Secured Enterprise Network With Microsoft Information Technology Essay

The undertaking is entitled Study and Implementation Of A Secured Enterprise Network With Microsoft Windows Server 2008 Enterprise. In this stage 1 have 3 aims and Author have done the survey and comparison and the needed to better writer personal cognition to go on my development stage. Author know which security tool, Operating System, Firewall and others is need to done writer development a high secure web for endeavor that utilizing package and cost effectual. In this stages author have get information that interview a web professional at big organisation. Writers have survey tools characteristics and how to be after a scheme, pros and con of hardware and package base firewall. Author still non yet pull the web diagram that can supply high secure web architecture for endeavor. Writers still non yet get down to implement portion on existent web, the study of proving still non yet done. Writer will seek his best to come out a existent web and the best secure web.

Table OF Contentss:

Chapter 1: Report On Background Study

Definition An Enterprise Security Strategy

1.1.1 Security Policy Document

1.1.2 Transaction Security

1.2 Study How To Implement A Network Management Strategy

1.2.1 Performance Management

1.2.2 Security Management

1.2.3 Configuration Management

1.2.4 Change Management

1.2.5 Monitored Devices and Events

1.3 Surveies About Network Administrator

1.3.1 First Task Define Correct User Rights For The Correct Task

1.3.2 Second Task Download Files From Trusted Sites Merely

1.3.3 Third Task Undertake An Audit Of Network Shares

1.3.4 Fourth Task Control Network Connections

1.3.5 Fifth Task Change The Default IP Range For Your Network

1.3.6 Sixth Task Audit The Open Ports On Enterprise Network Regularly

And Block Unused Ports

1.3.7 Seventh Task Placing Business Critical System On Different

Network

1.4 The Architecture Enterprise

1.4.1 The Uses Benefits Of Enterprise Architecture

1.4.2 Enterprise Architecture Offers What Benefits

Chapter 2: A Comparison Report

Reappraisal On Having A Multi Layer Of Protection At Enterprise Network

Compare Hardware VS. Software Firewalls

Chapter 3: Report About The Probe

3.1 Definition of web security tools

3.1.1Defensive 1: Blocking Attack on Network Based

Invasion Prevention ( IPS ) & A ; Detection ( IDS )

Wireless Intrusion Prevention ( WIPS )

Network Behavior Analysis and DDOS Monitoring

Firewalls, Enterprise Antivirus and unified Threat Management

Secure Web Gateway

Secure Messaging Gateways and Anti-Spam Tools

Managed Security Service

Defensive 2: Barricading Attacks on Host Based

Endpoint Security

Network Access Control ( NAC )

System Integrity Checking Tools

Defensive 3: Eliminating Security Vulnerabilities

Network Discovery Tools

Vulnerability Management

Penetration Testing And Ethical Hacking

Defensive 4: Tools to Manage Security and Maximize Effectiveness

Forensic Tools

3.2.1 Which tools is suited for implement for organisation

3.2.1.1Firewall

3.2.1.1.1 ISA Server Firewall 2006 Enterprise Edition

3.2.1.2 Access Control

3.2.1.2.1 CyBlock ISA

3.2.1.3 Virus sensing and protection

3.2.1.3.1 Kaspersky Enterprise Space Security

3.2.1.4 Bandwidth Control

3.2.1.4.1 Bandwidth Splitter

3.2.1.5 Web Monitoring

3.2.1.5.1 GFI WebMonitor

3.2.1.6 Intruder Detection and Prevention System

3.2.1.3.1 SNORT

Findingss:

To get down with, the writer managed to manage a certification that provide a guideline on “ Security For Enterprise Network utilizing package “ . It is simple tool that can run on Windowss platform and cover all the different location of endeavor web. Somehow it is non suited for writer that in sheepskin degree to done a hardware base attention deficit disorder with package based to setup a existent big web. Writer is try to make more research and read more article to better the web security cognition and larn what people done before for endeavor web and what they have make error. Writers try his best to give a different and high degree of security. The chief writer demand is acquire a few computing machine and add some NIC to the waiter, put in the application package firewall ISA Server Firewall 2006 Enterprise Edition and put in Microsoft Windows Server 2008 Enterprise Edition. Author attempt to merely utilize Microsoft platform application to setup a secure web for endeavor. Writer had gathered illustration and manner of configure to do a research that can calculate out the undertaking rubric ” Study and Implementation Of A Secured Enterprise Network With Microsoft Windows Server 2008 Enterprise ” .

