close
test_template

Macro and Micro View Network Security Management

Human-Written
download print

About this sample

About this sample

close
Human-Written

Words: 785 |

Pages: 2|

4 min read

Published: Feb 12, 2019

Words: 785|Pages: 2|4 min read

Published: Feb 12, 2019

Macro and Micro View Network Security Management: Organizations need a holistic view of their network. With disparate vendor devices and hosts, security teams need a normalized, comprehensive view of the network, including: routing rules, access rules, NAT, VPN, etc.; hosts, including all products (and versions), services, vulnerabilities, and patches; and assets, including asset groupings and classifications. With a comprehensive view of the network, security teams can view hosts in the network, as well as configurations, classifications and other pertinent information. A network map or model is both a useful visualization tool and a diagnostic tool, providing analysis that is only possible when considering an overall view. For example, security and compliance teams can use this macro view to see how data would move between points on the network.

Although the macro view is needed to see how all the pieces of the network fit together, network administrators must also be able to drill down into the details for a particular device, easily accessing information on rules, access policies, and configuration compliance. And this information must be considered within the framework of the broader network, including context such as segments or zones, routing, routers, switches, intrusion prevention systems (IPS), and firewalls.

The network components that impact the device will undoubtedly come from various vendors, creating data of different vendor languages that must be deciphered, correlated, and optimized to allow administrators to streamline rule sets. Daily or weekly reviews of all devices on the network is unattainable with a manual process, and reviewing device configurations less frequently puts network security and compliance at risk. Automating policy compliance helps ensure compliance and consistency, and preserves IT resources. Ideally, a network modeling tool that provides a macro view should also allow administrators to drill down into a micro view of each device, providing information on users, applications, vulnerabilities, and more. This allows administrators to see the broader network view and then focus in on particular devices for management.

Create Usage Policy Statements: Creating usage policy statements that outline users' roles and responsibilities with regard to security. You can start with a general policy that covers all network systems and data within the company. This document should provide the general user community with an understanding of the security policy, its purpose, guidelines for improving their security practices, and definitions of their security responsibilities. Create an administrator acceptable use statement to explain the procedures for user account administration, policy enforcement, and privilege review. If your company has specific policies concerning user passwords or subsequent handling of data, clearly present those policies as well. Check the policy against the partner acceptable use and the user acceptable use policy statements to ensure uniformity. Make sure that administrator requirements listed in the acceptable use policy are reflected in training plans and performance evaluations.

Policy development is focused on establishing and reviewing security policies for the company. At a minimum, review both the risk analysis and the security policy on an annual basis. Practice is the stage during which the security team conducts the risk analysis, the approval of security change requests, reviews security alerts from both vendors and the mailing list, and turns plain language security policy requirements into specific technical implementations.

The last area of responsibility is response. While network monitoring often identifies a security violation, it is the security team members who do the actual troubleshooting and fixing of such a violation. Each security team member should know in detail the security features provided by the equipment in his or her operational area.

Conduct a Risk Analysis: A risk analysis should identify the risks to your network, network resources, and data. The intent of a risk analysis is to identify portions of your network, assign a threat rating to each portion, and apply an appropriate level of security. This helps maintain a workable balance between security and required network access.

Get a custom paper now from our expert writers.

Assign each network resource one of the following three risk levels:

  1. Low-level Risk Systems: The data that is compromised would not disrupt the business or cause legal or financial ramifications. The targeted system or data can be easily restored and does not permit further access to other systems.
  2. Medium level Risk Systems: The data that is compromised would cause a moderate disruption in the business, legal or financial ramification or provide further access to other systems. The targeted system or data requires a moderate effort to restore or the restoration process is disruptive to the system.
  3. High-level Risk Systems: The data that is compromised would cause an extreme disruption in the business, cause major legal or financial ramifications, or threaten the health and safety of a person. The targeted system or data requires significant effort to restore or the restoration process is disruptive to the business or other systems.
Image of Alex Wood
This essay was reviewed by
Alex Wood

Cite this Essay

Macro and Micro View Network Security Management. (2019, February 11). GradesFixer. Retrieved November 13, 2024, from https://gradesfixer.com/free-essay-examples/macro-and-micro-view-network-security-management/
“Macro and Micro View Network Security Management.” GradesFixer, 11 Feb. 2019, gradesfixer.com/free-essay-examples/macro-and-micro-view-network-security-management/
Macro and Micro View Network Security Management. [online]. Available at: <https://gradesfixer.com/free-essay-examples/macro-and-micro-view-network-security-management/> [Accessed 13 Nov. 2024].
Macro and Micro View Network Security Management [Internet]. GradesFixer. 2019 Feb 11 [cited 2024 Nov 13]. Available from: https://gradesfixer.com/free-essay-examples/macro-and-micro-view-network-security-management/
copy
Keep in mind: This sample was shared by another student.
  • 450+ experts on 30 subjects ready to help
  • Custom essay delivered in as few as 3 hours
Write my essay

Still can’t find what you need?

Browse our vast selection of original essay samples, each expertly formatted and styled

close

Where do you want us to send this sample?

    By clicking “Continue”, you agree to our terms of service and privacy policy.

    close

    Be careful. This essay is not unique

    This essay was donated by a student and is likely to have been used and submitted before

    Download this Sample

    Free samples may contain mistakes and not unique parts

    close

    Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.

    close

    Thanks!

    Please check your inbox.

    We can write you a custom essay that will follow your exact instructions and meet the deadlines. Let's fix your grades together!

    clock-banner-side

    Get Your
    Personalized Essay in 3 Hours or Less!

    exit-popup-close
    We can help you get a better grade and deliver your task on time!
    • Instructions Followed To The Letter
    • Deadlines Met At Every Stage
    • Unique And Plagiarism Free
    Order your paper now