. Discuss what allows Internet access to users, with particular reference to protection against threats: viruses, spamming, and hackers. In our network design, Internet access will be granted through a centralized point located at the Los Angeles Data Center. Corporate policy dictates that the corporate internet connection is to be utilized for business purposes only, and use for any purpose other than a justifiable business need will result in disciplinary actions, or termination.
To help deter users from violating this policy, we have implemented a corporate firewall at the access point to the internet. To assist in the prevention of attacks from viruses, spam, and hackers, the following measures will be taken. Ports Common ports that are related to gaming and personal internet services will be shut down to prevent unauthorized access to the internet. Since our policy will be limited access, with a business need justification for access through a port, most of these ports will already be blocked. POP 3 mail – Port 110 Gaming (Ultima, Quake II & III, Fighter Ace II) – 5001-5010, 7775-7777, 27910-27960, 50000 – 51000 Anti-Virus Norton Anti-Virus Corporate Edition will be part of the standard build for all PC’s (desktops, laptops, etc), and Servers. Live Update will be employed to insure that timely definition updates take place.
During login, a check will be made to verify that the definition files are up to date, if they are not, the user will be notified that definitions are out of date and a file (flag. def) will be placed on the user’s hard drive. During the next login, if this file exists, and the definitions still do not meet the guidelines of ‘current definitions’, the user will be denied login, and the workstation name and IP address will be written to a log file that will be reviewed by administrators. Web-site access Filters on the firewall will be set to filter for content related to adult themes, gambling, terrorism, theft, and profanity. In addition to the firewall filters, an authenticated proxy server will be used to monitor all internet access.
Users will be required to enter their domain user ID and password before they can gain access to the internet. Users who attempt to access sites related to restricted sites or topics will be redirected to an internal ‘security violation’ page, and the access attempt (user ID and site that was attempted to access) will be statistically logged to the IIA. LOG (inappropriate internet access log) that will be reviewed by administrators and forwarded to department managers as necessary. SPAM Blocking In order to prevent unwanted SPAM from entering the environment, we will include a SPAM filter / firewall in the infrastructure. This filter / firewall will be implemented in the LA data center along with the network firewall.
Messages identified as spam will be re-directed to a spam folder, replies will be sent to the e-mail sender that the incoming e-mail was identified as spam, along with contact information if they believe the message was detected as spam in error. Wikipedia. (2005, a).
Firewall (networking).
Retrieved August 13, 2005, from: http: //en. wikipedia.
org / wiki /Firewall %28 networking%29.