Download LAN-to-WAN Domain

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
Document related concepts

Investment management wikipedia , lookup

Transcript 
Chapter 7. Identifying Assets and
Activities to Be Protected
Seven domains of a typical IT infrastructure are:
 User Domain
 Workstation Domain
 LAN Domain
 LAN-to-WAN Domain
 WAN Domain
 Remote Access Domain
 System/Application Domain

With your partner discuss Seven Domains of a
Typical IT Infrastructure
For each of the seven domains, consider the assets you
have and ask yourself some basic questions:

Are the assets valuable to the organization?

Are they included in any type of inventory or asset
management system?
There is a difference between inventory
management and asset management.
 Inventory management
 This is used to manage hardware
inventories.
 It includes only the basic data, such as
model and serial numbers.
 It shows :
1.
what assets are on hand,
2.
where they're located,
3.
and who owns them.
 Inventory management is valuable to
ensure that the inventory isn't easily lost
or stolen.
Asset management
 This is used to manage all types
of assets.
 It includes much more detailed
data than an inventory
management system includes.
For example, asset management
would cover installed
components, hardware
peripherals, installed software,
update versions, and more.
The User Domain includes people
or employees.
 An HR department maintains
records on employees.
 These can be manual records,
such as folders held in filing
cabinets, or files held on servers.
Data on users includes:
 Personal and contact data
 Employee reviews
 Salary and bonus data
 Health care choices



A significant concern with
asset management in the
User Domain is
confidentiality.
Data must be protected
against unauthorized
disclosure
The Workstation Domain includes the PCs used by employees.
 It could include typical desktop PCs.
 It could also include mobile computers or laptops.
Assets in the Workstation Domain have two risks to address:
 Theft
 An organization has a significant investment in these systems.
 It can't afford to allow them to disappear.
 Inventory management systems include processes where each
item is manually located on a periodic basis.
 This verifies the system is still in the organization's control.
 Updates
 As updates, fixes, and patches are released, they need to be
applied to the systems.
 If the systems are not updated, they become vulnerable to new
exploits. Use automated asset management systems to keep
systems up to date. An automated system will often perform three
steps:
 1) inspect systems for current updates,
 2) apply updates, and
 3) verify the updates.



The LAN Domain includes all
the elements used to connect
systems and servers together.
The local area network (LAN)
is internal to the organization.
The primary hardware
components are hubs, switches,
and routers.



It's important to have a basic
inventory of these devices.
This includes the basics such as
model, serial number, and
location.
Although any network device
includes firmware, the more
functional network devices such
as routers and switches have a
built-in operating system (OS).
The version of the OS
determines its capabilities, so
it's often useful to include the
version in the inventory.





The LAN-to-WAN Domain is the
area where your internal LAN
connects to the wide area network
(WAN).
In this context, the WAN is often
the Internet.
The primary devices you're
concerned with here are the
firewalls.
You can have a single firewall
separating the LAN from the WAN.
You can also have multiple
firewalls to create a demilitarized
zone (DMZ) or a buffer area.
You'll want to include the following information in an asset
management system:
 Hardware information
 This includes basics, such as the model and serial number.
 If the model supports different add-ins, such as additional
memory, or additional network interface cards, you'll want to
include these.
 Configuration data
 A significant amount of time goes into creating a firewall policy.
You then create firewall rules and exceptions to implement the
policy.
 At the very least, all these rules and exceptions need to be
documented.
 Whenever possible, you should create scripts to automate the
process.
 You should then back up these scripts.


The WAN Domain
includes any servers
that have direct
access to the
Internet.
This includes any
server that has a
public Internet
Protocol (IP) address
Inventory and asset management information for WANbased servers include:
 Hardware information
 This information includes basics, such as the model and
serial number.
 Documentation is similar to how you'd document
servers in the LAN-to-WAN Domain.
 Update information
 Servers in the WAN need to be kept up to date.
 This is an important step to ensure the server stays
secure.





Remote access technologies give
users access to an internal network
via an external location.
This can be done via direct dial-up
or virtual private network (VPN).
When dial-up is used, clients and
servers have modems and access
to phone lines.
When a VPN is used, the VPN
server has a public IP address
available on the Internet.
Clients access the Internet, and
then use tunnelling protocols to
access the VPN server.

Inventory and asset management information
needed for servers in the Remote Access
Domain are similar to those in the WAN
Domain








The System/Application Domain includes servers used to
host server applications. Some examples of different types of
application servers include:
E-mail servers—This can be a single e-mail server.
It can also be a larger e-mail solution, including both frontend and back-end server configurations.
Database servers—This can be an Oracle or Microsoft SQL
server.
It can be a single server or a group of servers.
Web servers
Web servers host Web sites and serve them to Web clients.
A single Web server can host a single Web site or hundreds
of Web sites.



Inventory and asset management systems should
include the following information on any servers in the
System/Application Domain:
Hardware information—This includes basics such as
the model and serial number, just as you'd inventory a
workstation. It should also include an inventory of the
hardware components.
Update information—Servers need to be kept up to
date. This is especially true if any of these servers are
public-facing servers, such as Web servers and some email servers.
Related documents
Resume (Word) - Zach Campbell
Resume (Word) - Zach Campbell
Presentation: Many kinds of clients and servers
Presentation: Many kinds of clients and servers
Slide 1
Slide 1
Components of an operating system
Components of an operating system
A network operating system (NOS) is a computer
A network operating system (NOS) is a computer
Computer Vision I: Introduction
Computer Vision I: Introduction
Networking Fundamentals
Networking Fundamentals
pptx - Cornell Computer Science
pptx - Cornell Computer Science
E-Commerce and Bank Security
E-Commerce and Bank Security
server
server
Biological Agent Inventory Short Form
Biological Agent Inventory Short Form
Client/Server Computing
Client/Server Computing