Results 1 to 2 of 2

Thread: How to implement Network Security Policy

  1. #1
    Join Date
    Nov 2005
    Posts
    344

    How to implement Network Security Policy

    Network Security Policy is a concept which defines controlling, managing and controlling your network. A network can be group of some computers or server or even bigger than that. It can be inside your office premises or on the web. For every thing it is today considered to keep a watch. Protection is important part which we ignore mostly or just reply on 3rd party devices. Basically we are satisfied with ready to use services that are received with the existing software or hardware. But do we really know how all those stuff work. No not at all. Today computers are not just a part of desktop system of lan, but it is can be a door to data centers. Taking the advantage of vulnerabilities attackers penetrate and cause losses. In such cases you must understand and deploy a strict network policy for your network. Network Policy is a kind of outline of your network access which shows how the architecture of your network works. How the security environment works and how it can protect you and your network. It is a written document which is safeguarded and used over time to time and upgraded.

    You can also adopt any ready to use security policy if you do not want to invest your time and money in creating your own. But for Enterprises they prefer to begin from scratch. Security policy helps you to keep your users protected and also keep the unethical guys away. The first step to begin working this is to understand and learn how to make a security policy, what can be damages if you do not deploy and how much protection is provided under this. To write a security document needs a better skill to understand the network architecture. As the technology keeps on changing and it become more advance, the threats are also increasing. We just cannot stay unaware about this. Because a simple mistake can create big losses. Computer security threats are not uncommon.

    They are too increasing day by day. There are many threats in the from of virus, worms, which are not hidden and they are free on web. They can enter your system in the form of attachment or updates without your knowledge. Recently many systems were infected with malware due to Activex updates. This was later on fixed. This is web based threats. Let’s talk about inner threats. Usage of removable media, infected systems, pirated software, etc is the most common issue. Every enterprise needs to connect to web and expand its business opportunities in a cleaner way. A security framework defines certain rules which are also called as policies. Everyone has to follow the same and many risk are avoided under this. Right now you might be on a network which is accessed worldwide. Are you enough sure that this is too safe to us. There are different kinds of vulnerabilities which cannot be detected easily. There are many malicious tools used by people and unsecured systems are easy target.

    Many of us are thinking that does there is a need for security policy if my system is secured behind a power hardware and a team to manage. In my views yes. A network security policy defines the usage of network in a enterprise and how to respond on attacks. It is a kind of foundation for your IT section which is also an asset. You cannot just rely on the network admin to take care of stuff. Once the polices are defined everyone tends to work under those only. Before establishing a network policy it is recommended that you study the risk involved. To protect against hackers you must know the possibilities of attacks and appropriate solutions to defend them. There are many things which are counted under security policies. Some of them are:
    • Finding the material to be protected. They are hardware, software, data, people, etc.
    • Finding the possible attacks from hackers. This can be done through various programs like virus, Trojan, worm, etc.
    • Finding causes of corrupt data which can occur on the lan over network.
    • Finding the location of infected system and method how to deal with the same.

  2. #2
    Join Date
    Nov 2005
    Posts
    344

    Re: How to implement Network Security Policy

    Measure to be implementing in the Policy

    Now this are some of the measure which I am listing here. This measure consist of all those methods that you can insert in your Security Policies. You can add or remove as per your need. It is important to read and consider them all as all of them are related to more security. The more measure you add the more extensive your policies are the more secure you stay. It is best for enterprises and mid sized business that needs to implement this. There is also no need to buy specialized service for the process. With some research and reading you can be ready to make your Network Security Policy. Remember that the points should cover your entire network. Not just a part. It is important. You cannot just make one part secure and leave others as they are not important. Many intrusions or attack enter your system because of unauthorized users. Or sometime even authorized users.

