CHAPTER 10
ENSURING NETWORK SECURITY
Lesson 1: Making
Networks Secure
. 406
Lesson 2:
Maintaining a Healthy Network Environment
420
Lesson 3: Avoiding Data Loss 427
INTRODUCTION
Up to this point, our emphasis has been on sharing as the principal reason for creating a network.
However, security, protecting the networked computers and the data they store and share, is
also an important factor in networking. Security is more than preventing unauthorized access
to computers and their data, it includes maintaining the proper physical environment to permit
the network to function effectively.
Lesson 1: Making
Networks Secure
In a networking environment there must be assurance that sensitive data will remain private.
Maintaining network security requires a balance between facilitating easy access to data by
authorized users and restricting access to data by unauthorized users. Its the job of the
network administrator to create this balance
Four major threats to the
security of data on a network are:
1) Unauthorized access
2) Electronic tampering
3) Theft
4) Intentional or unintentional damage
Level of Security
The level of security will depend on the type of environment in which the network is running. A
bank will require more security than a local community volunteer organization.
======================================================================
netnotes10.html PAGE
2
2001/10/08
Setting Policies
Making a network secure requires establishing a set of rules, regulations, and policies so that nothing
is left to change. You must implement policies that set the tone and help to guide the administrator
and users through changes, both expected and unplanned, in their networks development.
Prevention
The best way to design data security policies is to take a proactive, preventive approach. When
unauthorized access is prevented, the data remains secure. A prevention-based system requires
that the administrator understand the tools and methods available with which to keep data safe.
Authentication
To enter the network, the user must enter a valid user name and password. Do not let the
password system be your only set of security guidelines.
Training
Unintentional errors can lead to security failures. The administrator should ensure that everyone
who uses the network is familiar with its operating and security procedures. You should set-up
a short training course for all new users.
Securing Equipment
The extent of security depends on:
In a Peer-to-peer network, there is sometimes no organized hardware-security policy, and users
are responsible for security of their own computers and data. In a server-based network, security
is the responsibility of the network administrator.
======================================================================
netnotes10.html PAGE
3
2001/10/08
Securing the Servers
In a larger, centralized system, in which much individual user and organization data is sensitive, it is
important to secure the servers from accidental or deliberate tampering. Unauthorized employees
should not be fixing the servers. The simplest solution is to lock the servers in a dedicated computer
room with limited access, depending on the size of the company, this might not be workable.
Securing the Cables
Copper media, such as coaxial cable, much like a radio emits electronic signals that mimic the
information it carries. Copper cables can also be tapped into, so information can be stolen.
Cable runs that handle sensitive data should be accessible only to authorized people. Proper
planning can make cable runs inaccessible to unauthorized people. For example, cable can be
run inside the building structure, through ceilings, walls and floors.
SECURITY MODELS
There are two policies used for assigning permissions and rights to network resources, they are:
Password-protected shares or Share-level security
Access permissions or User-level security
***** problems with saving file on a:???? just retrieved a backup from C: