This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Definition An Enterprise Security Strategy
Enterprise needs to have their secure network plan. They are few security groups that should considered with any enterprise security model. These include blocking attacks on network based, Blocking attacks on host based, Eliminating security vulnerabilities, safely supporting authorized users, tools to manage security and maximize effectiveness. These are all step of any effective company security strategy. Enterprise network has a perimeter that stand for all equipment and a complete route that connect to external networks both public network and private network. The internal network is include of all the servers, applications, data, and devices used for company operations. The demilitarized zone (DMZ) stand for a location between the internal network and the length comprised of application firewall and public servers. It that allows some access for public users to those network servers and deny traffic that would get to internal servers. This does not mean all external users will be denied access to private network. Define the most damaging attacks will come from internal, malicious traffic from the public makes up the amount majority of all recorded attacks. Define how to blocking attack on host based. Define how to eliminating security vulnerabilities. Define tools to manage security and maximize effectiveness.(Shaun Hummel, 2009)
Defensive 1: Blocking Attack on Network Based
1.1 Intrusion Prevention (IPS) & Detection (IDS)
IPS and IDS work together, in enterprise network need to do detection problem before can start block it. The key is to use in-line technology so admin can easily move from detection problem to blocking the behavior. IDS monitors network traffic look for the behavior or characteristics of attacks. IPS ability over firewall that keeps track of the state of network connections is that IPS can recognize the "content" or data type of network traffic at a high rate to block malicious connection and allow genuine traffic to pass through.
1.2 Wireless Intrusion Prevention (WIPS)
These tools will provide a report and analysis for flexibility, WIPS help enterprise to monitor traffic flow that on wireless network. It will detect wrong configuration or unauthorized access points.
1.3 Network Behavior Analysis and DDOS Monitoring
These tool can know the behavior that might indicate denial of service attack. It will automatic send alert for admin.
1.4 Firewalls, Enterprise Antivirus and unified Threat Management
Traditional firewalls do not zoom inside the packets but help on information in the packet header like ports, a useful function in firewall with IPS and web security gateways. Firewall also can control with port, protocol is allow to access.
1.5 Secure Web Gateway
Enterprise applications to work together system increasingly use HTTP as the obvious protocol. Secure Web Gateway feature can let enterprise to filtering inbound network traffic. To prevent spyware, as well as outbound URL blocking and other type of policy to be enforce.
1.6 Secure Messaging Gateways and Anti-Spam Tools
Spam is the problem in an enterprise to make network busy and internet user will feel slow. Secure email gateway is use to block inbound spam as well as viruses, worms and other dangers executables and can enforce outbound policy to manage as well for email and instant message.
1.7 Managed Security Service
Managed Security Service like a police that will watching the firewall, IPS and IDS system, Web security gateway and even the logs from inside system. These MSS provide fast analysis and quick notification. To automated vulnerabilities services, inform warning to admin, and help admin where to act protect against new vulnerabilities and exploits.
Defensive 2: Blocking Attacks on Host Based
2.1 Endpoint Security
Endpoint security is the place where employees use. This is the place where easy get malicious files and virus, malware, worm, spyware. It needs to implement anti-virus, anti-spyware, personal firewall, host-based IPS that is installed on employees PC (personal computer), laptop, PDA, and others.
2.2 Network Access Control (NAC)
Enterprise network will using NAC to check which employee is using their own notebook to connect at workplace and it will verifies after they can use internet. If not NAC will denied access until the configuration of notebook from that employee have been correct. The patch level and secure configurations will be determines by NAC. It also determine if danger software is present on an endpoint, It will denied.
2.3 System Integrity Checking Tools
These tools can let admin to monitor their server files or data files on system. This can prevent if any worm, attack, danger files type that is on enterprise server system. Admin can have easy to build protection and rescan where the vulnerabilities. Easy to done the recovery.
Defensive 3: Eliminating Security Vulnerabilities
3.1 Network Discovery Tools
Analyze network traffic to determine which host is active. NDT is the second class of tool initiating an action watches the network, Manage and separate different host is active. Automatic check new devices that appeared or existing hosts that have bring vulnerable file or infected software is active.
3.2 Vulnerability Management
These tools feature is help enterprise to monitor the network progression and remove the vulnerabilities that are found. Vulnerability management will have specific way like auditing, remediation, and reporting. This process is keep loop and creates a feedback look for ongoing network threat management.
3.3 Penetration Testing and Ethical Hacking
This tool is use for enterprise to penetrate their system and build out a report to check whether the organization is secure or still need to fix the vulnerabilities. This can tool can let enterprise to be upgrade their system like fixing the problem. These tools use multi-stage threat techniques to more similar skills that attacker will use to penetrate enterprise system.
Defensive 4: Tools to Manage Security and Maximize Effectiveness
4.1 Forensic Tools
If enterprise has been attack by attacker, enterprise can use forensic tool to trace back and find out how the attacker coming in to enterprise system. Enterprise need to know what they accessed, what they have do changes, what system have been damage by attacker. These tool can find out the evidence available after an attack.
