Page 217 - DCAP406_DCAP_207_Computer Networks
P. 217

Computer Networks/Networks




                    Notes          The TCP/IP protocols are being used globally irrespective of the nature of the organizations
                                   whether it belongs to general category of organizations or security specific sensitive
                                   organizations. The news or information about hacking of some web site or portal by some
                                   undesired people is very common nowadays. This shows that TCP/IP protocols are susceptible
                                   to intercept. This generated a need to ensure all round security for the network in an organization.
                                   The task of network administrator had to widen to include the overall security of the network.
                                   He has to ensure that all parts of this network are adequately protected and adequate measures
                                   of security have been implemented within a TCP/IP network. He should be aware of an effective
                                   security policy. He should also be able to pinpoint the main areas of risk that the network may
                                   face. Basically, these main areas of risk vary from network to network depending upon the
                                   organization functioning. There are therefore various security related aspects, which have direct
                                   implications for network administrator along with the means to monitor the implemented
                                   measures of security effectively and to tackle the problem of breach of security if it happens.
                                   14.1 Network Security


                                   The main objective of the network is to share information among its users situated locally or
                                   remotely. Therefore, it is possible that undesired user can hack the network and can prove to be
                                   harmful for the health of the network or user. There are few basic points, which must be followed
                                   by network administrator to provide the network an adequate security other than network
                                   specific security as in case of e-commerce, etc. These are given below:
                                       Networks are designed to share information. Therefore, the network must be clearly
                                       configured to identify the shareable information and non-shareable information.
                                       The network should also clear with whom the shareable information could be shared.
                                       With the increase of system security, the price for its management will also increase
                                       accordingly; therefore a compromising level between security and prices should be
                                       established as per the requirement of the network security system policy. This will largely
                                       depend upon the level of security needed to apply in the network, overall security
                                       requirements and the effective implementation of chosen level of security.

                                       Division of the responsibilities concerning the network security must be clearly defined
                                       between users and system administrator.
                                       The requirements for security must be detailed within a network security policy of the
                                       organization that indicates the valuable data and their associated cost to the business.
                                       After defining the detailed network security policy and identifying the clear cut
                                       responsibilities in the organization, the system administrator should be made then
                                       responsible for ensuring that the security policy is effectively applied to the company
                                       environment, including the existing networking infrastructure.

                                   14.4.1 Levels of Security




                                     Did u know? The evolution of security levels can be looked into different form, contributed
                                     by the US Department of Defense. The first step in this direction was the describing of the
                                     Trusted Computer System Evaluation Criteria in December 1985 that is popular by the
                                     name as Orange Book. In continuation with the this Orange Book security level another
                                     security level known as Trusted Network Interpretation of the Trusted Computer System
                                     Evaluation Criteria or Red Book was described in July 1987.





          210                               LOVELY PROFESSIONAL UNIVERSITY
   212   213   214   215   216   217   218   219   220   221   222