Next the writer found that if need to finish the writer undertaking undertaking, writer demand to get the hanging into Firewall constellation, Configure Windows Server 2008 endeavor, configure Cisco router and others. Writer have some basic cognition to configure Windowss server 2008, Cisco router and firewall. Now all the latest add-on and writer will utilize sometimes to seek himself or acquire aid from E-book, Second Supervisor, lector. To better writer web security, waiter direction accomplishment.

Last, the writer found out visit “ www.sans.org “ is really utile for writer to cognize latest security job and how the manner to work out. Author besides get aid for done the survey at a article web site reference ” hypertext transfer protocol: //www.articlesbase.com ” This website have a batch professional they scare their sentiment and thought about what they seen at their endeavor.

Chapter 1: Report On Background Study

1.1 Definition An Enterprise Security Strategy

Overview

These are the 5 chief security groups that all endeavor should hold security theoretical account. These consist of security policy, web, margin, dealing and monitoring security. All the portion is existent organisation security scheme. Enterprise web has a margin that stand for all device and circuit that have communicating to public and private web. The internal web is dwelling of all the waiters, informations, application, and devices used for enterprise process. The demilitarized zone ( DMZ ) stand for a location between the internal web and margin consist of firewalls and public waiters. It that permit some entree for external users to that web waiter ( web waiter, FTP waiter and other ) and deny traffic can acquire to internal waiters. This non means that external user cant entree to internal webs. On the antonym, a existent security scheme specifies the some users who can merely entree which web site and from where they can entree to internal web. Define with internet security tools can protect endeavor waiters and organisation information. Acknowledge dealing protocols need to procure informations ( information ) as it flow across secure and non-secure web subdivisions. Monitoring activities is need to be define to testing packages in existent clip as a protection and pro-active scheme for defence against external and internal onslaughts. A recent investigate brand known that internal onslaughts from dissatisfied employees and advisor are more popular than hacker onslaughts. Antivirus need be place on all the computing machine at endeavor.

1.1.1Security Policy Document

The security policy papers describes several policies for employees that accessing and utilize endeavor web. Security Policy is can specific an employee can hold the permission to make something in endeavor web and which resources. The policy consist of non-employees as good like advisers, concern spouses, clients and terminated employees. Security policies are specify for Internet electronic mail and virus sensing.

1.1.2 Transaction SecurityA

Transaction security attempts to procure different section in endeavor with five primary activities. They are non-repudiation, unity, hallmark, virus sensing and confidentiality. Transaction security warrant that session informations is have unafraid degree before continue the transported across the organisation or Internet. This is really of import when have understanding with the Internet since information ( information ) is vulnerable, that valuable information without permission. As good virus sensing provides dealing security by supervising informations files for behaviour of virus infection before it is transported to enterprise ‘s internal users or before enterprise staffs are sent across the Internet.

1.2 Study How To Implement A Network Management Strategy

Overview

This study is to specify a web direction scheme for manage the endeavor web. It is necessary to specify how the hardware is need to be monitored and find if the bing direction scheme is satisfactory or if latest applications, hardware, protocol and procedures must be known. Management unit are so joint with substructure and security. These maestro elements organize a chiseled direction scheme and should utilize this advised when developing endeavor web scheme. Network direction scheme can be Network Management Groups, SNMP Application, Monitoring Devices and Events.

ALSO READ  A Problem Answer to a Law of Evidence Question

Network Management Groups different phase, 6 phases is Performance Management, Device Management, Security Management, Change Management, Configuration Management, and Implementation Management.

