IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

Below is a methodical approach for the development of a comprehensive<br />

security strategy for a Peer-to-Peer network. As a Peer-to-Peer network can be<br />

used in various configurations, however, individual decisions regarding the<br />

necessary steps have to be taken for each situation.<br />

Defining a Security Strategy for a Peer-to-Peer Network<br />

<strong>The</strong> security strategy shows how a Peer-to-Peer network can be securely<br />

established, administered and operated. <strong>The</strong> individual development steps of<br />

such a strategy are presented below:<br />

1. Definition of the Peer-to-Peer network structure<br />

A Peer-to-Peer network structure is defined by determining the following:<br />

- which computers are to act as file servers (these may share directories)<br />

- which computers are to act as print servers (these may share printers)<br />

- which computers are to act as application servers for certain <strong>IT</strong><br />

applications, e.g. mail, schedule+, fax (these should continually be<br />

available)<br />

- which computers are merely clients (these can only be connected to other<br />

computers)<br />

. On the one hand, it should be ensured that the capacity of the servers fulfil<br />

the requirements concerning speed and memory. On the other hand, the<br />

number of servers should be limited to the amount actually needed.<br />

Furthermore, no application should be allocated to servers which constantly<br />

involve transmitting large amounts of data through the network, as this can<br />

lead to the network overloading.<br />

2. Regulation of responsibilities<br />

A Peer-to-Peer network should be securely operated by trained<br />

administrators and their substitutes. Only these persons may change security<br />

parameters in the Peer-to-Peer network. <strong>The</strong>y are, for example, responsible for<br />

providing the relevant persons-in-charge with administration authorisations<br />

and tools on application or file servers so that these persons can share the<br />

directories and applications needed by others.<br />

Peer-to-Peer administrators must be explicitly named in a server-supported PC<br />

network containing additional authorised Peer-to-Peer functions. <strong>The</strong>y may,<br />

however be identical to the network administrators.<br />

<strong>The</strong> responsibilities of the various users in a Peer-to-Peer network are<br />

described under step 7.<br />

3. Restriction of sharing possibilities<br />

Windows for Workgroups<br />

Using the administration tool ADMINCFG.EXE for WfW, the following can<br />

be granted or denied:<br />

- the sharing of directories<br />

- the sharing of printers<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!