A GUIDE TO
Keep the doors locked
Connecting a network to the Internet opens the doors
to the interconnected world. Networks have to be protected from
hackers, malicious attack and other unauthorised access. Firewalls,
perimeter security and intrusion detection systems are essential
to any enterprise security system to prevent unauthorised access.
Know who users are
Allowing access through the firewall to known
personnel is required if business communication is to use the
Internet effectively. The management of these connections forms
a major part of the enterprise security policy. The key security
issue is authenticationknowing who users really are.
Don't say anything
Using the public Internet for business communications,
browsing, e-mailing, establishing Intranets or extranets all expose
data to threat. Only by encrypting connections can data be guaranteed
to be kept secret.
Encryption has developed to stay ahead of the
technologies used to crack codes. The strongest levels of encryption
now render the task of cracking it almost impossibleand
certainly never at real time data transmission speeds.
Controlling content in and out
Not all data transmitted and received will be
appropriate to a businessindeed, some may be dangerous
or illegal. It's essential that any security policy builds in
the ability to protect the corporate network from both malicious
virus attack and deny access to inappropriate material like pornography.
Virus protection software and content screening
systems have developed to high levels of sophistication and offer
peace of mind for the secure enterprise.
A corporate level Internet connection generates
a lot of extra traffic. Though costs are falling, demands on available
bandwidth still need managing. Software solutions are available
to manage traffic flows, and to assign priority at various levels
to data and applications.
Users and their machines also need to be managed.
Internet connections are based on IP addressing, and pose many
management problemsespecially with mobile and remote users.
Extending the network
Virtual Private Networks (VPNs) exploit the
potential of an Internet connection to the highest level for business.
A well-designed VPN will significantly cut communication costs
and improve business potential. However, the OPSEC Alliance is
becoming the accepted interoperability standard throughout the
industry. Its members include all the major vendors and its scope
covers all aspects of network security. With more than 200 members
producing OPSEC-compliant products that are guaranteed to work
together the choice of additional or upgrade components is being
made easier and safer.