Intranets & extranets are attractive solutions that are created by the partitioning of networks, without having to incur significant expenditure or changes in the existing architecture.
The risks to computer networks can be from many potential users. There can be dishonest students who listen to network without the knowledge of any user. There can be chances that someone is taking advantage of ad-hoc collaboration for accessing confidential data. But apart from the risk of hacking, how you can prevent the strike from disgruntled employees who are trying to leak internal sensitive data to a foreign subsidiary.
How to protect against risks such diverse?
Installing multiple firewalls can be a solution but this option is ultimately unrealistic, because of the investment it requires for installing several firewalls.
Moreover, the logic of a firewall is often binary: This logic is increasingly faulted, more so with the development of extranets, Yomiko classics which allow intruders to access the "other side" of firewalls.
What alternative is left for network security officials?
Do you want to leave the network for others to access or to purchase and deploy firewalls that are too expensive and provide you incomplete network security? One option is there which takes advantage of the network itself. The networks are in fact constructed from elements with filtering capabilities, typically routers & switches, thus enabling you to implement distributed network security at the network level.
The establishment of such a security is through partitioning of the network. This solution has significant advantages: no disruption of architecture and no systematic addition of machinery. To partition a network, simply cut into sets of sub-networks, domains, and then put filters on routers or switches that interconnect these subnets.
Devices that are used for filtering in the network become Security Policy Enforcement Points. Filtering devices only provide the flow for traffic that is required between different areas through the use of Access Control List.
The application of network partitioning is necessary since this can provide several filtering system. This can provide network security within an intranet between different departments and projects. It can be helpful for management of complex access to internet platforms and also helpful for extranets or star networks.
The partitioning of the network is the building block towards the use of encrypted IPsec tunnels, which are based on a selection of flows, so that it can provide security to individuals.
As an expert author Peter Hogg provides valuable information about network security and how trends are changing in the network security industry.
No comments:
Post a Comment