1.2.1 Performance Management

Show what employees have been done utilizing easy manner. Performance direction involves chance of people to done their work with show complement of their work to the best of their endowment ; their work is run intoing the criterion mark. Performance can be matched by a reticulated model between director and employee. Human resource direction, criterions and public presentation indexs are cardinal countries of the model. For successful public presentation direction, a civilization of sum and personal duty for keep betterment to set up the procedure. Personal accomplishment and subscription demand to be confident and encourage. ( BNET Business Dictionary, 2010 )

1.2.2 Security Management

This is stand foring the direction of device and server security that is confident with the policies of the endeavor. Normal devices are firewalls, routers, switches, TACACS waiters and RADIUS waiters. Security includes watchword assignment, alteration policy, dial security and Internet security. ( Shaun Hummel, 2009 )

1.2.3 Configuration Management

This is to state the procedure of configuring, and documenting devices and waiters on the endeavor web. New equipment, modifying current equipment and keeping TFTP waiters should be established. TFTP waiter should hive away the book. Configuration need to be mentions. Supply a shop topographic point with a separate booklet for save each equipment type and subdirectories for theoretical account types. ( Shaun Hummel, 2009 )

1.2.4 Change Management

This describes a procedure for leting and complement device constellation alterations and it is necessary for web handiness. If staffs do alterations for any constellation when pick hr on endeavor. Then it will class job and it will affected sections. If need do any alterations besides need to inform web operation centre. It is better to inform to application developers to allow them cognize the web alterations. Change direction procedure demand to hold this few constituents, that is cogent evidence of construct and quality confidence testing, All section should hold a timeline for alterations approved, blessing procedure, pro-active monitoring of unauthorised alterations. ( Shaun Hummel, 2009 )

1.2.5 Monitored Devices and Events

To hold a concluding study for every proceedingss that what the hardware make and how long the traffic to direct informations and the device ‘s CPU use per centum. The hardware will be routers and switches. ( Shaun Hummel, 2009 )

1.3 Study about Network Administrator

1.3.1 First undertaking Define correct user rights for the correct undertaking

Damaging could be done by person that have decision maker rights and did non follow the right manner. Such as overall degree of web security can be decrease when the by chance doing alterations. Runing malware is the fool attitude, which would follow user ‘s decision maker privileges. Third party can log in and make something that will damaging web if logon item been stolen. ( MFrizzi, 2009 )

To construct a high security web, to guarantee that users that on endeavor have the appropriate precedence degree for the undertaking at manus, and merely allow few administrator helper to cognize the username and watchword. ( MFrizzi, 2009 )

1.3.2 Second undertaking Download Files from Trusted Sites Merely

On cyberspace is excessively many sites provide the free download application and some web sites are non place at equal location. For certain some web site will more secure than other. To guarantee that endeavor client are merely download their file from official web site or trusted web site, which are from the chief beginning instead than download at file-sharing or generic web site. Merely certain user that have download permission merely can download the files. Need to do certain that this selected few user that have adequate instruction to cognize how to download files safely. ( MFrizzi, 2009 )

1.3.3 Third Task Undertake an audit of web portions

On a endeavor web, usually besides will hold malware that distributing about. Normally the job happen is because the low degrees of web portion security. Remove the unneeded portion permission and procure the others and to minimise the network-aware malware from distributing. ( MFrizzi, 2009 )

1.3.4Fourth Task Control Network Connections

Supply a Active directory services to do certain that certain section have different security scene and have different permission. When staff bring their personal notebook to enterprise they need to reconfigure the security scene and other configure merely can link to the endeavor web. If staff did non follow their computing machine will be listed to the hazard platform. ( MFrizzi, 2009 )

1.3.5 Fifth Task Change the Default IP scope for your web

The default IP scope that start from 10.1.x.x or 192.168.x.x. This IP scope will hold a job that user can misconnect to outside of control. Changing the default IP scope, the computing machine is less easy to happen a similar scope. Firewall regulations can be added to let or deny the connexion from certain IP scope. ( MFrizzi, 2009 )

1.3.6 Sixth Task Audit the Open Ports On Enterprise Network Regularly And Block Unused Ports.

Ports are like the door in house. If the back door house is unfastened ever and without monitoring. The opportunity of Lashkar-e-Taiba uninvited interloper to come in is high. If ports non near the Trojan, malware can easy base on balls through endeavor web on 3rd party. Ensure that fresh port is block and let port are monitored. This merely can construct a healthy endeavor web. ( MFrizzi, 2009 )

1.3.7Seventh Task Placing Business Critical System On Different Network

The daily activity web can be separate it to two different web so when the concern critical system when affected it wo n’t affected to same web that making different concern undertaking. ( MFrizzi, 2009 )

1.4 The Architecture Enterprise

1.4.1The Uses Benefits of Enterprise Architecture

Developing and Enterprise Architecture is foremost need to hold alliance, this is to guarantee the true of the enforced endeavor is parallel with direction ‘s end. Second demand to integration right that the concern regulations are understanding across the organisation, that the informations and it usage are affected to alter and information flow are standard, and the connectivity and interoperability are control across the endeavor.

