INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Published byModified over 6 years ago
Presentation on theme: "INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila."— Presentation transcript:
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila
Definition Intranet is a private network inside a company or organization, that is not accessible to the public. Companies use Intranets to manage projects, provide employee information, distribute and share data and information.
Objectives Protecting the Intranet from within the organization. Protecting the Intranet from the outside world (Internet).
Protection from within Physical security –Secure room –No unauthorized access
Domain Controller Concept –MS, Linux Grants access to resources Protected by –Domain Security Policy( Administrator only) –All Devices (USB, Parallel port) Disabled
Web Server Holds the organizations web site Protected by –Protected by folder rights (Web master only)
File Server Work Related files are stored on this server Access from outside is achieved through VPN (Virtual Private Network) Three levels of protection –Personal access –Group access –Public access
Mail Server Holds users email in encrypted form Users have access only to their folders Protected by the mail filter in the DMZ –Filters Spam –Filters Viruses and worms –Prevents attempts to and from unwanted sites
Data Base Server Holds database software and Database files Every database has several levels of security access. Administrator access rights- Can install database software and maintain the database server. Programmer access rights- Limited to their programming needs. Data entry access rights- read and write access to the database tables. User access rights- read only access
Monitoring server Gives detailed report –User activity at the workstations –Administrative activity at the server –Does some intelligent updates antivirus software and security patches on all the servers and workstations.
Workstations Secure Password No Administrative privileges Disable file and printer sharing. Instead connect to printer and file server Disable unnecessary services.
Protection against the outside Firewall DMZ (Demilitarized zone) NAT Connection (Network Address Translation)