Question

Modularizing Security Design:

a. Please explain about the modular approach of security design

b. How to implement modular approach to secure server farm?

Answer 1

a) Security experts are actually promoting the security defense, the main objective that network security that should be multi layered and implementing many technique to ensure the security. Since no method can assure you to give 100% data security so for each methods you should use a backup method. There is one such method called the belt and suspenders approach. This method uses firewall to block access to outside traffic. The modular approach to the security design is really a good way to have an understanding regarding the types of solution which is required to implement security . Here are few approach which you can take:

• Internet connection: Internet connect is the major source for an attack. So implementing security realted to internet security is by implementing router level firewalls in your network.
• Using of VPN: Virtual private network creates a secure tunnel through which we can securely connect to a network using remotely. VPN is another modular way to implement security.
• Wireless network security: Implementing wireless security using WPA will allow users to authenticate into the network. Without proper authorization, no user can able to enter into the network.

b) Server farms generally used to host files, database, prints and and application inside the infrastructure. These servers have most sensitive information stored in it. So it must be protected at any cost. Moreover, these servers are accessed by a lot of users and the network performance is an critical issue that need to be solved. In order to maximize the security, and security must be selected and maintained. Here are few steps which needs to be followed:

• Limiting the root password only to the administrator and even guest account should be avoided. There should be a different host machine where guest user can able to login.
• Using kerberos authentication system which provides user to host security for application level protocol such that FTP and the Telnet. Kerberos relies on symmetric key database which uses KDC on kerberos server.