Eicon Networks S92 Instrukcja Użytkownika Pobierz pdf (Strona 31)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 31

OverallPolicyObjectives

For theGIACproject,theoverall policyobjectivesaredefinedasfollow:

n Policy Objective1:ThePublicServicesserversmustbeprotectedagainst

outsideintrusion attemptsasmuchaspossible.Thispolicyisenforcedat

FW1_B2C.

n Policy Objective2:Internalnetworkisprotectedagainstoutsideintrusionfrom

theB2ClinkshouldthePublicServicessegmentbecompromised.Computersin

thepublicservicesareaarenotallowedtoinitiateconnectionstotheotherparts

oftheinternalLAN.Such policyisenforcedatFW2_B2C.

n Policy Objective3:PublicServicesserversmustbeprotectedagainsttampering

bytheinternaluserswhileallowingclientaccess,administrativemaintenanceor

designupdates.ThispolicyisenforcedatFW2_B2C.

n Policy Objective4:Everyinternalnetworksegmentsmustbeprotectedagainst

tamperingfromtheotherinternalsegments.Therelevantpoliciesareenforcedat

Norton1_IDS,Norton2_IDS,Norton3_IDS,andVisNetic_1.

n Policy Objective5:Externalpartnersandsupplierscanaccess(viaVPN)the

CriticalResourcesdatabaseserverviathestandardizedHTTP/HTTPSinterface

anddonothingelse. Therelevantpoliciesareenforcedat W2K_VPNand

VisNetic_1.

n Policy Objective6:OnlyauthenticatedstaffsareallowedtologinviaRAS.Such

policiesareenforcedattheRASServer. TheseRASusers,onceloggedin,can

accesstheInternal ServersandthePublicServicesservers(andnothingelse)

fromhomeorfromtripviadialinmodems.Therelevantpoliciesareenforcedat

VisNetic_1.

1 2 ... 26 27 28 29 30 31 32 33 34 35 36 ... 208 209

Brak uwag

Eicon Networks S92 Instrukcja Użytkownika Strona 31