Third need to hold alteration, this is to easing and pull offing alteration to any surface of the endeavor. Time-to-market is the 4th which tell about cut downing systems development, modernisation timeframes, application coevals, and resource demands. Fifth besides is the last 1 that convergence, It is a IT merchandise portfolio that include in the Technical Reference Model. ( Rob C. Thomas II, 2001 )

1.4.2 Enterprise Architecture offers what benefits

Enterprise Architecture can supply solution for physique a better planning and determination devising from gaining control facts more or less at the mission, maps and concern BASIC in an apprehensible signifier. It can assist enterprise to construct a communicating on concern organisation and IT organisations within the organisation through a standardised cognition. Give a composite of big system and complex environment to hold better communicating with provide architecture. Focus on the strategic usage of freshly formed engineerings to hold more progresss manage the endeavor ‘s informations ( information ) and compatible for attention deficit disorder in those engineerings into an endeavor. Improve consistence, truth, seasonableness, quality, handiness, entree, unity and sharing of IT-managed information across the endeavor. Without addition any class for construct a application, and have chances for physique greater quality and flexibleness application. Expedite combination of bequest, migration, and new systems. The point of an Enterprise Architecture is to inform, steer, and restrain the determinations for the endeavor. The most suited of endeavor for utilizing this architecture is the organisation that have related IT investing. ( Rob C. Thomas II, 2001 )

ALSO READ  Justice Scalia’s dissent in Jaffee v. Redmond

2.0 Chapter 2: A Comparison Report

2.1 Review on holding a multi bed of protection at endeavor web

Fact is, web security as if like a enlargement because that ‘s presents company web have become a conurbation of assorted systems and devices that communicate to each other utilizing different ways like Local Area Network, Wireless, private broad country web, telephone web and cyberspace. ( Jim Mortleman, 2009 )

The lone valid manner to believe about the solution of security in this subdued universe is in footings of ‘layer ‘ of protection.

Security professionals, and surely most concern commission, basically accept it takes double beds of defence to protect against the broad type of onslaughts and menaces. ( Jim Mortleman, 2009 )

A lone merchandise or method is can non continue against every likely menace. A superimposed advanced gives an endeavor double lines of defence that will allow one merchandise to detect slipped past the outer defence. ( Jim Mortleman, 2009 )

Following bed is utilizing firewall, which governs the services authenticated users and plan are allowed to entree. This can based on either the systems like personal computing machine and waiters at the boundary line of the web or on physical web hardware devices such as switches and routers. ( Jim Mortleman, 2009 )

Above the firewall, invasion sensing and bar system so supervise webs for the being or malware or fishy behaviour, guard peculiar types of activity harmonizing to policies and regulations defined by the web decision maker. ( Jim Mortleman, 2009 )

2.2 Compare Hardware vs. Software Firewalls

Firewall on hardware base besides is need to hold a package to run on the hardware firewall merely can hold to usability Firewall on hardware base besides is need to hold a package to run on the hardware firewall merely can hold to usability for secure endeavor web. Hardware and package firewall are used to distinguish between merchandises marketed as an merged contraption that follow with the package preinstalled, normally on an operating system, and firewall plans that can be installed on web runing system such as Windows or UNIX. ( Deb Shinder, 2004 )

Application Specific Integrated Circuit firewalls are by and large have fast performing artists and did non hold storage like difficult disc as a possible is point of failure. Software Firewalls include Microsoft ISA Server, CheckPoint FW-1 and Symantec Enterprise Firewall at the endeavor degree. ISA waiter can back up on Windows 2000/2003/2008, and FW-1 tallies on Windows NT/2000, Solaris, Linux, and AIX, every bit good as associating runing systems. Symantec EF runs on Windows and Solaris. ( Deb Shinder, 2004 )

Hardware firewalls include Cisco PIX, Nokia ( which runs CheckPoint FW-1 on top of their IPSO operating system ) , SonicWall, NetScreen, Watchguard, and Symantec ‘s 5400 series contraptions ( which run their Enterprise Firewall package ) . ( Deb Shinder, 2004 )

