Richman Investments requires the enforcement of strict ingress-egress filtering

Question

Richman Investments requires the enforcement of strict ingress-egress filtering policies for network traffic. Certain traffic is expressly forbidden:

No peer-to-peer file sharing or externally reachable file transfer protocol (FTP) servers

No downloading executables from known software sites

No unauthorized redistribution of licensed or copyrighted material

No exporting internal software or technical material in violation of export control laws

No introduction of malicious programs into networks or onto systems

No accessing unauthorized internal resources or information from external sources

No port scanning or data interception on the network

No denying service or circumventing authentication to legitimate users

No using programs, scripts, or commands to interfere with other network users

No sending unsolicited email messages or junk mail to company recipients

No accessing adult content from company resources

No remote connections from systems failing to meet minimum security requirements

Building on the Internet and email use policy you created for Richman in a previous assignment, define a LAN-to-WAN, Internet, and web surfing AUP that restricts usage of the company’s Internet connection and permits the company to monitor usage of the corporate Internet connection. Carefully evaluate the implications of the policy and how implementations might impact the IT infrastructure, both positively and negatively. Weigh the benefits and the disadvantages of each method. Consider whether or not a proposed solution causes an interruption to legitimate users and how it might enhance security at the expense of preventing a perfectly legitimate activity.

Explanation / Answer

Purpose

The gravity of the issue of Internet security and its breaches have prompt the researcher to investigate on the various internet security problems that users are facing today. These may range from business explicit to personal in nature. The purpose of this research is to identify the different types of Internet security problems faced by consumers, businesses, government and individuals. At the end of the research, the researcher aims to resolve these problems by recommending solutions and by devising better measures for safer Internet environment.

Scope

Readers will find this research valuable for understanding the different approaches attackers to undermine Internet security. Since the nature of the problem is technical in nature lay persons may not fully appreciate the problems and resolution outlined in this research. Instead professionals in the field of Computer Science as well as students and other researchers will find the information more relevant. The research is also generic in the sense that it outlines different problems and solutions so future researchers can use it as a platform for their own projects which may perhaps be more specific in nature. Due to limitations of this dissertation, the researcher has focussed only on major problems while there may be other prevalent problems pertaining to Internet security which may be investigated by future researchers.

Related Questions

Navigate

• Browse (All)
• Browse R
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.