Developing a Network Security Plan

Distributed security involves the coordination of many security functions on a computer network to implement an overall security policy. Distributed security enables users to log on to appropriate computer systems, find the information they need, and use it. Much of the information on computer networks is available for anyone to read, but only a small group of people are allowed to update it. If the information is sensitive or private, only authorized individuals or groups are allowed to read the files. Protection and privacy of information transferred over public telephone networks, the Internet, and even segments of internal company networks are also a concern.

Although security technologies are some of the most advanced technologies, security itself combines those technologies with good business and social practices. No matter how advanced and well implemented the technology is, it is only as good as the methods used in employing and managing it.

Your security deployment team develops the network security plan. The network security deployment plan describes how you use the features of Windows 2000 distributed security to deploy distributed security and information security solutions. A typical security plan includes sections like those shown in Table 11.1.

Table   11.1 Sections in a Security Plan

Sections in the Plan


Security risks

Enumerates the types of security hazards that affect your enterprise.

Security strategies

Describes the general security strategies necessary to meet the risks.

Public key infrastructure policies

Includes your plans for deploying certification authorities for internal and external security features.

Security group descriptions

Includes descriptions of security groups and their relationship to one another. This section maps group policies to security groups.

Group Policy

Includes how you configure security Group Policy settings, such as network password policies.

Network logon and authentication strategies

Includes authentication strategies for logging on to the network and for using remote access and smart card to log on.

Information security strategies

Includes how you implement information security solutions, such as secure e-mail and secure Web communications.

Administrative policies

Includes policies for delegation of administrative tasks and monitoring of audit logs to detect suspicious activity.

Your network security deployment plan can contain more sections than these; however, these are suggested as a minimum. Additionally, your organization might need more than one security plan. How many plans you have depends on the scope of your deployment. An international organization might need separate plans for each of its major subdivisions or locations, whereas, a regional organization might need only one plan. Organizations with distinct policies for different user groups might need a network security plan for each group.

Test and revise your network security plans by using test labs that represent the computing environments for your organization. Also, conduct pilot programs to further test and refine your network security plans.