Question

Suggest possible security strategies needed to support encryption and network access control.

Answer 1

These are the points to be kept in the mind while building encryption and network access control

1. Try to install NAC server.Allow all netwoking devices (wireless access points and switches) to get authentication from the NAC server.
2. Set a good authentication rules on the NAC server.So that only the authenticated users or resources(devices)can access the network
3. Try to protect your storage device(internal and external) with a strong password.
4. Enable multi-factor authentication:By providing two forms of authentication it becomes difficuilt for an unauthorized user again access.
5.Packet filters should be set up on routers,firewalls and servers.
6.Provide a full disk encryption.Try to install softwares like FileVault2 to provide full disk encryption .
7.Try to provide proxy Authentication to ensure three-tier security
8.Provide a discretionary access control so that only the verfied user get the privileged access to perform an operation.
9. Profiling should be done to scan end-user and their devices to ensure they are not potential threats to the network resources.
10.Try to avoid Guest access that NAC solution is providing now.
11.Security analytics should be strengthen in order to detect malicious behavior that could lead to exfiltration, stolen credentials,attack to the network infrastructure.