Protecting against data interception and theft has
long been a concern of corporate/wireless LAN customers.
Successfully using Internet technologies requires
an increased need to protect valuable data and network
resources from corruption and intrusion. T-One's
security solution is comprised of five key elements:
Identity
Identity is the
accurate and positive identification of network
users, hosts, applications, services, and resources.
Standard technologies that enable identification
include authentication protocols such as RADIUS
and TACACS+, Kerberos, and one-time password tools.
New technologies such as digital certificates, smart
cards, and directory services are beginning to play
increasingly important roles in identity solutions.
Perimeter
Security
This element provides
the means to control access to critical network
applications, data, and services so that only legitimate
users and information can pass through the network.
Routers and switches with access control lists and/or
stateful firewalling, as well as dedicated firewall
appliances provide this control. Complementary tools,
including virus scanners and content filters, also
help control network perimeters.
Data Privacy
When information
must be protected from eavesdropping, the ability
to provide authenticated, confidential communication
on demand is crucial. Sometimes, data separation
using tunneling technologies, such as generic routing
encapsulation (GRE) or Layer 2 Tunneling Protocol
(L2TP), provides effective data privacy. Often,
however, additional privacy requirements call for
the use of digital encryption technology and protocols
such as IPSec. This added protection is especially
important when implementing VPN's.
Security
Monitoring
To ensure that
a network remains secure, it's important to regularly
test and monitor the state of security preparation.
Network vulnerability scanners can proactively identify
areas of weakness, and intrusion detection systems
can monitor and respond to security events as they
occur. Using security monitoring solutions, organisations
can obtain unprecedented visibility into both the
network data stream and the security posture of
the network.
Policy
Management
As networks grow
in size and complexity, the requirement for centralised
policy management tools grows as well. Sophisticated
tools that can analyse, interpret, configure, and
monitor the state of security policy, with browser-based
user interfaces, enhance the usability and effectiveness
of network security solutions.
These elements
enable dynamic links between customer security policy,
user or host identity, and network infrastructures.
