Managing computer and network security is easier than it mayseem, especially if you establish a process of continual improvement—to keepthe various requirements in perspective and to avoid forgetting about aspectsof security. Security management centers on the concept of a security policy,which is a document containing a set of rules that describes how securityshould be configured for all systems to defend against a complete set of knownthreats. The security policy creates a balance between security andusability. The executive management team of our organization determines whereto draw the line between security concerns and ease of use.
The ManagementSecurity Forum consists of the Chief Information Officer, Engineering Manager,NOC or Data Center Manager, and the Information System Security Officer.Here is some task which they have performed in our organizationfor network security management.• Device configuration managementCentralized interface to quickly and easily deploy one ormore devices provides a similar, intuitive interface across all device typesand versions, along with complete support for all device features. Devicetemplates enable administrators to define and maintain commonly usedconfigurations in one place.
• Policy managementProvides an intuitive, rule-based approach for all devicefamilies being managed, with a complete view of rule behaviors and options andpowerful filtering capabilities. Allows network objects and services to bedragged and dropped directly into the policy rules from within the Policy orObject Manager window.• Centralized object managementShared Object manager allows central administration ofnetwork, service, Network Address Translation (NAT), attack, antivirus/deepinspection objects from one interface that can be used by one or more policies.• Real-time monitoringEnables administrators to actively monitor the status oflarge numbers of firewall/VPN and IDP Series devices, clusters, and VPNtunnels.• Intelligent security updatesAn automatic, scheduled process updates the NSM attackobject database, and new attack object databases can be automatically pushed tosecurity devices.• Topology viewCentralized interface to discover and visualize a layer 2topology on an Ethernet switched network. Discovered topology is automaticallyorganized into sub networks, and network administrators can view the topologyof each sub network as well as view the topology between sub networks.
The zoomin and zoom out capability allows network administrators to easily navigatethrough the various parts of the network. The topology view also lists thevarious end hosts connected to the switch.• User activity managementObject locking allows multiple administrators to safelymodify different policies or devices concurrently. Job Manager providescentralized status for all devices updates, whether in progress or complete.
Audit logs provide a record of configuration changes, supporting centraloversight of business policy compliance.• Log and report managementHigh-performance log storage mechanism allows collection andmonitoring of detailed historical information on key criteria such as networktraffic and security events. Using the complete set of built-in analysis tools,administrators can quickly generate reports for investigative or compliancepurposes.