| ||||||||||||||||||||||||||||||||||||||||||||
|
Internet securityIntroductionThe Internet is a great resource for both the individual and enterprise. Connecting your network to the Internet opens up a whole new world of possibilities. Unfortunately, for curious or even malicious people, your network could mean the same for them. Protecting your network from intrusions and other types of attack has become a challenge and is done on many fronts. Relying on a single solution just isn't enough. Real security means using a combination of technologies. FirewallsI have dedicated a page about firewalls. It is recommended to read that page before continuing here because it explains the difference between various types of firewalls (network firewall, application firewall, desktop firewall,...). Intrusion DetectionUse an IDS on your internet connection. A (low volume networks) IDS is Snort. Be aware that your IDS can be circumvented by using SSL. HoneypotsHoneypots are a new emerging technology. It's a technique where you set up virtual (meaning not real) servers and let them be hacked, so you can learn from it or let them waste their time and keep the real servers untouched. It's not a solution, but adds up to the security.
VPNVPN is a technology that reroutes traffic over an encrypted TCP/IP connection (default on tcp port 500). It can use various encryption algorithms like IPSec. Use a VPN only when you need to make a direct connection (like an ordinary LAN connection) between segments of your network or between remote users and your network, and doing all this over the Internet. There is one huge disadvantage in using VPN: it allows access from all computers in the network to all the connected sites, meaning, that if someone connects an infected laptop into the network, all computers on the other end of the VPN are a direct target. So if you use VPN, you have to limit the traffic allowed over your VPN connection. This is in fact more difficult than setting up a VPN in the first place. Resources
|
|||||||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||||||||
