Network 1. Purpose. 3 2. Scope. 3 3. Policy.

 

 

Network
configuration policy

 

 

 

 

 

 

Standart:

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

ISO/IEC 27002

Authors:

L. Jonikas, R. Garnys, A. Kazlauskas, R. Lazauskas

Organisation:

The Best
Education Inc.

Version:

1.0

Date:

 22.01.2018

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Contents
 
1. Purpose. 3
2. Scope. 3
3. Policy. 3
4. Responsibilities. 5
5. Policy Compliance. 5
5.1 Actions to ensure policy compliance. 5
5.2 Exceptions to policy. 5
5.3 Results of not following this network policy. 5
6. Definitions. 6
7. References. 6
 

 

 

 

 

 

 

 

 

 

 

 

 

1.
Purpose  

 

Protect stored data and
IT systems on “The best education incorporated” network by ensuring
safe and fast functionality of network devices with secure configurations.

 

2.
Scope

 

This policy applies to
all “The best education incorporated” information systems and all
network devices: Desktops, routers, servers, switches, etc.

 

3.
Policy

 

All
information systems that sends, receives or stores “The best education
incorporated” data must be configured by standard set by network
configuration policy. Software based entities, like web servers or databases
should have their own standard configuration managed by people responsible for
software management.

 

All computer network
devices should follow these directions:

1. All passwords that are
used to configure routers should be encrypted.

 

2.  Guidelines that, should be applied to routers/switches:

·       
Use access lists to filter internet
traffic.

·       
Block broadcast traffic.

·       
Most important routers should be placed at
secure locations.

·       
Internet ports that are not used should be
disabled.

 

3. The following services
must be configured and running:

·       
VLAN

·       
SSH

·       
VPN

 

4. Most network devices
should receive constant updates to ensure that there is no software based security
weaknesses.

 

5. When users login to
router they should be greeted with by following statement:

                                 

“ONLY
PEOPLE WITH SPECIAL PERMISSIONS MAY ACCESS OR CONFIGURE THIS NETWORK DEVICE. Activity
on this network device will be recorded therefore, you may receive disciplinary
actions or face charges if you illegally use or configure this device.”

 

6. All network devices should
use static routing.

 

4.
Responsibilities

 

 Computer network
administrator is responsible for insuring that all network devices are
following this policy. It is required to test security of all network devices
every year, to guarantee that computer network is secure.

 

5.
Policy Compliance

 

 5.1 Actions to ensure
policy compliance

 

“The
best education incorporated”  network administrators will make sure that
standards of this policy are being followed by monitoring network devices and
employees.

 

5.2 Exceptions to policy

 

Some
standards of this policy may be avoided but only with “the best education incorporated”
network administrator permission.

5.3 Results of not following this network
policy

 

The
employee that is not following this network policy may receive disciplinary
action against him or even lose his job.

 

 

 

6.
Definitions

 

Information system –
A combination of hardware, software, infrastructure and trained personnel
organized to facilitate planning, control, coordination, and decision making in
an organization. 2

 

Disciplinary action
– punishment of some kind meted out to a member of a profession or organization
who has committed a breach of a code of conduct etc.

1

Network Administrator – A
network administrator is an IT expert who manages an organization’s network. 3

 

Router
– In packet-switched networks such as the internet, a router is a device or, in
some cases, software on a computer, that determines the best way for a packet
to be forwarded to its destination. 4

 

7.
References

 

1. Definition for
disciplinary action. Available from:
.

 8 January 2018.

2. Definition for
information system. Available from:

.

9 January 2018.

3. Definition for network
administrator. Available from:

.

 9 January 2018.

4. Definition for router.
Available from:

.

 10 January 2018.

5. ISO/IEC 27002
standard. Available from:

.

 11 January 2018.

6. Reference for network
policy. Available from:

.

 12 January 2018.

7. Reference for network
policy. Available from:

.

 13 January 2018.

8. Reference for network
policy structure. Available from:

https://www.sans.org/security-resources/policies/network-security/pdf/router-and-switch-security-policy>.

 14 January 2018.

 

 

 

 

 

 

 

 

 

 

 

 

 

                                  

x

Hi!
I'm Kara!

Would you like to get a custom essay? How about receiving a customized one?

Check it out