Network Security Management by sdfwerte


									Network Security Management
       at Jesus College, Oxford

         John Ireland, IT Manager
             Fitting Into Oxford

Conference                    Council



                 Academic                 Administrative
                 Divisions                Departments
          Network Topology

Physics                      MIS


              Jesus Coll.
What Do We See?
        Avoiding and Detecting Trouble
• Education of users
    –   Induction talks for all new starts
    –   Reminders by weekly email
    –   Clear statement of usage policy (AUP)
    –   Clear investigatory procedure, including penalties that may be imposed
• Technology
    –   Registration for network access:       web scripts + dhcp
    –   Firewalls (policy?):                   Linux iptables
    –   Anti-virus software + updates Sophos CID
    –   Windows Update                         links on web site
    –   Traffic monitoring / network scanning iptables, NetBrute
    –   Secure, well designed systems          Switches, Linux, iptables,…
    –   Physical network segmentation
       Approach for Internal Abuse
• Penalties should mean that it is on the student’s record
• Discussion is better than penalisation in terms of actually
  preventing further abuse: seeing a human being (even if
  it’s the network manager) reminds them that this is not a
  ‘pay-per view’ service
• Get them on our side – one night of drunken stupidity
  doesn’t deserve revenge (or counter-revenge)
• Recruit them as security evangelists: tell others
         A Final Thought

What would you do if you track down an abuse
      and find that the miscreant is….

               YOUR BOSS!

To top