1 / 7

Network Security Management

This document outlines best practices for network security management at Jesus College, Oxford. It emphasizes the importance of education for users, regular induction talks for new staff, and clear policies, including acceptable usage and investigatory procedures. The framework advocates for a combination of technology solutions, such as firewalls and anti-virus software, alongside physical network segmentation to prevent internal abuse. It discusses the need for a supportive approach in managing user conduct, fostering cooperation, and turning students into security advocates while maintaining clear penalties for serious violations.

neona
Download Presentation

Network Security Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security Management at Jesus College, Oxford John Ireland, IT Manager <john.ireland@jesus.ox.ac.uk>

  2. Fitting Into Oxford Conference Council Colleges Committees AcademicDivisions AdministrativeDepartments

  3. Network Topology MIS Physics OUCS Jesus Coll.

  4. What Do We See?

  5. Avoiding and Detecting Trouble • Education of users • Induction talks for all new starts • Reminders by weekly email • Clear statement of usage policy (AUP) • Clear investigatory procedure, including penalties that may be imposed • Technology • Registration for network access: web scripts + dhcp • Firewalls (policy?): Linux iptables • Anti-virus software + updates Sophos CID • Windows Update links on web site • Traffic monitoring / network scanning iptables, NetBrute • Secure, well designed systems Switches, Linux, iptables,… • Physical network segmentation

  6. Approach for Internal Abuse • Penalties should mean that it is on the student’s record • Discussion is better than penalisation in terms of actually preventing further abuse: seeing a human being (even if it’s the network manager) reminds them that this is not a ‘pay-per view’ service • Get them on our side – one night of drunken stupidity doesn’t deserve revenge (or counter-revenge) • Recruit them as security evangelists: tell others

  7. A Final Thought What would you do if you track down an abuse and find that the miscreant is…. YOUR BOSS!

More Related