1. Create a virtual private network (VPN) for authenticated users. VPNs are encrypting connections that lie between two parts. Using a VPN connection would provide a high level of security for employees given that the VPN is setup correctly. With using a VPN comes the convenience of connection to the company’s network from multiple locations without being at the office. 2. Separate authenticated and anonymous users on separate servers). Users have been reporting many issues with the network on numerous occasions. This approach will be a great in ensuring that there is proper load balancing so that they network doesn’t suffer that same congestion that it has in the past. User complaints will decrease and the quality of work will improve. Both authenticated and anonymous users will have a more consistent connection. 3. Use firewall rules to close all ports except 80 and 443. As we all know, the firewall is a very important part of the network. Without the firewall the network would be open to all types of incoming and outgoing traffic. Given that this is the case, you would want to make sure that the firewall rules are setup properly. You will only need to have ports 80 and 443 open since we have an internal mail server. In the event you install an application that will need extra ports, you could then open the port. You never want to have unnecessary ports opened. 4. Restrict all anonymous user access.
Based on research that has been conducted, restricting all anonymous user access would not be a good idea. There is no reason why this should be done as far as making the company better goes. 5. Use Kerberos to authenticate computers.
Given that Kerberos is a authentication protocol that comes with the Windows OS, I don’t feel like the change would have a impact on the company and our goals. 6. Create a list of approved users Internet Protocol (IP) addresses and deny traffic not originating from a listed address. This process is often called...
Please join StudyMode to read the full document