• Tuesday, July 21, 2009

    Home What how to?? Network security strategy Designing Your Computer

    Network security strategy Designing Your Computer

    In the world of the Internet has grown rapidly in such a way, the number of the hacker, cracker, and so is also increasing. We can not continue to terlena akan circumstances and conditions in which we are safe. Are we to wait until our network was damaged by them? Of course not! After a computer network and we work to connect to the Internet network, that is when we must start thinking bersiaga and strategies along with ways to increase computer network security that we have. With the level of computer network security, the user will feel safe while working in the computer network that we have. A distinctive value-added is not it? A
    Strategies in computer network security aims to maximize the resources available to secure the computer network system in the dots so that the right more efficient. If without the right strategy, the implementation of the strategy will not generate a high level of security while terbuangnya resources that have not exact due to the placement in the network computer. With the right strategy, resources that can provide a minimum of a quite satisfying.
    In this paper, we will try to see the basic strategies in designing a computer network security. This basic strategy can be used as a basis for the development to the implementation of security systems.

    Permissions
    Access rights are the rights given to the user to access the system. May access is the most fundamental in the field of security. In the security strategy, each object in the system (user, administrator, software, the system itself, dlsb) must be given access rights that are useful for supporting the work function of the object. In other words, the objects have only the minimum access rights. Thus, the object of the action system can be restricted so that the object will not do anything dangerous to the security of computer networks. Permission to make minimum akan intruders from the Internet can not do a lot of the record when a user account on the computer network system. In addition, the minimum access rights also reduce the danger of "the enemy in the blanket" that threaten the system from within. That is some of the benefits that can be obtained from this strategy.
    Losses in the access strategy is the limited access of the user so that it can cause inconvenience when the user are running duties. The settlement of this problem depend on two things, namely the aspect of the device and the network administrator point of each other and both are bound. A network administrator must be clever-clever design menyiasati akan rights of access given to the user so that user needs can be met without sacrificing security level. When the device has a flexibility that is executed in the case of settings, this will ease the task of administrators. If not, administrators need to play the brain menyiasatinya. If the business has a maximum and the result is still not as expected, there are two options that can be done is to replace the device or to provide understanding to the user will have a limited (usually difficult to be carried out both options A). The user needs to be so important? User needs that are not fulfilled akan can cause effects that sometimes difficult to predict. He may be able to change from regular user to become "the enemy in the blanket."

    Layer security
    Layer of security is the number of security mechanisms that will be used and levels. This is also thought to be in the field of security in general. We can not risk the entire security network on a computer security mechanism only. If one mechanism fails to protect the system, drop it all. Therefore, security mechanisms should be made more than one mechanism. In addition, the mechanisms are installed in graded / layered. Security mechanism can be network security, host / server security, and human security. Among these mechanisms, it can be also combined in accordance with needs.
    In computer networking, network security can be built with several layers. For example, we can build a firewall with two sub-mechanisms, namely packet filtering and proxy system. Packet filtering mechanism can dipilah-pilah into several parts, such as filtering based on the services and protocols. After the first layer above, we can also build the next layer mechanism. For example, we can apply the mechanism for authentication credentials in each packet received.
    When we provide services to both in and outside the network, the host / server which provides a critical point in the computer network security. On host security, the components on the host / server software is especially configured with the necessary caution. Internet services such as SMTP, NFS, Web Service, FTP, dlsb. may only provide services in accordance with that planned. Terms-terms (features) that is not no major show. Before we know it's certainly a level of security in terms of software, should not we use. If we are forced to use the terms, we can do is intensive monitoring of these terms.
    Human security administrator and the user network itself. We can provide guidance on security to the user and embed reserve to themselves in each user. There is also a good idea if the user-user also participated in maintaining and improving computer network security because they are also part of the system itself. By doing so, will have a growing sense of self in each user. The administrator also should be more careful in the responsibility for security in the hands of their computer network is put.

    Log In one line
    One strategy is the entrance way to make only one entrance to the computer network that we have. Thus, only one road that we need to awasi with the full and strict. This strategy is similar to create a fortress. Fortress built akan usually only have an entrance which placed the most stringent control.
    The core of this strategy is the control center. We can devote most of the power control to the point so that it will be difficult to penetrate path. Of course this strategy will fail if we have another entry path. If we want to fully implement this strategy, try to not have other than the entrance we will awasi strict.
    The weakness of this strategy is when the entrance was successfully penetrated by intruders, it will directly mengobrak destroy our computer network. This risk can be reduced by a make a path so that the flake force to stop the intruders aksinya.



