Read This! | Picolisp | Picolisp Machine | Pil Sources | Linux | BASH | C-Programmming | Operating Systems | Computer Security | ICSsecurity | Firewalls | Networking | Security Programs | Exploitation | Social Engineering | Metasploit | wifi-penetration | Forensics | Secure Network Architecture

Secure Network Architecture

Principles

  1. Isolate ICS (Control) Network & Corporate (Production) Network
  2. Use minimal connections between Control & Production Networks
  3. use Firewalls
  4. Filter Packets - ICMP codes, especially Destination Unreachable Network & Host flags
  5. Block all Communication by Default
  6. Enforce Secure Authentication
  7. Enforce Destination Authorisation
  8. Record Information
  9. Permit the ICS to Implement Operational Policies

Netwok Architecture

Logically Seperated Control Networks

Defense in Depth / Onion Security

  1. Application & Data
  2. Data End Point
  3. Patch Management - Qualys Guard
  4. Intrusion Prevention
  5. Virus Protection
  6. Host-Based Firewall
  7. Server Hardening
  8. Internal Network
  9. Perimeter Security
  10. Physical Security
  11. Policies & Procedures

Use Secure Protocols

Links

http:///wiki/?securenetworkarchitecture

01dec16   admin