    Security Measure for Network Security Policy

    User authentication: This is the first level of security to be taken into account when you are working on LAN. This is the local network of your office. Any users who wants to access the local resources and networks must be identified with a username and a password. No one should be allowed to use anonymous logins. Every user should be defined and divided on the base of number of groups. Password must be strong enough which cannot be guessed easily. Password expiry date is necessary so that password keeps on modified and same is not used. This is helpful in case of leaks. Data encryption and network monitoring is another important step to carry out. Set the timeout settings, so that if a system is idle for sometime the connection should be terminated.

    Permissions: To make your security policy more effective, there must be proper access rights divided on the base of different users and their groups. The standard installation of operating systems is not secure in itself. To make it secure it requires doing some manipulation. There are some key points that you must understand to make it secure. Atleast you can try to achieve a minimum level of security. First user’s rights should be bifurcated on the base of permission. It is necessary to encrypt the files and data which are most vulnerable to attacks. Important files like system files, registry, etc should be blocked and no one except the administrator should have the rights. Users must be prohibited for making any changes to system with installation or modifying data. Block the users to use dos commands or registry files. Block the users to execute .exe files. Block the user to make changes to configuration settings from control panel.

    Access Rights
    : Under this you must define rights on the base of user groups. Like the users who will just logon and use system should only be allowed to do that. No extra privileges should be allotted to them. On the same domain controllers or printer controllers should have the prescribed rights on the base of their work. Access permissions (read, write, listing, execution, etc..) Files and programs must be thoroughly investigated and installed. It should in checked that no one must get the right to install programs, system files backup, account creation, opening sessions on the terminal server, unauthorized users.

    Port Configuration : There are many ports in a system which are set open and user never care to block them. This ports on system are used by software and hardware to communicate. Same ports sometime are used by virus, Trojans, or attackers to access the system. The attacker can plant a vulnerability in your system which can create a which can listen port and set the open one for attack.

    Security Software : It is also important to invest on a proper security software which can provide you a complete security over the network. Establishing important audio policies helps you stay more secure and a regular backup allows you to keep your system data safe and easy restoration. Firewall is another important concept to understand. Because you might need some services which must work on the background and for that you will have to tell the Firewall to unblock it.

    The objectives of the network security policy are to establish policies to protect networks and computer systems misuse. Mechanisms of Network Security Policy will assist in identifying and preventing abuse of computer systems and networks. The Network Security Policy provides a mechanism for responding to complaints and questions on real networks and computer systems. The Network Security Policy with mechanisms that protect and meet legal responsibilities to their networks and computer systems connectivity to the global Internet. Mechanisms of Network Security Policies support the objectives of existing policies. Responsibility for security of computing resources rests with the system administrators who manage those resources.

    Computing and Networking Services reports the results of scans that identify security vulnerabilities only to contact departmental system administrator responsible for those systems, the Computer and Networking Services relative vulnerability scans are repeated on multiple the departmental, if identified security vulnerabilities, commitments or schedule of compliance failures judged to be a significant risk to others and have been reported to the relevant system administrators are not addressed in a timely manner, computers and connectivity to the Network Services can take action to inhibit the network access to systems and / or devices until the problems have been rectified.

Similar Threads

  1. Domain security policy error
    By venkia9 in forum Active Directory
    Replies: 5
    Last Post: 16-05-2012, 12:31 PM
  2. What are the components of Security Policy?
    By Kallola in forum Networking & Security
    Replies: 4
    Last Post: 25-12-2010, 09:17 AM
  3. Computer safety by security policy
    By Calusa in forum Networking & Security
    Replies: 5
    Last Post: 30-03-2010, 11:57 AM
  4. How to implement Network Address Translation
    By Sharanya in forum Networking & Security
    Replies: 5
    Last Post: 14-03-2010, 12:00 AM
  5. WinXP SP3 - Local Security Policy
    By Dhananjay in forum Windows Security
    Replies: 3
    Last Post: 28-07-2008, 08:56 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,672,155.44972 seconds with 17 queries