Figure 1 Part 2 SSCP Domain Research Paper on securing intranet and extranet Vulnerabilities of the network Securing organization’s data from external threats has been one of the major goals of network security since the inception of the TCP/IP protocol that generated the internet. TCP/IP is an open protocol designed to meet the needs of packet transfer in the network5. About fifteen years ago, intranet and extranet have developed in order to branch off the normal internet connection and allow companies perform remote connections by using intranet as well as connections with partners through extranet.
Extranet and intranet have brought additional challenges which are also evident in Richman investments. The following key security issues ought to be addressed by the firm in order to ensure its data integrity and privacy. Authentication – ensuring entities communicating by means of sending messages and receiving messages are who they claim to be. Privacy- allowing the right recipients to read the contents of the encrypted message. Content Integrity- Ensuring that the messages have not been tempered by a third party since they were sent6. Non-Repudiation- setting up an infrastructure for determining the source of the message in order to avoid denial by the sender. Ease of use- Ensuring that the system set in place for the purposes of security can be consistent and completely implemented for all applications without causing unnecessary restrictions for the organization and its employees7.
Network structure For a system administrator to be in a good position to recommended better security strategies for a network, the administrator ought to fully comprehend the network infrastructure. The following aspects of the network structure control will thus be considered in order to fully deploy security measures. i.
Network complexity and size ii. The locations of sensitive data and other resources such as file servers, application serves and hosts on the network. iii. The connection type with other networks, both extranet and intranet. iv. The magnitude and nature of network traffic8. Some of the areas that may be considered for restricting include, logging in platform, resetting of the TCP connections, how to drop offending packets and also reconfiguring the ACLs on organizations routes in order to keep attackers at bay. Transmission methods and techniques and formats In order to meet the above mentioned five goals of ensuring the security of the intranet and extranet, a Public Key Infrastructure (PKI) is a technology recommended for Richman investments because it enables organizations to use open networks such as TCP/IP extranet and intranet securely.
Amini, Rob , Peiris Chris and Khnaser, Elias. How to Cheat at Designing Security for a Windows Server 2003 Network. London: Syngress, 2006.PP 190-196.
Bixler, Dave , Chambers, Larry and Phillips Joseph. MCSE Windows 2000 network infrastructure: exam 70-216, training guide. London: Que Publishing, 2002.PP.444-449.
Gibson, Darril. Managing Risk in Information Systems. New York: Jones & Bartlett Publishers, 2010.PP. 181-190.
Harwood, Mike, Goncalves Marcus and Pemble Matthew. Security Strategies in Web Applications and Social Networking. Michigan: Jones & Bartlett Publishers, 2010. PP. 128-131.
Johnson, Robert and Merkow, Mark. Security Policies and Implementation Issues. London: Jones & Bartlett Publishers, 2010. PP. 67-74.
Stewart , Michael. Network Security, Firewalls, and VPNs. New York: Jones & Bartlett, Publishers, 2010.PP.151-157.
Umar, Amjad. Information Security and Auditing in the Digital Age: A Practical and Managerial Perspecive. New York: nge solutions, inc, 2003. PP. 8-30.
Weiss, Martin and Solomon,Michael. Auditing It Infrastructures for Compliance. New York: Jones & Bartlett Publishers. PP. 154-161.