Network Security Management at Jesus College, Oxford John Ireland, IT Manager <firstname.lastname@example.org> Fitting Into Oxford Conference Council Committees Colleges Academic Administrative Divisions Departments Network Topology Physics MIS OUCS Jesus Coll. What Do We See? Avoiding and Detecting Trouble • Education of users – Induction talks for all new starts – Reminders by weekly email – Clear statement of usage policy (AUP) – Clear investigatory procedure, including penalties that may be imposed • Technology – Registration for network access: web scripts + dhcp – Firewalls (policy?): Linux iptables – Anti-virus software + updates Sophos CID – Windows Update links on web site – Traffic monitoring / network scanning iptables, NetBrute – Secure, well designed systems Switches, Linux, iptables,… – Physical network segmentation Approach for Internal Abuse • Penalties should mean that it is on the student’s record • Discussion is better than penalisation in terms of actually preventing further abuse: seeing a human being (even if it’s the network manager) reminds them that this is not a ‘pay-per view’ service • Get them on our side – one night of drunken stupidity doesn’t deserve revenge (or counter-revenge) • Recruit them as security evangelists: tell others A Final Thought What would you do if you track down an abuse and find that the miscreant is…. YOUR BOSS!
Pages to are hidden for
"Network Security Management"Please download to view full document