Information Technology Reference
In-Depth Information
x Configuring secure operating systems and application
x Managing the network
x Establishing the PKI
4.1
Using security tested products and boxes
All of the software and hardware that are considered to be used at the network should
be certified if possible. There are three nationally accepted test standards which are
ITSEC, TCSEC and CTCSEC and one internationally accepted test standard which is
Common Criteria. Common Criteria represents the outcome of efforts to develop criteria
for evaluation of IT security. It is an alignment and development of a number of source
criteria (ITSEC, TCSEC and CTCSEC). Common Criteria is an international initiative by
the following organizations: DSD (Australia), CSE (Canada), SCSSI (France), BSI
(Germany), CESG (UK), NIST and NSA (US).
4.2
Using perimeter protection devices and constructing a DMZ
Perimeter devices are the most vital part for the security of a network if the network is
connected to another less secure network.
Perimeter devices control the flow of information between less secure outer networks
and inner networks. They protect the information at the production system of inner
systems.
There are three types of perimeter devices: firewalls, intrusion detection systems and
content inspection devices.
4.3
Using crypto-equipment and software
Crypto-equipment and software directly concerns information itself. Thus, at the
information age, crypto-equipment certainly has an important place in the design process.
Crypto-equipment simply decreases the value of information by encrypting it. Crypto-
equipment can be used along with firewall and routers. So, all the data or desired data
between inner and outer networks can be encrypted. This is an example of WAN usage
of crypto-equipment. Additionally, crypto-software can be used inside a trusted network.
Examples of this situation are local drive encryption and file encryption.
4.4
Establishing policies and procedures
Policies and procedures are very essential operational countermeasures of the
information age. They contain and organize all technical countermeasures and their
usage.
4.5
Configuring securely operating systems and applications
Operating systems and applications are the main processors of information. Therefore,
a problem with these systems and applications will definitely affect the information.
Secure configuration of software is an important aspect which should not be discarded
during a design process. Almost all software comes with default settings that pose
Search WWH ::
Custom Search