computers, files and folders. As this access control is defined by role and level of users, it can be easily known who has the right to install, who has the right to control IP address of network and who has only to do word processor software. It is easily to differentiate which role can do what kinds of operations in computer. When the role based access control system is used, as the users role should be defined and their privileges should also be set to the minimum or precisely for computer operations. Someone assigned to a job category may be allowed more privileges than needed because is difficult to tailor access based on various attributes or constraints. Therefore, role-based access control is difficult to define the controlling precisely. However, for the organization that defined nearly precise RBAC, users can know how much they can do the opera tion in the computer system and RBAC system provides the users with flexibility and breath of application greatly. In comparison with access control list and other access control system, RBAC is less intuitive and more conventional than other system of access control. Role Bases Access Control system is integral part that used in Secure European System application for Multi-vendor Environment (SESME) distributed system and the database language SQL3. For Philadelphia Inc, access control system will be used is role-based access control system as it can show the assets of users clearly and sharply. According to the role and responsibilities, staff will have different assets and operation in computer network and computer alone. By using the top-down process, the executive have greatest assets than other staff in the companies. For Administrator or ITSC department head, the servers operation can be done without prior notice. And for each department head, this system will give them the different assets mainly based on role and responsibilities. For instances, it can be done by Financial head which is operation of accounting software and any others operation concerning with financial system but for the head of Sale department, the above processes are cannot be done. The process that can be done is the one concerning with role of the clients. Although executives will have the widest asset of computer network, they cannot change the TCP/ IP address nor other operations that are concerning with administrators assets. Therefore, with a precise role-based access control system, it can be defined which level can do what kind of operation on computer and computer network. 3.2 User Authentication Authentication is the process of identifying the users who they are with something they know (password or something else). According to the security need of enterprise, authentication process differs from the one that does not need as much as the former. Authentication process is mainly based on the identify verification and registration process on user. John Seam is the new staff and needs to show her identity such as ID Card, birth certificate and passport for authentication registration process to do. After they are all gotten and the enterprise will investigate the identifications of hers have criminal record or something else. After this process, enterprise accepts her registration and takes the secret thing she know such as fingerprint and other biometric things and password and enterprise provide the username to get the permission to do operation of enterprise. If John Seam provides the false identity and the enterprise accept it, the person acting ad John can positively get p ermission of enterprise. Therefore, in summary, authentication is only as good as the weakest point of chain. According to the security level needs of enterprises, the authentication process can be grouped into 16 groups which are Password Authentication, Single Sign On Authentication, Lightweight Directory Access Protocol (LDAP) Authentication, Access Control Authentication, Network Authentication, Biometric Authentication, Strong Authentication, Transaction Authentication, Federated Authentication, PKI Authentication, Security Token Authentication, Smart Card Authentication, Authentication Management, Wireless Authentication, Document Authentication and Outsourcing Authentication. Password Authentication Password authentication is the common method of authentication process in various enterprises and it is the weakest and critical process too. In password authentication, user needs username and password to log in into computer. Password length, type of character and password duration and password management is now critical to enterprises. Password, how long they are, can easily be cracked by hacker and thus password is really weakest authentication process of enterprises. Single Sign On Authentication Single Sign On (SSO), Reduced Sign On (RSO) and Enterprise Single Sign On (ESSO) make the user not have to remember so many passwords and id. SSO is the architecture for stronger risk of information and other things. Enterprises uses SSO in information that needs to have stronger security. When user or black user login into the computer by id and password for lower risk of security, if other high risk information or application is accessed, the SSO software needs more password or biometric or other security enhanced thing to user who accessed it. Thus SSOA is more secure than password authentication. Lightweight Directory Access Protocol Authentication Nowadays, most enterprises use Lightweight Directory Access Protocol (LDAP) to handle the central authentication. LDAP directories, such as Active Directory, Sun One Directory, Novel e-Directory and other vendors, provide a low cost way of doing fast identity look-ups and authentication as compared to traditional databases. However, today, enterprises use virtual LDAP that contain one or more database or directory that is integrated to authentication. The LDAP is the critical identity authentication that can lead to access control authentication. Access Control Authentication Access control is the process of accepting the identity to get the permission to access the information physically or electronically. With LADP directory, single sign on and access control, most enterprises build the smart card for staff which can use to keep the working time and their access to the LADP directory management. As the access control has its own database directory, it can reduce the database directory for storing information Network Authentication Network authentication is the process of accepting the user ability to authenticate the network as well as their authorization. Biometric Authentication