Regresar

Technique for Information Security Based on Controls Established by the SysAdmin Audit, Networking and Security Institute

Abstract:

Information security has become a worldwide trend; however, there is little or no mention of how the incorporation of security-related concepts should be initiated from the network design phase. The lack of a secure network means that losses amount to millions of dollars from cybercrime, much more if this same scenario were taken into account in the globalized environment. The need to evaluate the method by which the designs are executed becomes crucial, a before and after of the networks designed based on security. The present work proposes an alternative in information security with the methodology of design of communication and telecommunication networks, implementing 2 security controls, the 8 and 12, malware defense and perimeter respectively. These controls are listed by the SysAdmin Audit, Networking and Security Institute (SANS), evaluating the compliance with the recommendations that this institute delivers and demonstrating at the end that a functional and secure network can be obtained. The applicability of the described is measured in the implementation of the mentioned controls, since the antimalware provided adequate protection, administration and configuration in all the endpoints, thus avoiding zero-day threats. While the configuration at the perimeter level has allowed blocking of attacks, web filtering with new generation security parameters, maintenance of operational business roles and protected information.