Wednesday, January 06, 2010

Network Security System

Connectedness of a local network with various parties globally requires a variety of security devices to avoid the threat of unauthorized parties to access it.

In an open network there are several potential security risk at the level of:
  1. Operating system (Operating System - OS), such as viruses.
  2. Network systems, such as tapping on the data from the communication lines, and or to the internet.
  3. Applications, such as the destruction of the web, databases.

Aspects that need to be considered in managing a local network or intranet are:
  1. A network (Network Availability), backup system (Redundancy System), and disaster management system (Disaster Recovery System);
  2. A network security device ;
  3. Guarantee of network reliability on the operating network.
These three aspects need to be included in the contract procurement services (service level agreement, SLA).

In the implementation of security system, the traffic and information exchange must be regulated, which generally must meet the following requirements:

1. Privacy / Confidentiality
  • This aspect is related to the confidentiality of data, such as civil service data may only be accessed by those eligible.
2. Integrity
  • Data or information should not be changed without permission from the owner and should not be changed by people who are not in charge.
3. Authentication
  • This aspect is used to ensure the authenticity of data, data sources, people who access the data and the server is running.
4. Availability
  • This aspect ensures that the data and information should be available when needed.
5. Historical events (Non-Repudiation)
  • Aspect which ensures that anyone can not deny if he/she had done an exchange of information.
6. Access Control
  • These aspects limit or manage user access rights and privilege.

Various steps should be taken to ensure the safety of the things mentioned above:

Security Procedures
Establish policies and procedures to ensure the security of the system interacts with the user.

Network Physical Security
Using a Firewall, Intrusion Detection System, Anti Virus and Virtual Private Network (VPN).

Access Security
Using a password and Virtual Private Network (VPN) Server.

Authentication data / information that is sent
Using data encryption

Authentication recipient data / information
Using the Certification of Authority (CA) / Public Key Infrastructure (PKI).

Security data / records
Establish procedures for Electronic Document Management System

Secure the room
There should be Restrict access to the room where network equipment is placed

http://www.kominfo.go.id

 
Design by Wordpress Theme | Blogger Templates | JCPenney