The process of building a safe network infrastructure begins with planning. You should make a list of risks that are related to it as well as solutions that can be used for solving any problems. The safety policy is based on the planned process. The design of the future network is also developed at this stage. A safe network in not the end goal, it’s a nonstop process. If you stop is, you will lose everything.
The whole safety system depends on the policy. Everything should be indicated on paper and signed by the people that are responsible for this. You should update that paper from time to time, click for more info about security and safety of your internal network.
Safe and secure office network
A great problem that you can face when working on safety issues in your organization is using simple passwords, unprotected protocols, and technologies. To guarantee the complete safety, you should provide it at all the levels. It’s better to use guided switchboards at the level of access for ARP, DHCP, and STP. You can authorize users by 802.1x technology. Try to connect employees in different VLANs depending on their functional duties and to set the rules of cooperation and access to the different resources at the distribution level.
When connecting to the network of WAN and Internet, it’s important to have the opportunity to scan traffic at the level of additions, check up the presence of threats using of IPS of the systems. A frontier equipment should be protected from DoS and DDoS attacks. It is extremely recommended to use proxy servers for additional checking for viruses, undesirable, harmful and spy software.
It’s also possible to organize a web and content filtration. Also, it’s highly recommended to use verification of mail for avoiding spam and viruses. For remote access, use the technology of VPN with enciphering of the passed data.
Which protocols to use?
For the management of all network equipment, the protected SSH protocols should be used as well as HTTPS, SNMPv3. For the possibility of analysis of logs, the time on devices must be synchronized. For analyzing what kind of traffic is transferred inside a network, what equipment is used and what changes are made with it, we advise using Syslog, RMON, Sflow and NetFlow protocols. It is very important to register, who made any changes in the configuration of any device.
If there are less than 25 workers in your office, we advise you to use UTM solutions containing antivirus, antispam, VPN, IPS, content filters and protection from DoS and DDoS attacks. Modular networking will be an optimal variant for middle or big companies. It includes using a local network with strict levels of access depending on the job responsibilities of the employees.