A company’s network serves the purpose of delivering information to all employees as fast and as easily as possible. However, the information that is delivered through such an Intranet has to be secured against attack or misuse from outside the organisation as well as from inside the organisation. Since the need of security always conflicts with the need of fast and easy information access, e-Fence has to decide what level of security is appropriate for different types of information.
Of course, total security can never be provided but a company has to consider several threats to its Intranet. These threats include physical threats (e.g. theft or damage of equipment), natural disasters (e.g. damage due to lightning or earthquakes), mechanical breakdowns, viruses and Trojan Horses, and people from outside or within the organisation attacking the network. (Baker, 1995, pp. 7-9). E-Fence has to mitigate these threats with a well-planned security policy.
Table of Contents
1 Introduction
1.1 How much Security does a Company Need?
1.2 Procedure and Analysis Objectives
2 Products and Techniques to Enhance Security on e-Fence’s Intranet
2.1 What Security Services have to be Provided?
2.2 Anti-Virus Software
2.3 User Management
2.4 Monitoring and Auditing
2.5 Hardening the Operating System
2.6 Firewalls and Proxy Servers
2.7 Web Server Restrictions
3 Management and Generation of Performance and Security Reports
3.1 Intrusion Detection Systems
3.2 Logging
3.3 Network Administration and Management Tools
4 Secure Document Management Procedure
4.1 Document Management System
4.2 Cryptography Service
4.3 Authentication Service
5 Guidelines for Cost Effective Security Implementation & Management
5.1 Free Measures to Increase Security
5.2 Expensive Products to Increase Security
6 Conclusion
Objectives and Topics
This report aims to evaluate and define a robust security policy tailored for the e-Fence Corporation Intranet. The primary objective is to identify appropriate technical solutions and administrative procedures that mitigate security risks while maintaining operational efficiency, specifically focusing on protection against unauthorized internal and external access.
- Technical security solutions for network infrastructure (Firewalls, IDS, Proxy).
- Methods for server performance monitoring and security auditing.
- Secure document management strategies and versioning.
- Cost-effective implementation guidelines for security protocols.
- Risk mitigation through system hardening and user access management.
Excerpt from the Book
2.4 Monitoring and Auditing
A good logging system is essential for the protection of e-Fence's network. Especially all activities on servers should be saved in log files. These log files can be used to determine whether an attack has happened and sometimes can even uncover the attacker's identity. However, it is very important to secure log files themselves against attackers to prevent the attacker from deleting them, manipulating them, or stopping the logging mechanism. Therefore, log files should be kept on separate machines, be encrypted, and should be stored in multiple places. Furthermore, the system should produce a warning automatically when the logging function has stopped unexpectedly (Wadlow, 2000, pp. 122/123). Common logging mechanisms are Syslog and Simple Network Management Protocol (SNMP), which are both available on different platforms.
Of course logging alone does not help. Log files must be analysed regularly to determine if attacks have happened and to identify weak spots. Looking at traffic, anomalies in the traffic, and divergences from normal traffic patterns can do this (Wadlow, 2000, pp. 255/256). Furthermore, suspicious events should cause an automatic alarm.
Summary of Chapters
1 Introduction: Provides the motivation for network security and defines the scope and objectives of the report.
2 Products and Techniques to Enhance Security on e-Fence’s Intranet: Details various technical components like antivirus, firewalls, and server hardening essential for network defense.
3 Management and Generation of Performance and Security Reports: Discusses the implementation of IDS, logging mechanisms, and management tools to oversee network integrity.
4 Secure Document Management Procedure: Examines document management systems and cryptographic services to ensure data confidentiality and authenticity.
5 Guidelines for Cost Effective Security Implementation & Management: Offers a strategic breakdown of free vs. premium security measures suitable for a medium-sized enterprise.
6 Conclusion: Summarizes the necessity of continuous improvement and evaluation of security systems.
Keywords
Network Security, Intranet Management, e-Fence, Firewall, Intrusion Detection System, Document Management, Cryptography, Authentication, System Hardening, Virus Protection, Access Control, Security Policy, Performance Reporting, Data Integrity.
Frequently Asked Questions
What is the primary focus of this work?
The work focuses on developing a comprehensive security policy for the e-Fence Corporation's internal network to protect against digital threats.
What are the central themes covered?
The central themes include network infrastructure hardening, intrusion detection, secure document handling, and cost-effective security management.
What is the main objective?
The primary goal is to provide a security roadmap that mitigates risks from internal and external attackers while balancing implementation costs.
Which scientific method is applied?
The report utilizes a technical analysis and evaluation method, comparing various security products and procedural concepts based on academic and industrial standards.
What is covered in the main body?
The main body covers security services, monitoring/auditing, document management systems, and financial guidelines for security deployment.
Which keywords define this document?
Keywords include Network Security, Intranet Management, Firewall, IDS, Cryptography, and Security Policy.
Why are log files crucial for e-Fence's network?
Log files are essential for identifying attack patterns, discovering weak spots, and potentially uncovering the identities of unauthorized intruders.
How does the report suggest managing costs for security?
The report suggests prioritizing free measures like effective user management and server hardening, while investing selectively in essential software like antivirus and firewalls.
- Quote paper
- Andreas Thiel (Author), 2001, Security Policy for e-Fence Corporation's Network, Munich, GRIN Verlag, https://www.grin.com/document/9416
