This multi layered security plan will provide a brief overview the strategies to be implemented to each level of the information technology infrastructure. The IT infrastructure consist of seven domains User, Workstation, LAN, WAN, LAN-to-WAN, Remote Access, and Systems/Applications. However, we are going to outline the five we feel would be the most important for our beginning stage mitigating potential attacks. I) User Domain – Employees accessing the organization’s information system. a. Having a development of acceptable use policy (AUP) what employees can access or not. b. Any violations of the AUP will result in that offender’s termination. c. The best practice to introducing the AUP is ensuring that all employees read, understand, and sign an agreement. d. This will hold the employee accountable. II) Workstation Domain – the employee or users connecting to the network. e. hardening and configuring the system provide a defense against any vulnerabilities. f. Ensuring that the patching of software revision, and system configurations constantly monitored and conducted on a regular basis. g. The frequency of such will be determined by management. Suggesting that Desktop Support will be responsible for this layer of defense. III) WAN Domain – Connecting remote locations. h. Use VPN tunneling for end-to-end secure IP communications. i. Configure routers and network firewalls to use stateful packet inspection for blocking unwanted TCP, UDP and IP packet traffic. IV) LAN Domain – the collection of computers connected to one another or to a common connection medium.
a. Securing high-priority systems: Establish access lists; combo/cipher locks for server and switch rooms; also have a sign-in sheet for contractors and tech-reps working on-site.
b. Implement Kerberos as another secure means of identifying users over a non-secure network. V) Remote Access Domain – connecting remote users to the an organizations infgrastructure. j. Assigning a unique identifier to each user in order to have accurate records of who is accessing, or trying to access, what applications, which network resource, and what data. k. Proof must be provide by user trying to gain access to the network remotely is the same person who has been granted access by identification.
These are just a few layered securities that we must have in place. This will provide the foundation as the project continues over the course of 12 weeks.