Hardware Firewall are do n’t hold to put in the application or concern about the constellation for hardware or struggles. Hardware firewall are run proprietary operating system will hold greater security because the OS is already build in. Disadvantage of hardware is user has been lock into the seller ‘s specification and can non be innovate to user demand. A firewall contraption will hold a limited figure of web interface, and user stuck with that restriction. With package firewall, User can easy to add NICs to the computing machine on the PCI slot to increase the figure of available port. More easy to upgrade standard computing machine on which the package firewall tallies, when computing machine slow, it can easy upgrade or add more high velocity random-access memory. Computer utilizing at endeavor that act like a firewall can back up 2 TB RAM. Even the processor can be upgrade to carry through the demand of package or better public presentation. ( Deb Shinder, 2004 )

Hardware firewall need high cost for a endeavor. An organisation will necessitate to better their web security degree and they need to setup more firewall at different flat and work out their security job and demand to put in at their subdivision office. Conclusion package base will be the better pick for a big organisation that can execute what hardware firewall does. ( Deb Shinder, 2004 )

3.0 Chapter 3: Report About The Probe

3.1 Definition of web security tools

3.1.1 Defensive 1: Blocking Attack on Network Based

3.1.1.1 Intrusion Prevention ( IPS ) & A ; Detection ( IDS )

IPS and IDS work together, in endeavor web demand to make sensing job before can get down barricade it. The key is to utilize in-line engineering so admin can easy travel from sensing job to barricading the behaviour. IDS proctors web traffic expression for the behaviour or features of onslaughts. IPS ability over firewall that keeps path of the province of web connexions is that IPS can acknowledge the “ content ” or informations type of web traffic at a high rate to barricade malicious connexion and let echt traffic to base on balls through.

3.1.1.2 Wireless Intrusion Prevention ( WIPS )

These tools will supply a study and analysis for flexibleness, WIPS help enterprise to supervise traffic flow that on radio web. It will observe incorrect constellation or unauthorised entree points.

3.1.1.3 Network Behavior Analysis and DDOS Monitoring

This tool can cognize the behaviour that might bespeak denial of service onslaught. It will automatic send qui vive for admin.

3.1.1.4 Firewalls, Enterprise Antivirus and unified Threat Management

Traditional firewalls do non whizz inside the packages but assist on information in the package heading like ports, a utile map in firewall with IPS and web security gateways. Firewall besides can command with port, protocol is allow to entree.

3.1.1.5 Secure Web Gateway

Enterprise applications to work together system progressively use HTTP as the obvious protocol. Secure Web Gateway characteristic can allow enterprise to filtrating inward web traffic. To forestall spyware, every bit good as outbound URL blocking and other type of policy to be enforce.

3.1.1.6 Secure Messaging Gateways and Anti-Spam Tools

Spam is the job in an endeavor to do web busy and internet user will experience slow. Secure email gateway is use to barricade inbound Spam every bit good as viruses, worms and other dangers executables and can implement outbound policy to pull off every bit good for electronic mail and instant message.

3.1.1.7 Managed Security Service

Managed Security Service like a constabulary that will watching the firewall, IPS and IDS system, Web security gateway and even the logs from inside system. These MSS provide fast analysis and speedy presentment. To machine-controlled exposures services, inform warning to admin, and assist admin where to move protect against new exposures and feats.

3.1.2 Defensive 2: Barricading Attacks on Host Based

3.1.2.1 Endpoint Security

Endpoint security is the topographic point where employees use. This is the topographic point where easy acquire malicious files and virus, malware, worm, spyware. It needs to implement anti-virus, anti-spyware, personal firewall, host-based IPS that is installed on employees Personal computer ( personal computing machine ) , laptop, PDA, and others.

3.1.2.2 Network Access Control ( NAC )

Enterprise web will utilizing NAC to look into which employee is utilizing their ain notebook to link at workplace and it will verifies after they can utilize cyberspace. If non NAC will denied entree until the constellation of notebook from that employee have been right. The spot degree and unafraid constellations will be determines by NAC. It besides determine if danger package is present on an end point, It will denied.

ALSO READ  The UNIFORM CIVIL CODE

3.1.2.3 System Integrity Checking Tools

These tools can allow admin to supervise their waiter files or informations files on system. This can forestall if any worm, onslaught, danger files type that is on endeavor waiter system. Admin can hold easy to construct protection and rescan where the exposures. Easy to done the recovery.