Biometric Authentication is the one which takes part of the body to get access to information and program. This authenticates by scanning the users finger print, retina scan and other things. Strong Authentication Strong authentication means having higher trust of an authentication. This includes digital certificate, security token and biometric method. Some enterprises use combination of these methods including the password for the information that needs higher security and critical to enterprises. Transaction Authentication Transaction authentication is the process of using other authentication determinants to verify an identity. It is often used between customer and financial institution. Federated Authentication Federated Authentication is the permission to get into the enterprise from outside from trusted website which also contains SAML, Liberty Alliance, Web Services Federation and Shibboleth. PKI Authentication Public key infrastructure (PKI) is another way of authentication process. The user is getting the digital certificate which is given by a Certificate Authority (CA) which is needed to present during the PKI authentication process and contains level of assets. Security Token Authentication This kind of process is used to authenticate who you are. During the login process but for more high risk , signal sign on process, the user needs to enter the number which is token with his user name. Although it is more secure than password and id, it makes the enterprise more costly than login process. Smart Card Authentication Smart card authentication is another form of token process, which is login by digital certificate, containing the information about the user and its level of asset. Nowadays, smart cards are used to get permission in physical things such as building, room and facility. Authentication Management Authentication management is overall process of all authentication process. Wireless Authentication As wireless is most common network infrastructure of enterprises, authenticating wireless network becomes more and more secure because wireless can be breached easily. But to form secure wireless network, authentication should be combined multi authentication process. Document Authentication Formerly separate document authentication systems are now becoming intertwined with enterprise identity and authentication mechanisms. Gone are the days of relying upon mostly passwords to authenticate users trying to open document. Outsourcing Authentication Many modern enterprises have outsourced portions of their authentication development, maintenance and troubleshooting. If done well it can save the enterprise money. If done poorly, it can create security holes or, cause enterprise failures. For Philadelphia Inc, the authentication processing is done according to the risk and critical of information and program. For computers that are used by staff are covered by password and id only but when want to access file on server or on network, authentication is done by LADP process. Changing of the software or document on the database server will not be allowed. When want to upload or share folder within enterprises, authentication of biometric process of fingerprint should be used. But sharing data within enterprises can only be done by head of the department. For more secure-need departments such as Financial and Administrator, authentication of security token will be used when accessing the information. For server room and other department room, smart card authentication will be used to enter the room. According to the changes of level of security al all time, the authentication process will also be changed to be more secure and flexibility. 3.3 Firewall Firewall technology is first introduced in 1990 and it improves sustainably and nowadays it is really essential technology for network infrastructure. The early firewall is pocket filter firewall improves to nowadays it can filter all networks layers. Firewall technology is used in companies even in home where use internet from Internet Service Provider (ISP). For firewall that is often used in network can control the network traffic and security posture. Nowadays, the network environment is defined by context of internet connectivity and IP address. But the computer that does not have any network can also use firewall. For instance, the enterprise that does not connect to internet also uses firewall to restrict the information going in and out of the internal network or more simply intranet. If company installs the firewall properly or has proper firewall environment, it will have more secure than others which do not have. To define the different firewall platforms, its different ca pabilities can be compared in term of Open System Interconnect (OSI) layers which has seven layer The OSI Model is the abstraction of network and network devices and show how the computer system communicate within the firewall. Layer 1, labeled Physical, shows the actual physical communication hardware and media such as Ethernet. And layer 2 represents the layer at which network traffic delivery on Local Area Networks (LANs) occurs. Layer 2 is also the first layer that contains addressing that can identify a single specific machine. The addresses are assigned to network interfaces and are referred to as MAC, or Media Access Control addresses. An Ethernet address belonging to an Ethernet card is an example of a Layer 2 MAC address. Layer 3 is the layer that accomplishes delivery of network traffic on Wide Area Networks (WANs). On the Internet, Layer 3 addresses are referred to as Internet Protocol (IP) addresses; the addresses are normally unique but in circumstances involving Network Address Translation (NAT), it is possible that multiple physical systems are represented by a single Layer 3 IP address. Layer 4 identifies specific network applications and communication sessions as opposed to network addresses; a system may have any number of Layer 4 sessions with other systems on the same network. Terminology associated with the TCP/IP protocol suite includes the notion of ports, which can be viewed as end points for sessions: a source port number identifies the communication session on the originating system; a destination port identifies the communication session of the destination system. The upper layers (5, 6, and 7) representing end-user applications a nd systems, are shown here for illustration purposes only. The first and basic firewall is pocket filter firewall which can control the functionality of for communication session and system address. This is done by the rule set which control