Authors: IGN Mantra - detikINET
Jakarta - An organization can have two or more than one site or where each site has their own network. When a large organization, it is very possible these sites have network administration, differentiated according to specific purposes.
If any of these sites are not connected via the Internet, each site may have their own security policy. However, if these sites are connected through the Internet, the security policy should include the goal of all sites connected to each other.
In general, a site is part of an organization that has multiple computers and resources connected to the network. Resources such as:
* Workstations and Laptops
* Computer as a host or server
* Interconnection: gateway, router, bridge, repeater
* The software applications and networks (NOS)
* Network cables
* The information in files and databases
The site's security policy should also pay attention to security to these resources. Because the site is connected to another network, the security policy must consider the needs of all the interconnected networks. It is important to note because of the possibility of site security policies can protect the site, but harmful to other network resources.
An example of this is to use IP addresses behind the firewall, where IP address is already used by another person. In this case, the infiltration can be made to the network behind the firewall to perform IP spoofing. For the record, RFC 1244 discusses in detail the security of the site security.
Network Security Policy
Security policies provide frameworks to make specific decisions, for example, what mechanism will be used to protect the network and how to configure the services. Security policy is also the basis for developing a secure programming instructions to be followed for a user or system administrator. Because of these security kebjikan covers a very broad discussion, it is currently the only core issues will be discussed only and will not discuss things in terms of technology-specific.
A security policy includes the following things:
1. Description in detail about the technical environment of the site, the applicable law, the authority of this policy and the basic philosophy for use at the time of interpreting the policy.
2. Risk analysis that identifies the site's assets, threats faced by those assets and the costs for damage / loss of these assets.
Third. Instructions for system administrators to manage system
4. Definitions for the user about the things that should be done
5. Instructions for a compromise to the media and the application of existing law, and decide whether to track the intruder or will shut down the system and then restore it again.
Factors that influence the success of the security policy include:
* Commitment from the network manager
* Support the technology to implement security policies
* The effectiveness of dissemination of these policies
* Awareness of all users of the network to the security network
Computer network administrators manage network security responsibilities, providing training for personnel who served in the field of network security and allocate funds for network security. Which includes the technical choices that can be used to support computer network security, among others:
1. Authentication to the system
2. Audit systems for accountability and reconstruction
Third. Encryption to the system for critical data storage and transmission
4. Network tools, such as firewall and proxy
Supporting Practical Matters
Below are the practical things that need to be done to support the security of computer networks, among others:
* Ensure all accounts have passwords that are difficult to predict. It would be better when using OTP (One Time Password)
* Using tools, such as MD5 Checksums, a cryptographic techniques to ensure integrity of system software
* Use secure programming techniques when creating software
* Always be alert to the use and configuration of computer networks
* Check regularly whether the vendor has a repair-improvement on the latest security holes and always keep upgrading the system to the security of always having
* Check regularly documents and articles about the dangers of on-line security and mengatasiny techniques. Documents and articles like this can be found on sites owned by incident response teams, such as CERT (Computer Emergency Response Team - Computer Security Incident http://www.cert.org and Response Team - http://www.CSIRT.org)
* Auditing systems and networks and regularly check the log lists. Some sites are experiencing security incidents reported that the audit is collected minimal so it is difficult to detect and track intruders
*) The author is IGN Charms, Senior Analyst Network Security and Traffic Monitoring Internet ID-SIRTII, as well as Network Security and Cyber Lectures, can be contacted at email: mantra@idsirtii.or.id.
No comments:
Post a Comment