    Data Encryption and Digital Signature
    One of the strategies most frequently used in network security is a data encryption and digital signature. Digital signatures use principles such as human signature on the documents and pieces done in digital. He says the validity of data that the sender sent the data actually came from the sender. At this time, data encryption can be done in software or in hardware. Various types of data encryption methods on the level of applications has been developed, such as RSA, MD-5, IDEA, safer, Skipjack, Blowfish, dlsb. With this strategy, the transfer of data to and from network computers take place confidential.



    Sub-Stub Network
    Stub sub-network sub-network is the computer that has only one exit route incoming sub-network. This strategy is used to isolate a sub-network computers that actually need the maximum protection. Entry-exit path sub-networks with supervised (if necessary) more stringent than the strategy of the entrance. For example, a data company-confidential data stored in a computer need to be directly accessed by several parts. The solution, of course, the computer network. But one of the part requires a network connection to the computer company that is connected to the Internet without having to move the computer. Nah, it's here Stub strategy sub-network is required. Users confidential data network designed has only one entry path through the computer that has Internet access. Supervision of data traffic through the computer must be monitored properly and the system can also apply packet filtering on the computer.



    Find Weak Spot
    As security field in general, the network is the computer's weak dots. This point will grow more when the computer network that is coordinated by more than one person. A large computer network generally evolved from networks of smaller computers, which then combine them. In addition, sometimes an administrator will have difficulties when managing a large-scale computer network alone. Therefore, good coordination is needed between each network administrator so that each of them manage sekuritinya guaranteed.

    Two Public Attitudes
    "Two SikapUmum" attitude is the decline in general (prohibitive) and accept the general attitude (permissive). Reject the general attitude defines the detailed service / package that is allowed and other refuse. This strategy is quite safe, but sometimes cause inconvenience to the user. Therefore, administrators who intend to run this strategy will need to know the detailed needs of users and how far the impact on network security in general. Accept the general attitude defines the detailed service / package is rejected and the other receiving. This strategy is not recommended by experts because with this strategy we are taking a risk opening the way for various merongrong security system.

    Diversity
    Software and hardware that is currently has a variety of configurations and benefits. We can take advantage of diversity these tools in building a computer network in accordance with our needs. With the diversity of this device, if there is infiltration of a computer, it requires other businesses to penetrate a different computer. Before we use the software, especially, have a good idea if we also know the extent to which level of security provided by the device. By doing so, we will have a complete data to determine the combination of design our computer network security.

    That is some of the basic strategy used in computer network security. From the strategies above, the administrator can combine these strategies so that it meets the criteria set. On security policy in effect on the system can also be determined from the strategies that have been selected.
    In the review and implementation, we should not believe fully on strategies and mechanisms that we make. Essentially, we must always do the evaluation of security systems that we create or maintain. Along with the development of techniques and penetration has not been found weaknesses in the security system that has been there, we must always in a state of alert and ready for action outside the allegations.
    In the end, one of the main goal to remember from the strategies above is to make the intruders (hacker, cracker, phreaker, dlsb) "to think a thousand times" before they run the action against our computer network system. If they remain desperate attempt, With us to the obstacles and barriers that require power are very great efforts to penetrate our system, until they stop the action.
    Read more
    Diposkan oleh
    Label:

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)
    semarang jawa tengah indonesia service keyboard service computer komputer kendal bali setting hotspot hacking password mysql protected username jasa setting jual beli
    bobol password phpmyadmin debian 5 lenny ubuntu server surabaya sumatera american inggris access point microtic MikroTik jawa barat yamaha roland casio korg technic floppy disk emulator usb www universal cara ganti broadcast editing wireless Wi-Fi handphone novel health facebook Sepeda Fixie Jual Beli Sepeda Fixie Rose Network Sepeda Fixie Murah Wimax Wimax Indonesia, Long time waktu lorong waktu facebook twitter

    Followers

    Created By Sora Templates | Distributed By Gooyaabi Templates