New LAN technologies have become faster and will support multimedia applications. Asynchronous Transfer Mode (ATM) and Ethernet LANs, which are 10 to 5 times faster than standard LANs, are now available. To take advantage of faster LANs, computers have become faster and more complex. In addition, computer software must be developed that is able to efficiently transfer large amounts of data from networks to computer applications. Local Area Networks have become a great asset to the productivity of small, medium or large office environments. However, to utilize such technology effectively, it is best to have a skilled professional help you design, implement and maintain the proper network for your business. With over 20 years of experience, Moen & Associates can helpl. See Sample LAN Diagram
Wide-Area Network ("WAN") is a computer network that covers a broad geographic region, ranging in diameter from a few miles to span entire continents. WANs transmit information across its lines and can also link various LANs together allowing computers to use resources in other locations. See Sample WAN Diagram
WANs transmit data over regular wire or fiber-optic wire traveling along switched or dedicated lines. Satellite transmission and microwave communication provide wireless WANs where tangible media cannot reach or are not cost effective. Any LAN configuration (linear, star or ring) may be connected to a WAN. The WANs themselves consist of star, mesh and hierarchic configurations. The components of a WAN are universal – they are made up of a sender, receiver, and medium. Routers are the essential piece of equipment linking LANs and WANs together in order to facilitate a network connection.
In addition to transmitting computer data, WANs are used to transmit voice and video. Every time you speak on the telephone you are "logged on" to a WAN. In fact, WANs were developed in telephony. When you watch your favorite television program, a satellite WAN is being used to beam the video image from the network to the television station. Another over-the-air WAN then brings the program to your television receiver. Wide Area Networks have become an amazing tool to individuals and businesses by providing rapid communication and transmittal of information. See Sample WAN Diagram
Internet Security - The market for intrusion detection systems (IDS) is growing. Many of our clients are surprised after a firewall installation. Network administrators start receiving email notifications of possible Internet based attack in progress. I often receive phone calls from clients stating, "Jon the firewall notified me that we are receiving a Sub Seven Attack". I reassure then that the firewall defeated that attack and you are OK. When they hang up and I hear a sigh of relief. There are many robot applications that roam the Internet from one IP Address to another attempting to infiltrate DSL connected local area networks. These robots perform security analysis on the LAN and report back to their master.
A Firewall has four basic functions
1. Internet firewalls are intended to keep the unauthorized users out of your private Local Area Network.
2. A firewall also keeps your local users from viewing undesirable Internet content.
3. A firewall allows access to your LAN server files and printers from a remote location. To gain access you must provide your login name / password and have authorization from the Local Area Network.
4. Provide NAT (network address translation) this allows the sharing of a single IP address from for DSL provider.
What does Network Security consist of?
- Password security is the first line of defense. Passwords must be changed every few weeks for optimal network security.
- Audit trails are necessary to back track to the invading cyber culprits. Just like home burglars unauthorized users leave cyber fingerprints. Your system must be ready to preserve evidence in the event of an attack.
- System policies created on your server are like these examples 1. A workstation automatically logged after a period of inactivity. 2. Restricting user access to certain times of the day (ex 8:00 ö 5:00) certain users do not require access at 3:00 AM.
- Virus Protection Software - I recommend that file servers have server based virus protection software that automatically updates the virus detection file from the Internet and distributes the current DAT file to all workstations automatically. Many clients forget to update the Virus detection DAT files and are the workstation or server is infected due to a lack of a current DAT file. Many new viruses are sent as email attachments. We can install software that filters email attachments before the email is delivered to the user.
- Recurring training - Users should be taught to recognized suspect email and report to the network administrator. A team-based approach is necessary to a secure network environment.
- Directory Security is a great way to allow users to access some directory and not others. Why should Dave in sales have access to sensitive payroll files? The tighter your directory security the harder it is for an outside unauthorized user to penetrate your sensitive files.
- File based security - Some user should only have rights to view files while other users have rights to modify or delete files
- Multiple form of systems backup. - My favorite forms of backup are high sped tape, CD / DVD Writers and data copies to backup servers. If your system is penetrated by a destructive virus how hast can I reformat the server drive and restore data.
- Documentation - It is imperative that all Directory Security must be documented. This help promotes a team-based approach to security. Management can review these procedures help promote additional measures and remove some procedures that are too restrictive for company productivity.
