|
Network Security 101
This article will not go into details on how to set up or configure a network on any
specific operating systems, instead we will discuss a more general security profile that
can be applied when setting up any network.
There are many aspects to network security, but there are always a few simple rules that should be followed:
Restrict internal access
A very important (and often overlooked) rule is to restrict internal access. The biggest security breaches often occur from within the organization.
Physical security is often overlooked... make sure you have your servers located in a security place (i.e. locked up in a closet) and give your oranizations users ONLY the access which they NEED and nothing more.
Here are a few suggestions to get you started:
- Lock the servers in a secure place to which only the systems administrator has access.
- Do not allow users to use the actual server systems (disable local logins to them, only the systems administrator should be allowed access).
Run only the services you need
One of the most important rules to follow (especially when installing new software) is to disable all services you do not need!
This means if you do not use something or know what something is then DO NOT install it or enable it.
The best way to accoplish the tightest security is to disable EVERYTHING and then enable only the services you need.
This way you do not accidentally miss something or leave something running just because you do not know what it is.
Limit internet access
Any network that is attached to the internet should have atleast one firewall located between the public network (the internet) and the private network (your network).
If you do not run any servers that you want available on the internet then you will have the most simple and secure type of layout.
You will want to place a firewall directly after the device that connects you to the internet.
If you want to run servers that will be available on the internet, you should first ask yourself if you really need to do this.
Running public servers (or private servers on a public network) is always an increased security risk.
If you are sure you want to do this, you will need to approach things a little differently than the basic setup above.
You will probably want two firewalls and two seperate internal networks within your company.
One network will have all of the servers that are to be connected to the internet.
The other network will be your internal network of which there are no servers that are available on the internet.
Network layouts may vary a bit, but you will generally want a firewall between the internet and your "public network" which will have a little less strict firewall rules, and you will want a firewall between your "private network" and the internet with strict firewall rules.
I will be writing an article with more details on network layouts along with supplying links to various other sites that I have found to be useful on this topic, please check back here soon. Or search the internet with your favorite search engine.
If you are going to be running servers on the internet try searching for "firewall and DMZ" or some such thing.
You should set up your firewalls with a default policy of DENY.
That way you start with nothing being allowed through your firewall.
You should then start allowing the type of network traffic that your network uses, that way ONLY what is needed will be allowed and everything else will be DENIED.
I will be writing an article with more details on firewall rules along with supplying links to various other sites that I have found to be useful on this topic, please check back here soon.
|
