Network Security Management by sdfwerte

VIEWS: 17 PAGES: 7

									Network Security Management
       at Jesus College, Oxford



         John Ireland, IT Manager
    <john.ireland@jesus.ox.ac.uk>
             Fitting Into Oxford

Conference                    Council




                             Committees


 Colleges


                 Academic                 Administrative
                 Divisions                Departments
          Network Topology


Physics                      MIS


                OUCS




              Jesus Coll.
What Do We See?
        Avoiding and Detecting Trouble
• Education of users
    –   Induction talks for all new starts
    –   Reminders by weekly email
    –   Clear statement of usage policy (AUP)
    –   Clear investigatory procedure, including penalties that may be imposed
• Technology
    –   Registration for network access:       web scripts + dhcp
    –   Firewalls (policy?):                   Linux iptables
    –   Anti-virus software + updates Sophos CID
    –   Windows Update                         links on web site
    –   Traffic monitoring / network scanning iptables, NetBrute
    –   Secure, well designed systems          Switches, Linux, iptables,…
    –   Physical network segmentation
       Approach for Internal Abuse
• Penalties should mean that it is on the student’s record
• Discussion is better than penalisation in terms of actually
  preventing further abuse: seeing a human being (even if
  it’s the network manager) reminds them that this is not a
  ‘pay-per view’ service
• Get them on our side – one night of drunken stupidity
  doesn’t deserve revenge (or counter-revenge)
• Recruit them as security evangelists: tell others
         A Final Thought



What would you do if you track down an abuse
      and find that the miscreant is….

               YOUR BOSS!

								
To top