Network Security Considerations.

Network security needs to be defined preferably using a Security Policy. The security policy document is a comprehensive document covering areas of security preparation, prevention, and response. Security

policy preparations:

Security policy preparation include creating of usage policy statements, risk analysis, and security team formation. The risk analysis should identify the risks to your network resources including physical devices, and data. The classification of risks is done ( e.g. low risk components, high risk components etc.) and appropriate security measures taken. Next step in security policy preparation is establishing the access levels such as super admin, admin, backup operator, user etc. By assigning appropriate resource access levels restricts access to critical resources only to authorized personnel. Firewalls, proxy servers, gateways, and email servers need to be given highest levels of security.

Security policy implementation:

The security policy team is responsible for implementation of security provisions. The security provisions typically include the following:

  • Firewalls, proxy servers, or gateway configuration

  • Access Control Lists (ACLs) formation and implementation

  • SNMP configuration and monitoring

  • Security hot fixes to software of various devices, operating systems, and applications.

  • Backup and restore procedures

Security Response:

Should any security breach occurs, a response should be implemented by the security team. A security response consists of identifying the security violation, implementation of remedial action, review, and documentation. Typical steps include the following:

  • Isolate the violation and prevent further spread

  • Take evidence of the violation before initiating a corrective action. Otherwise, the evidence may be lost, and you would not be able to identify the origin of the violation.

  • Contact local police or government agencies and report if necessary

  • Test the system for remedial action, and document.

Restoration:

Once the security violation is investigated and documented, restore the system according to the accepted restoration procedure.

Firewall security