To secure your network from invasion you need to setup a defense. This defense
can be hardware, software, or both. The main player in this defense is called a
firewall. You can get a firewall either in your hardware, such as
programmed into a router, or with software, such as a program. Either or both
will monitor traffic from outside your network that is inbound and traffic that
is inside your network that is outbound. Your highest security lies in using
both the hardware and the software. I recommend both; the hardware firewall is in non
volatile memory and can not be hacked. The software is on your side of the
hardware and is less venerable to a hacker. The part of the firewall that does
the monitoring is called a rule. You or your system administrator will create
the rules that allow only certain types of traffic through your firewall.
Example:
Let’s say you have a business and you have five employees, one day you get a
call from you ISP (Internet Service Provider) that someone from your local
network has been doing something that the ISP prohibits. You could fire
everyone, or you could ask the ISP what port the offending service is using to
access the Internet. With the port number you can write or create a rule that
will turn the port off and not allow any traffic inbound or outbound. If you want to know who is the
employee that is putting your business at risk you can use the same rule to
track the ip address of the offending computer.
Hardware Security -
For hardware security you can start with your workstations and or servers. Items
that increase your security included but are not limited to:
Secure Card Logon
Encrypting the hard drives in the computer system
Requiring user id and password to access the system BIOS and hardware.
For your network you can start with your hubs or switches.
Require user id and password to modify parameters.
Use of a router that has the firewall as part of the non volatile memory
that incorporates NAT (Network Access Translation) rules to increase the
security of your connection to the Internet.
Securing all devices behind locked doors at all times,
controlling access to the devices is a must. Allow only authorized personnel to
access the devices. This will preclude an intruder from accessing the device or
someone with out the required knowledge or security clearance from changing the
configuration of your prime defense against intrusion or theft of your data.
This site contains a lot of information. As
with any publication not all information is available due to space, time, or
subject constraints.
If you have a question that you did not find the answer
on this web site you a can
ask your question here and we will endeavor to get you the most up to date
answer possible!