3.1.3 Defensive 3: Eliminating Security Vulnerabilities

3.1.3.1 Network Discovery Tools

Analyze web traffic to find which host is active. NDT is the 2nd category of tool originating an action watches the web, Manage and separate different host is active. Automatic check new devices that appeared or bing hosts that have conveying vulnerable file or infected package is active.

3.1.3.2 Vulnerability Management

These tools characteristic is help endeavor to supervise the web patterned advance and take the exposures that are found. Vulnerability direction will hold specific manner like scrutinizing, redress, and coverage. This procedure is keep cringle and creates a feedback expression for ongoing web menace direction.

3.1.3.3 Penetration Testing and Ethical Hacking

This tool is usage for endeavor to perforate their system and construct out a study to look into whether the organisation is secure or still necessitate to repair the exposures. This can tool can allow enterprise to be upgrade their system like repairing the job. These tools use multi-stage menace techniques to more similar accomplishments that aggressor will utilize to perforate endeavor system.

3.1.4 Defensive 4: Tools to Manage Security and Maximize Effectiveness

3.1.4.1 Forensic Tools

If endeavor has been attack by aggressor, endeavor can utilize forensic tool to follow back and happen out how the aggressor coming in to enterprise system. Enterprise need to cognize what they accessed, what they have do alterations, what system have been damage by aggressor. These tool can happen out the grounds available after an onslaught.

3.2.1 Which tools is suited for implement for organisation

3.2.1.1 Firewall

3.2.1.1.1 ISA Server Firewall 2006 Enterprise

ISA Server 2006 provide security for endeavor applications accessed over the Internet by pre-authenticating users before they can entree to any published waiters, even encrypted traffic at application bed in a stateful manner, and supplying automated publication applications. In add-on, ISA waiter 2006 have provide HTTP compaction, caching of content component package updated, and site-to-site VPN capablenesss to fall in with application-layer filtering, ISA Server 2006 makes it easier to better firmly usage on endeavor web. ISA Server 2006 builds it more easy to pull off and protect endeavor webs with intercrossed proxy-firewall architecture, deep content scrutiny, rough policies, supervising capablenesss and overall alertness. ( Microsoft, 2010 )

3.2.1.2 Access Control

3.2.1.2.1 CyBlock ISA

Cyblock ISA Plug-in Web filter allow endeavor to barricade or let Web entree by the system no closure, classs and substance types ( societal networking, spyware, picture ) . In appended, CyBlock ‘s categorized, manager-ready studies offer prosodies by definite apparent between a user ‘s click actions and the irrelevant hits ( streamers, sound, in writing ) unaware downloaded as a consequence of those stairss. ( CyBlock ISA, 2008 )

Administration of CyBlock is do it easier and cut down IT ‘s work load with machine-controlled characteristic. These consist of filtering, importation of Groups coverage and distribution and IDs, day-to-day downloads, informations direction, day-to-day downloads of the URL control list and others. Its duty is small even more with CyBlock ‘s Operator Accounts, which to license directors and other section to run studies. Control Web entree, lessening security menaces and the usage of non-work connexion to bandwidth-centralize sites, and better productiveness. ( CyBlock ISA, 2008 )

3.2.1.3 Virus sensing and protection

3.2.1.3.1 Kaspersky Enterprise Space Security

Kaspersky Enterprise Space Security guarantee the free flow of informations ( information ) within a endeavor and unafraid communicating with public web.

The cardinal consist of constituents for the protection of waiters, and workstations from all types of modern computing machine menaces, taking malware from electronic mails and shop information secure and to the full accessible to users of web resources. ( Kaspersky Lab Zao, 2010 )

Kaspersky Enterprise Space Security high spots some particular characteristic that is Antivirus protection for critical web nodes that for workstations, laptops, file and mail waiters. A new antivirus engine ensures optimum usage of resources. Enhanced proactive protection for file waiters against latest malicious. On-the-fly scanning of electronic mail and Internet traffic. Local protection from unasked electronic mails and phishing. ( Kaspersky Lab Zao, 2010 )