the functionality of access control. Basically this fire mainly work at the layer 3 (Network) of OSI model. The second firewall is Stateful Inspection Firewall which is modified by the addition of the layer 4 (Transport) of OSI model, in short adding TCP/IP protocols which make the firewall processing difficult. The next one, Application-Proxy Gateway firewall is formed by combination of lower layer and upper layer (layer 7- Application) of OSI model to control the passing of the packet by software-control. As different types of firewalls have different advantages and disadvantages, for fulfill the users needs, nowadays used hybrid firewall technologies to get more secure and advanced protection to support the datagram of the user. For Philadelphia Inc, it was attacked severely by some kinds of network virus and thus the IT head makes ma draw a network diagram to support the companys needs. In Philadelphia Inc, there are 13 departments, above mentioned, and thus more than 1000 computers are in. The each of the departments is in each one floor of 15 storied building, and thus the wireless internet access can be used without being confused. For the security of Inc. the firewalls are used and antivirus program, Norton, will be used and also boundary pocket filter is used. For more understandable, please refer to the networking diagram. From the figure, the internet got from Internet Service Provider (ISP) in fig is filtered by Boundary pocket filter which is also called Boundary Router prevents the Denial of Access, and other attacks. Another reason is it can improve the speed and flexibility and it can filter the traffic of network which is sometimes used by attacker to flood. In summary it can control any attack that takes advantages of weakness of TCP/IP. After filtered, the internet will be again scan by main firewall which can also protected from access of any attackers and also virus. Before distributed to departments, it is again filter by internal firewall which can again filter any threats that are not protected by main firewall. After scanning, it will be distributed departments, clients. For internal DNS Servers, they are linked via optical cable to get access from one department to another so that information can be transferred without delay. For executives, they will get the internet access directly from External DNS Server through internal firewall to reach internal DNS server to arrive the executives office. This is because they will even get the internet access although departments do not get the network access. The most common firewall environment implementation is known as DMZ network or DeMilitarized Zone network, which has two or more firewall that are connected in only network, which is most common in enterprises network. DMZ network can employ the departments to access the information externally or internally, which is common in Virtual Private Network (VPN). But it can also provide the attachment of network to be easier accessing to information from one department to another. However, it should not be placed outside or network that has only one firewall as it can provide clients to access information easier and thus attackers can easily penetrate it. Therefore, this is placed between firewall and router. In all internal and external, antivirus program and other preventing programs will be used and thus they will scan all incoming and outgoing information to be more secure and trust. Although the main DNS server will be placed in IT and Sever Controlling Department, other internal DNS servers will be in each department. For each of departments sever technicians from IT and SC Department will always check for performance and other essential things. The access point will be places in the centre of each floor so that all clients either on right or left will get the internet access For servers, technicians will maintain once a week for all servers in the Inc. to be better performance. And they will also backup all essential information in some kind of median, especially in database server. All information will be back up in database server so that if something happens to clients, information can be gotten from database server. 3.4 Virus Protection Virus which can get into your computer in many forms such as sperm, Trojan and many others is protected by antivirus (anti mean opposite) program. Thus what does antivirus do? Antivirus program scans the computer hard disk to search the virus. But before you search your computer with antivirus program, you should firstly update the your antivirus program definition or signature to ensure to get the threats in the computer which are released by latest model. For Philadelphia Inc, Norton Internet Security will be used. Norton is one of the most famous and trusted program in the world. Moreover, Norton can catch the latest virus in a short time. Thus, to prevent the data in Inc, the most trusted antivirus program, Norton Internet Security, will be used. About Norton Internet Security 2010 The Norton Internet Security can proof its security by various awards that it got during 2008. The Norton Internet Security contains all antivirus things and other essential things that need for internet users. Therefore, although the Norton Antivirus and Norton Internet Security are produced by the same cooperation, Symantec, the Norton Internet Security is more suitable for users who have internet and network access as it contains full protection of internet and network. Features of Norton Internet Security 2009 In Norton Internet Security, the key technologies are really the needs of customers. It can fulfill the customers needs and desire. The key technologies are Antivirus Spyware protection, Two-way firewall, Identity protection, Antphishing Network security Botnet protection Rootkit detection Browser protection Internet worm protection Intrusion prevention OS and application protection Web site authentication Pulse updates Norton Insight SONAR behavioral protection Antispam Parental Controls confidential information blocking In Norton Internet Security 2010, the features that won over the other programs are uncountable. Among these, the first one is Engineered for Speed. The Norton Internet Security scan all hard disk and network in a minute and catch the virus to maximum amount as it uses the Norton TM Technology of Intelligence-driven. The second one is that it is really to download updates in a minute and downloads will do automatically for 5-16 minutes so that the most popular virus and antispam and other vulnerability cannot be accessed. The next one is securing network, spam