320 likes | 1.3k Views
Auditing IT Infrastructures for Compliance Chapter 11 Compliance Within the LAN-to-WAN Domain. Learning Objective. Use an appropriate framework to implement ISS compliance within the LAN-to-WAN Domain. Key Concepts. Compliance law requirements and business drivers for the LAN-to-WAN Domain
E N D
Auditing IT Infrastructures for Compliance Chapter 11 Compliance Within theLAN-to-WAN Domain
Learning Objective • Use an appropriate framework to implement ISS compliance within the LAN-to-WAN Domain.
Key Concepts • Compliance law requirements and business drivers for the LAN-to-WAN Domain • Devices and access controls for the LAN-to-WAN Domain and steps to maximize A-I-C • Policies, standards, procedures, and guidelines in the LAN-to-WAN Domain • Vulnerability management in the LAN-to-WAN Domain • Best practices for LAN-to-WAN Domain compliance requirements
Business Drivers and Compliance • Protecting data privacy • Implementing proper security controls for the LAN-to-WAN Domain • Ensuring availability of Internet Service Provider (ISP) connection and backup connection • Security policy that includes compliance • Controls to support security policy
LAN-to-WAN Domain Devices and Access Controls • Router • Firewall • Proxy server • Demilitarized zone (DMZ) • Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) • Data leakage security appliance • Web content filtering device • Traffic-monitoring device
LAN-to-WAN Domain Devices in Context Internet is WAN
Maximizing LAN-to-WAN Domain A-I-C • Minimizing single points of failure • Using dual-homed ISP connections • Using redundant and alternate ISP connections • Deploying redundant routers and firewalls • Backing up Web server data • Using VPNs for remote access to organizational systems and data
Maximizing LAN-to-WAN Domain A-I-C ISP connection represents a single point of failure.
Maximizing LAN-to-WAN Domain A-I-C Multiple ISP connections avoid a single point of failure.
Best Practices for LAN-to-WAN Domain Compliance • Map your proposed LAN-to-WAN architecture before installing any hardware. Use one of the several available network-mapping software products to make the process easier. • Identify all of the components’ data paths through the domain. Use the map to identify any single points of failure. • Update the network map any time you make physical changes to your network.
Summary • Compliance requirements and business drivers for the LAN-to-WAN Domain • Devices and access controls • An IT security framework • Maximizing A-I-C in the LAN-to-WAN Domain • Best practices for the LAN-to-WAN Domain