NetSecurity Policy
-
Upload
prince-adewale -
Category
Documents
-
view
214 -
download
0
Transcript of NetSecurity Policy
-
8/7/2019 NetSecurity Policy
1/4
NETWORK SECURITY POLICY
FINANCIAL SERVICES
Paper within: CCNA SECURITY
Author: Idowu Hakeem Adewale
Tutor: Philip Heimer
Halmstad March, 2011
-
8/7/2019 NetSecurity Policy
2/4
i
Table of Contents
1Introduction ................................................................................. 11.1 Purpose ................................ ................................ ................................ .12Methodology ................................................................................ 13Conclusion ................................................................................... 2
-
8/7/2019 NetSecurity Policy
3/4
1
1 Introduction
This document is aim to supply network security policy for Adex Insurance Company,within the financial services industrial sector. This policy is intended to protect the
company in the big picture over the known and/or unknown threats over the internet.Security threats could be view from different perspective, that is; weather external or in-
ternal.
External threats could assume to be the traffic over the internet that could cause Denial
of Services (DoS)/ Distributed Denial of Services (DDoS) to the internal network of our
organisation. Example of such traffic includes but not limited to virus, worm, Trojanand spam.
Internal threats could assume to be accessing some organisation resources that are not
allow by some users. Layer 2 problem could be an issue here as well, where slow ofnetwork or network failing due miss-configure of spanning-tree, trunk negotiation and
switch port mode accessibility to the host or other network devices in the internal net-work.
1.1 Purpose
The purpose of this network security policy is to ensure maximum security where is due
necessary in both physical to network devices, as well accessibility and availability in-
cludes;
To protect network devices from physical abuse
To ensure availability of network services as fast as possible
To ensure users are really who they claim they are by authentication
To ensure limited services to various users according to their departmental needs
To ensure maximum security on OSI layer 2 bases (Switch)
To ensure maximum security on OSI layer 3 bases (Router)
To ensure that only IT departmental are in control of organization network resources
To ensure that only SystemAdmin have major access to network devices for manage-ment
To ensure maximum privacy of sending and receiving data (Encryption)
2 Methodology
In other to accomplish the purpose, IT department, precisely System Admin, would play
the major role in how the above purpose would be fulfill. However, there is a need for
management committee to approved some restricted access for some employee oversome resources.
-
8/7/2019 NetSecurity Policy
4/4
2
3 Conclusion
In other to accomplish the purpose of this network security policy, a lot of things were
put into consideration, thus, some mechanism are not supported by the available net-work devices (Router & Switch) through packet tracer.
However, below are the accomplished tasks;
yOnly System Admin is allow to manage network devices remotely (R2_Lan1.0and R3_Lan3.0)
yNetwork devices/resources are protected by traditional Cisco firewall (ACL)
ySwitch port security are enable in all ports, un-used ports are shutdown admini-stratively
yOnly AdexAdmin is allow to access web server
yEverybody is allow to access Email-server
ySSH and Telnet are enable for remote management through username and pass-word
yUsername and Password is required to access console port
y
All password are encrypted with level 5 and 7 passwordyWAN interfaces of R2 and R3 cannot response to cdp request from R1
yOnly AdexAdmin is allow to by-pass user-exec mode to privilege mode
yStatic route and default route are in use