3.2.1.4 Bandwidth Control

3.2.1.4.1 Bandwidth Splitter

These tools is a plan extension for Microsoft ISA Server that operational it with new characteristics to let legitimate sharing of the bing Internet connexion bandwidth and provide it to universalise to all users and waiters under the preset regulations. Features include traffic defining, elaborate real-time monitoring and traffic citing. Terrific real-time monitoring capacity, allow decision maker to efficaciously command traffic use. Legitimates distribution of the Internet channel bandwidth. Reducing Internet costs because of restricting non-priority traffic ( peer-to-peer exchange, large downloads ) . Keep users ‘ work clip because of more guaranteed bandwidth allotment. User can seek to track their cyberspace activity utilizing particular public-service corporation. Get Long-run state of affairs of endeavor bandwidth use from the studies to do bandwidth strategic determinations about managing and maintain bandwidth on organisation. ( Bandwidth Splitter, 2005 )

3.2.1.5 Web Monitoring

3.2.1.5.1 GFI WebMonitor

GFI WebMonitor is the most well-liked used web security and web monitoring tool for Microsoft ISA Server and is now have freeware version. The freeware version of GFI WebMonitor allows director to supervise the sites that clients are shoping and the files clients are downloading. This tool can assist enterprise to barricade entree non related web site for endeavor. Like society web site, gambling, and adult stuff and more. ( GFI WebMonitor, 2009 )

GFI WebMonitor freeware provide endeavor with a figure of studies on browse, downloading and bandwidth use, such as Top Browsing Users, File Type Downloads, Bandwidth Usage and others. ( GFI WebMonitor, 2009 )

3.2.1.6 Intruder Detection and Prevention System

3.2.1.6.1 SNORT

Snort is an unfastened beginning web invasion bar and sensing system ( IPS/IDS ) developed by Sourcefire. Uniting the benefits of signature, protocol and anomaly-based review, Snort is the most widely deployed IDS/IPS engineering worldwide. Snort can besides be used merely as a package lumberman or package sniffer.

Decision

In decision, the writer have try his best attempt to finish the survey, Author have face a batch of job that can non acquire the article and web site to done research and done the stage 1 of the undertaking papers. Author knows which the tools that can implement to enterprise web are.

REFERENCES ( BACKGROUND READING MATERIALS ) :

Network security: Multiple bed of protection ( online ) ( cited 30 January 2010 ) . Available from hypertext transfer protocol: //www.ameinfo.com/206162.html

Bandwidth Splitter ( online ) ( cited 9 December 2005 ) . Available from hypertext transfer protocol: //www.isaserver.org/software/ISA/Bandwidth-Control/

Featured: GFI WebMonitor Freeware ( online ) ( cited 14 August 2009 ) . Available from hypertext transfer protocol: //www.isaserver.org/software/ISA/Free-Tools/

Kaspersky endeavor infinite security ( online ) ( cited 5 February 2010 ) . Available from hypertext transfer protocol: //www.kaspersky.com/enterprise_space_security

What is Snort ( online ) ( cited 6 February 2010 ) . Available from hypertext transfer protocol: //www.snort.org/

Hardware VS. Software Firewall ( online ) ( cited 31 January 2010 ) . Available from hypertext transfer protocol: //www.windowsecurity.com/articles/Comparing_Firewall_Features.html

Business Definition for: Performance Management ( online ) ( cited 1 February 2010 ) . Available from hypertext transfer protocol: //dictionary.bnet.com/definition/Performance+Management.html

Network Management Components – How to Implement a Network Management Strategy ( online ) ( cited 23 September 2009 ) . Available from hypertext transfer protocol: //www.articlesbase.com/information-technology-articles/network-management-components-how-to-implement-a-network-management-strategy-1263186.html

Security tips for web decision makers – Enterprise ( online ) ( cited 11 November 2009 ) . Available from hypertext transfer protocol: //www.articlesbase.com/security-articles/security-tips-for-network-administrators-enterprise-1447109.html

Network Security Model – Specifying an Enterprise Security Strategy ( online ) ( cited 23 September 2009 ) . Available from hypertext transfer protocol: //www.articlesbase.com/security-articles/network-security-model-defining-an-enterprise-security-strategy-1263260.html

Internet Security Tools for Defense In-Depth ( online0 ( cited 9 February 2010 ) . Available from hypertext transfer protocol: //www.sans.org/whatworks/wall.php? id=2

***END OF REPORT***