blocking and parental control so that the Norton Internet Security has no security hole. Another famous feature is SONAR (Symantec Online Network Advanced Response) which can detects threats and proactively found unknown security risk on your computer. It can detect virus and other malicious things in a second. When the threats or others are found the warning message appears in the left corner of the computer screen Therefore, no sooner did you use removeable disk, you do not need to scan manually. Norton will scan automatically and will show the warning message to know user the security risk had been removed. Another feature is that computer system performance can be checked by clicking Flip Screen on the Norton interface so the interface will flip to show the computer performance graph Another feature is Norton Insight Application Ratings. From help file of the Norton Internet Security, Norton wrote about the Application Ratings as below. The Norton Insight Application Ratings feature allows the smart scanning of files on your computer. It improves the performance of Norton Internet Security scans by letting you scan fewer files without compromising the security of your computer. A Norton Internet Security Scan can identify threats on your computer by following ways: The Blacklist technique At regular intervals, Norton Internet Security obtains definition updates from Symantec. These updates contain signatures of known threats. Each time when Norton Internet Security obtains the definition updates, it performs a scan of all of the files that are available on your computer. It compares the signature of the files against the known threat signatures to identify threats on your computer. The Whitelist technique Norton Internet Security obtains specific information about the Files of Interest and submits the information to Symantec during idle time. The information includes such things as file name, file size, and hash key. Symantec analyzes the information of each File of Interest and its unique hash value and provides a trust level to the file. The Symantec server stores the hash value and trust level details of the Files of Interest. The server provides the details immediately after you open the Norton Insight Application Ratings window. Even the slightest modification of the file causes a change in the hash value and the trust level of the file. Typically, most Files of Interest belong to the operating system or known applications, and they never change. These files do not require repeated scanning or monitoring. For example, Excel.exe is a file that never changes but you always scan it during a normal security scan. Source: From Norton Internet Security 2010 Help About Application Ratings Another is Network Security Map. In this map, all computers and their security status are shown in separate computer picture labeled with computer name. It can also show the remote connection In Norton Internet Security, it contains smart firewall and other network essential things to scope the users needs. Since Norton possesses the famous name and have a strong production of network and others that are needed and suitable for either personal users or enterprises-level users. Therefore, to be more secure the Incs network, famous and most trusted Norton Internet Security 2010 must be chosen. The following figure shows networks setting. Note: At the time of writing this assignment, Norton Internet Security 2010 is only beta version. 3.5 Accessing the Internet Internet is the network which is a set of combination of networks that cover all over the world. As there is internet in the world, we can know the news or events that occur in one part of the country can be known from the other part of the network. Thus nowadays, internet is more and more popular. In accessing internet, there are three basic types. They are Mail only: This allow you only to use mail send and receive but by this mail gateway, you can access to FTP, HTTP, Gopher and WWW but only text only and non-interactive. Shell account: This let you to get access into another computer which is also connect to the internet. Direct account: This is the ultimate form of internet which can get the internet access directly from the internet service provider to get access the internet in your computer. Although there are many types of computer access, many computers get access to the internet by directly plugging into the LAN, WAN or leased circuit but such internet needs gateways and access points which can cost. For home user, they access the internet by dial-up type, which is use phone line and modern and call the Internet Service Provider (ISP) to get the internet access via phone line. In Philadelphia Inc, internet connection is spreading through the company via wireless which does not need to plug in or to use wire to get access the internet. When there are so many departments and computers in Inc, cable internet access cannot be suitable and thus wireless internet is used. Task 4 Acceptable Use Policies 1.Executive Summary This policy is mainly emphasis on restricting the staffs behavior to protect the Philadelphia Inc. databases and information. This policy is address to privacy of staff and data integrity of Philadelphia Inc. 2.Scope This policy will apply to all staff, temporaries and all people who access to the Inc Network. It also apply to all computer that is used and administrator by Inc. This policies is to get more secure network and restrict the behavior. 3.Responsibilities The below responsibilities are all concerned with all staff in the Inc. When access to the data and program and network of Inc, it is firstly know that there will not have any expectation of privacy of users as all users-watched webpage or email or even Instant Message will be check for incs copyright product information and other plan which will start in soon future. Users are prohibited the unlawfully installing, using, investigating, storing, uninstalling on incs computers or administered computers. You want to install software you purchased, you should contact administrator providing the license and other evidence that your program is not under law. Users should have responsible if you access the data by easing or modifying which is not user. But this kind of action strongly prohibited if the other person do not have prior notice. If you want to do this kind of action you should first authorization to get access. Users should know that all data in the Inc. is purpose of business and references only. It is permitted for personal use, if it meets the criteria below; Does not create security or legal risk to Inc., Does not interface with work productivities, Does not save data in removable devices for illegal purpose. 