What are Firewalls?
The well known OEM for firewalls are many but the ones discussed here are Palo Alto, Juniper, Check Point and Cisco ASA.
- Set the login attempts to 3?
- The login attempt from a user should be set to a 3 attempts or minimum so that if incase an unauthorised users tries to break a user account, the attacker attempt could be prolonged and the account could be avoided from any kind of attacks .
- Set the minimum length of password to be eight or more?
- The password sets should be bigger in length that too alphanumeric to protect the system from any kind of attacks such as dictionary attacks etc. as minimum length passwords can be easily cracked by an attacker.
- Set the login time to be 3 minutes or less?
- The user who logs in to its account should be logged on for a minimum time, if he/she has failed in its first few attempts of login. This will help in keeping the account safe from an unauthorised users.
Authentication Authorization Accounting and Auditing (AAA)
As in the users are authenticated the next step i.e. Authorization, where in the users or administrators can determine which resources the users or administrators are allowed to access and do operations to be performed as if an unauthorised users get to access the administrators profile by which they could access those resources which could lead to losses to the organisation.
Accounting and Auditing
After the users are authenticated and authorized then it comes it begins to access the network. The role of accounting and auditing is to see how long does the users or administrators stay accessed to their accounts and what all actions are being performed by them. These are also known as crating the audit trails.
VPN is termed as a logical connection between two devices via an encrypted tunnel.
Types of VPN:
- Remote Access VPN
- Site to Site VPN
- Intranet based VPN
- Extranet based VPN
Remote Access VPN : - When a user who connects to a private network and access all its services and resources remotely. example : If an employee of a XYZ company is located in a remote zone and wants to access to use its XYZ company's resources or want to apply for a leave on its company's portal he or she will remotely connect to a VPN which is a secure environment and access the resources.
Site to Site VPN :- It is also known as Router-to-Router which is commonly used in the large companies or organisations. Where in organisations, with branch offices in different locations, will use Site-to-site VPN to connect the network of one office location to the network at another office location.
Ex: If a bank named as "Cherry Bank" located in Hudson, New York wants to access the customer's data who has been recently re-located to Cloumbia, New York, will access the data of "Cherry Bank" located in Cloumbia, New Work.
- Intranet based VPN: When several offices of the same company are connected using Site-to-Site VPN type, it is called as Intranet based VPN.
- Extranet based VPN: When companies use Site-to-site VPN type to connect to the office of another company, it is called as Extranet based VPN. Ex : Barclays Bank in London, UK is connecting to ANZ Bank , Auckland, NZ.
For more information on Technologies/best practices