Definition of Microsoft Windows Server 2008 Enterprise
Study How to Implement a Network Management Strategy
This report is to define a network management strategy for manage the enterprise network. It is necessary to define how the hardware is need to be monitored and determine if the existing management strategy is satisfactory or if latest applications, hardware, protocol and processes must be known. Management unit are then joint with infrastructure and security. These master elements form a well-defined management strategy and should use this advised when developing enterprise network strategy. Network management strategy can be Network Management Groups, SNMP Application, Monitoring Devices and Events.
Network Management Groups different stage, 6 stages is Performance Management, Device Management, Security Management, Change Management, Configuration Management, and Implementation Management.
Show what employees have been done using easy way. Performance management involves opportunity of people to done their work with show complement of their work to the best of their talent; their work is meeting the standard target. Performance can be matched by a reticulated framework between manager and employee. Human resource management, standards and performance indicators are key areas of the framework. For successful performance management, a culture of aggregate and personal responsibility for keep improvement to established the process. Personal skill and subscription need to be confident and encourage. (BNET Business Dictionary, 2010)
This is representing the management of device and server security that is confident with the policies of the enterprise. Normal devices are firewalls, routers, switches, TACACS servers and RADIUS servers. Security includes password assignment, change policy, dial security and Internet security. (Shaun Hummel, 2009)
This is to tell the process of configuring, and documenting devices and servers on the enterprise network. New equipment, modifying current equipment and maintaining TFTP servers should be established. TFTP server should store the script. Configuration need to be references. Provide a store place with a separate folder for save each equipment type and subdirectories for model types. (Shaun Hummel, 2009)
This describes a process for allowing and complement device configuration changes and it is necessary for network availability. If staffs do changes for any configuration when pick hour on enterprise. Then it will course problem and it will affected departments. If need do any changes also need to inform network operation center. It is better to inform to application developers to let them know the network changes. Change management process need to have this few components, that is proof of concept and quality assurance testing, All department should have a timeline for changes approved, approval process, pro-active monitoring of unauthorized changes. (Shaun Hummel, 2009)
Monitored Devices and Events
To have a final report for every minutes that what the hardware do and how long the traffic to send data and the device's CPU utilization percentage. The hardware will be routers and switches.(Shaun Hummel, 2009)
Study about Network Administrator
First task Define correct user rights for the correct task
Damaging could be done by someone that have administrator rights and did not follow the correct way. Such as overall level of network security can be decrease when the accidentally making changes. Running malware is the fool attitude, which would adopt user's administrator privileges. Third party can log in and do something that will damaging network if logon detail been stolen. ( MFrizzi, 2009)
To build a high security network, to ensure that users that on enterprise have the appropriate priority level for the task at hand, and just let few administrator helper to know the username and password. ( MFrizzi, 2009)
Second task Download Files from Trusted Sites Only
On internet is too many sites provide the free download application and some website are not place at equal location. For sure some website will more secure than other. To ensure that enterprise client are only download their file from official website or trusted website, which are from the main source rather than download at file-sharing or generic website. Only certain user that have download permission only can download the files. Need to make sure that this selected few user that have enough education to know how to download files safely. ( MFrizzi, 2009)
Third Task Undertake an audit of network shares
On a enterprise network, normally also will have malware that spreading around. Normally the problem happen is because the low levels of network share security. Remove the unnecessary share permission and secure the others and to minimize the network-aware malware from spreading. ( MFrizzi, 2009)
Fourth Task Control Network Connections
Provide a Active directory services to make sure that certain department have different security setting and have different permission. When staff bring their personal notebook to enterprise they need to reconfigure the security setting and other configure just can connect to the enterprise network. If staff did not follow their computer will be listed to the risk platform. ( MFrizzi, 2009)
Fifth Task Change the Default IP range for your network
The default IP range that start from 10.1.x.x or 192.168.x.x. This IP range will have a problem that user can misconnect to outside of control. Changing the default IP range, the computer is less easy to find a similar range. Firewall rules can be added to allow or deny the connection from certain IP range. ( MFrizzi, 2009)
Sixth Task Audit the Open Ports On Enterprise Network Regularly And Block Unused Ports.
Ports are like the door in house. If the back door house is open always and without monitoring. The chance of let uninvited intruder to enter is high. If ports not close the Trojan, malware can easy pass through enterprise network on third party. Ensure that unused port is block and allow port are monitored. This just can build a healthy enterprise network. ( MFrizzi, 2009)
Seventh Task Placing Business Critical System On Different Network
The day-to-day activity network can be separate it to two different network so when the business critical system when affected it won't affected to same network that doing different business task. ( MFrizzi, 2009)
The Architecture Enterprise
The Uses Benefits of Enterprise Architecture
Developing and Enterprise Architecture is first need to have alignment, this is to ensure the true of the implemented enterprise is parallel with management's goal. Second need to integration correctly that the business rules are agreement across the organization, that the data and it use are affected to change and information flow are standard, and the connectivity and interoperability are control across the enterprise.
Third need to have change, this is to facilitating and managing change to any surface of the enterprise. Time-to-market is the fourth which tell about reducing systems development, modernization timeframes, application generation, and resource requirements. Fifth also is the last one that convergence, It is a IT product portfolio that include in the Technical Reference Model.