4.1 Policy for Access the World Wide Web (WWW) Staff should not visit the webpage that are not concerning with the organization. It is your responsibility if something happens to computer or Incs network. Staff should not use web-based mail from the Incs network as many viruses can get into the organization infrastructure. It is strongly prohibited to use personal email (more detail in Email Policy). When you want to download some documents or software, firstly you should check your downloaded website is secure or not. If firewall does not allow downloading your file as it can contain some kind of threat by scanning the downloaded file, dont attempt to off the firewall and start your download. You do not have any permission to do such a dangerous action. You have limit time access to internet in the work time but you can reach the internet during break time or in over working time. You cannot visit or download any kind of pornographic website or other immortal, ethnical and illegal and also including the sport website under any circumstances. Doing such action can lead the disciplinary actions or up to termination of employment. All staff activities on internet will be logged to check individual in future to know what kind of websites visited and it will check any privacy matter such as web-based mail to know whether you do the restricted action or not. No offensive or harassing material must be made via Incs network. And also no personal advertising should be made. This internet access is mainly emphasis on the business purpose and staffs enhancing global communication only and not for personal use or purpose. All data and information that is critical to Inc should not be transferred to the outside or other competitive companies. Anyone found done that kind of action must be fired at once. Disciplinary Actions If someone found breaking or broke the above policy will have strong action according to its action, whether it is critical or not. Actions including termination of employment, dismissal of intern and volunteers and termination of employment relation in the case of contact consult or employment. Additionally, individuals are subject to Philadelphia Incs Information Resource access privilege, civil and criminal prosecution. 4.2 Electronic Mail Usage Policy Scope The following policies are established to appropriate use of electronic mail that is occupied by Inc. Policies The purpose of email establishment in Inc. id for using in business purpose only and email cannot be used personally. Incs confidential information and files and other related things must not be shared outside of the Incs area. Being done that kind of action will result in the termination of employment. You should keep in mind when you want to forward email not concerning with business to your family, friends or relatives; you firstly need to consider that you are wasting the businesss invaluable time. You should not use Incs email account to forward or read pornographic or any sexual letter which can be addressed according to sexual harassment policies of the city and state. All personal email, non-business email, must not be forwarded or sent using business email account will get the disciplinary action up to termination of job. This companys email is not own of staff and staff cannot have expectation of ownership of email. The Inc has right to modify, delete, clear and block the email that sent via Incs email account. Therefore all staff from the executive to the lowest level of Inc should be communicated in ethical and acceptable manners. Subscription to any non-business relation things should not be done in company emails account as this purpose if for company use only. But it will be allowed if subscript to business concerning things such as book or newspapers or something else. E-mail chain letters are not to be originated, forwarded or otherwise distributed using any City resource under any circumstances. An e-mail chain letter is defined as any message sent to one or more recipients that directs the recipient to forward it to one or more other recipients and contains some promise of reward for forwarding it or threat of consequences for not doing so. You should know that all of your information that sent or received in Incs account can be check as the Inc has the right to do such things by specific IT staff. Therefore, you should keep all of your private data in your own computer only not in the organizations computer. Disciplinary Actions If someone found breaking or broke the above policy will have strong action according to its action, whether it is critical or not. Actions including termination of employment, dismissal of intern and volunteers and termination of employment relation in the case of contact consult or employment. Additionally, individuals are subject to Philadelphia Incs Information Resource access privilege, civil and criminal prosecution. 4.3 IM and Chat Policy Scope To use the Instant Messaging (IM) as an effective communication of staff of the organization, the follow policies are established to be followed strictly Policies The organization Instant Messaging is for purpose of communication between staff and customers, in short for business purpose only and not for personal use. This is also applied to chat room. When you communicate with customers or within each staff, you should not use any harassed words that can reduce the other persons standard. In chat room, you should not write any things concerning with sexual activities or other rude sentences. You should not write or say any confidential information of the organization as in the IM and chat room, all written information can be copied. This kind of action is strongly prohibited. When you chart with other people, you should consider the other people time and thus dont talk too long, it means that you are chatting during work time. You should not also talk political and other things, tasteless jokes, etc, in the IM as you are wasting the other persons invaluable time. Disciplinary Actions If someone found breaking or broke the above policy will have strong action according to its action, whether it is critical or not. Actions including termination of employment, dismissal of intern and volunteers and termination of employment relation in the case of contact consult or employment. Additionally, individuals are subject to Philadelphia Incs Information Resource access privilege, civil and criminal prosecution.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment