subject: Essential Part Of Layered Security Strategy: Internal Defense [print this page] HC Network Security Layered security strategy is a good idea. At this point, we are not divided. But with what kind of layered security strategy to achieve a truly effective security, the issue that we need to be discussed. In fact, the problem is need to look at the actual network Environment Situation, different types of environmental differences in the demand is great.
Layered security strategy to ensure frequent and effective when a mistake is to focus on border security. The safety of avant-garde Expert Claim that security is no theoretical boundaries more and more sought after, but the reality is: the existence of border security, but security is not the most important boundary. Layered security strategy needs to be addressed is the overall system security, not just border security.
The present era, Firewall Can no longer effectively protect the network transmission of data secure. Network has achieved the always-on, the system as an integral combination of an organic whole, to find the boundary has become less realistic. This case, the overall degree of choice from all the security measures for system protection is a wrong approach. Departments and various business uses a network needs its own protection measures, or even need further cross-protection.
To ensure that the border is not being malicious network infiltration is an impossible task. Wandering around the local people use notebook computer's wireless devices can access the network to find other types of wireless Network Security Destroyer, similar to the norm? Ecker attack type of illegal access to network resources in the fun or malicious activities (at least in theory, it is possible), and the staff did not pay attention when making network connections or neglect safety requirements, these behavior will bypass the traditional border security threat to network security. It is in this regard because, with layered security strategy of the time, should not only concern and how to prevent the threat, but also should provide an effective method of dealing with irregularities in order to lead to information disclosure for some reason the time to do possible to ensure the security of confidential data and equipment.
This regard, the most common mistake is to spend a lot of time and energy, using a variety of encryption and Certification Measures to ensure border security other than the data transfer process, it assumes that the process of data transfer within the network must be secure. In fact, even in nominally claim to be totally reliable network, we should make use of existing IT Equipment protection. In other words, even if the network should be trusted and should be treated as untrusted, it is not safe, just like the Internet itself than the security a little better. We should take measures to include, but are not limited to the following areas:
Local system to connect to the network time, login process should be protected, after all, like in a cafe environment access to the Internet via public wireless networks the time does not exist border security measures. Each system must use a firewall, turn off unnecessary services, will set the minimum necessary services under the authority, minimize the possibility of loopholes. Even if you think no one can break the time the local network, it should do so.
Users in the use of time within the network equipment must be safety certified. If Hacker Control of a system within the network, then usually it is one that contains a Web browser, e-mail and instant messaging tools to communicate with external networks of desktop systems, he or she may be able to use its network to attack in other systems. If the access time for the mail server requires a secure authentication, then it becomes difficult for the virus transmission platform has become bigger; If the file server requires secure authentication, then the possibility of data theft will decline; if the firewall is set safety certification, then it is an opportunity to re-allow access to the Internet very much. As part of the required safety certification, and only passed the safety certification of the system will only be allowed for remote connections.
For the network equipment to provide security and disaster recovery capabilities, for example, as a full review of data and backup server, should not be subject to attack from external or internal threats. Log Server should only be recorded, not broadcast information; backup server will not allow other systems copy data from here, and delete operations; data should not be a complete review of the server may lead to a complete review of operations affected by the data system control.
The exchange of information within the network should always be encrypted. If the user is using a router / firewall level network user interface, you should select the Secure Hypertext Transfer Protocol encrypted connection. If the user Unix systems using the designated command line processing, then it should use OpenSSH, rather than specify command-line remote processing or other types of non-encryption tools. Network file sharing should be specified using command-line security processing file system that contains a powerful and has gone through a peer review of the encryption algorithm, instead of using no encryption, encryption is always part of the effect of very poor or encrypted network file system or server Message Block / Common Internet File System sharing mode.
Like a boxer in the game of the time required to bring teeth tooth device to ensure the security, not just withstood heavy blows from the opponent as to be successful, you should ensure that the entire network by the the inside of the comprehensive security, use of existing IT equipment to prevent or bypass the border from infiltration unexpected security threats.
Essential Part Of Layered Security Strategy: Internal Defense
