Most of the companies are computerised today. As such we will see a vast categories of Internet enabled devices popping up in in the workplace. This can be wireless router which allows users to link to the internet using company network; network attached storage connected to the network; servers and switches joined together using the company network.
Sometimes, suppliers / customers may also need to gain access to their company information using our company network to connect to the internet.
Also, the staff in the company may also use their personal handphones to access the internet.
This lack of controls may pose a security issue for the company.
What are the things we can do to secure the resources in the network? We will probably wonder what other ways which the company resources such as the data stored in the file server can be protected from devices such as customers' / suppliers' hand phone and notebooks.
One of the ways would be to separate the public network from the intranet either physically or logically. The separation of network physically can be expensive but simpler implement than logically. This is because use two sets of switches and network cables so that the public and intranet are separated.
Logically, we may separate the network by using virtual lan (VLAN) so that the network may physically share the same physically network infrastructure and switches but are separated logically.
For instance we may define two network VLAN 1 and such that VLAN 1 may host the companies network whereas VLAN 2 is connected to the internet. Traffic from VLAN 1 will not be separated from VLAN 2.
My experience with the HP Switches such as the HP-2910al can be done by configuring the network using the following commands using putty.exe.
About the Author
SHB had been working in the IT area for 20 years. He is specialised in software development and IT management system. He is CISA certified, lead auditor trained in ISO 9001 and ISO 27001 management system.
Main initiatives include IT implementations through framework such as ISO 27001, Business Continuity Management and best practices from the industries.
Enhance the security system in the organisation by looking into the network design and software configuration of the hardware providing awareness training to end users and IT staff.
Worked in the area of software design & development and IT security.