ISSC 491 IT Security Auditing LAN-to-WAN traffic Discussion
ISSC 491 IT Security Auditing LAN-to-WAN traffic Discussion
Need to respond to two student discussions with at least 150 words minimum for each response. Below in the bold are the questions the students are responding to.
Discussion Points:
1. Discuss LAN-to-WAN traffic and performance monitoring and analysis
2. Discuss WAN configuration and change management
3. Discuss remote access domain best practices
Student one:
Discuss LAN-to-WAN traffic and performance monitoring and analysis.
The LAN-to-WAN traffic can be captured for analysis by a network sniffing tool (Wireshark/tcp dump). This process can help to determine the health of the traffic and detect any intruders, viruses or worms. There are also features like troubleshooting connections, lag and more. If your network is to include a LAN-to-WAN connection is it highly advisable to have a Admin on staff that specializes in these tools.
2. Discuss WAN configuration and change management
WAN configuration and change management provides security in knowing what/who made changes to this domain. When team of admins work together on project any number of changes can be made and identifying whom can be difficult. I work on a team of three and even amongst us sometime we repeat work. Keeping a change management log and having weekly meetings has aided in the effectiveness of our work. Each change is vetted and logged. (Especially STIGs incase we have to undo it)
3. Discuss remote access domain best practices
There are several best practices with remote access. A major one is to have virus software up-to-date and firewall settings configured on all remote domain devices. Establishing a VPN connection with the proper security settings and encryption. Use strong authentication for all user accounts (no group accounts). Minimize admin accounts. Monitor all traffic for virus and proper use. Enforce all malware best practices and application updates. Securing a remote network is difficult but a huge help is education. All teleworking employees are required to take Cyber awareness training and renew it annually. If the employees are looking out for their machines it is must easier than having to rely on HIPS or NIPS applications.
-David
Student two:
Discuss LAN-to-WAN traffic and performance monitoring and analysis.
This type of monitoring is essential to your infrastructure’s integrity and availability. A lot can happen over the internet going in and out of your organization. If you are monitoring traffic by using automated tools you can map, configure, continuously monitor, manage the LAN-to-WAN domain and be alerted when there is any changes on any type of device you set.
Discuss WAN configuration and change management
It’s important to have proper documentation and change request dependencies outlined when performing configuration initially or upgrading. According to Sean Barry of The Daily Network Monitor, 75% of network outages are a result of misconfigurations. If you keep track of and document your WAN changes you are more likely to succeed.
Discuss remote access domain best practices
Remote access can be scary, it can be threatening, and it can cause you a lot of anguish. This is why it is important to ensure you follow best practices to properly secure your environment. A highlight should be put on your corporate assets instead of endpoint security. Your assets at your fortress to protect, and the devices are your endpoints that many software and processes can make them secure independently without reaching back home.
References
Barry, S. (2010, 10 22). Best Practices in Network Configuration and Change Management. Retrieved from What’Up Gold: http://www.whatsupgold.com/blog/2010/10/22/best-practices-in-network-configuration-and-change-management/
Phifer, L. (2011, 07 11). 5 Best Practices for Securing Remote Access. Retrieved from eSecurityPlanet: http://www.esecurityplanet.com/security-how-to/5-Best-Practices-for-Securing-Remote-Access-3937121.htm
Shimonski, R. J. (2010, 06 15). The Importance of Network Redundancy. Retrieved from Windows Networking: http://www.windowsnetworking.com/articlestutorials/netgeneral/Importance-Network-Redundancy.html
-Jeremy