The need for added security controls
The need for added security controls
IT infrastructure refers to the physical hardware that integrates computers and other users. Infrastructure also involves software to administer the signals. The seven domains of a typical IT infrastructure include the user domain, workstation domain, LAN domain, LAN-to-WAN domain, WAN domain, system domain and remote access domain. The attack on the infrastructure can be lowered through applying security-hardening steps. Removing all unused accounts that are created by users is a first step in hardening. The unwanted services can also be removed as they present similar problems to the system.
The administrator should also introduce passwords and other policies that control the access by different levels of employees. The administrator should also organize the privileges that award people different advantages and access to security. The hardware should also be properly managed, for example, any unused network ports should be closed. Any other known vulnerability should also be fixed. Authentication, authorization and accounting, are some of the measures that allow a system to control how people log into routers and authority levels. Authentication can be ensured by implementing IOS-privileged EXEC commands such as typing in commands (Axelrod et al, 2009).
Accounting measures allows the administrator to monitor the activity within the network. The user’s activity can be monitored for any inconsistencies, entrance of new devices and time logs for activities. The accounting measures include monitoring username, the commands used and the starting and stoppage time. Setting the passwords and usernames in a central position will mean that fewer devices will need to be updated. These three processes: authentication, authorization and accounting are provided by an AAA server. Other components that can increase security include keeping antivirus software up to date, having routine backups in secure off site storages (Whitman & Mattord, 2003).
Firewall best practices
Firewalls are hardware or software-based restrictions that help in keeping networks secure. The primary goal of a firewall is to control the traffic by scanning the data packets and confirming if they can be authorized or not. Maintaining security in an IT infrastructure that will ensure availability, confidentiality and integrity includes implementing certain the best firewall practices. An organization can document all the firewall rules that have been changed recently. Although firewalls have an in-built change management mechanism, which many organizations assume will cater for the documenting needs. If emergencies or disruptions occur, the process can be skipped, and data might be lost (Raggad, 2010).
The organization can also setup access rules with limited access rights. The problem within most organizations is that they provide users with too much permission. Firewall rules are made up of the source, destination and services. In order to ensure that everyone can access the systems they require, a wide range of objects is assigned in a field. This results in insecurity that can be avoided by carefully awarding permissions to each level of users (Peltier et al, 2005).
The proxy firewall may be the best choice of firewalls, as they possess two components: a proxy client and a proxy server both of which are important in that they communicate with each other rather than linking with the real server. These proxies perform authentication and authorization processes on behalf of the real servers. They however have lower performance as they are more involved in the connection activities. The management of application and SOCKS proxies will dictate the extent of the security in the firewall. Application proxies can be useful in making logging records and authenticate users. SOCKS proxies are useful in managing networks, and they can best be managed by fine-tuning the crossing of wires that link the system to outside networks. The integration of the proxy servers into a firewall can also create lists for their users.
Axelrod, C. W., Bayuk, J. L., & Schutzer, D. (2009). Enterprise information security and privacy. Boston: Artech House.
Peltier, T. R., Peltier, J., & Blackley, J. A. (2005). Information security fundamentals. Boca Raton, Fla: Auerbach Publications.
Raggad, B. G. (2010). Information security management: Concepts and practice. Boca Raton, FL: CRC Press/Taylor & Francis.
Whitman, M. E., & Mattord, H. J. (2003). Principles of information security. Boston, Mass: Thomson Course Technology.