Network Security

DDoS Network Protections

Description Network of IT services must be hardened against Distributed Denial of Service (DDoS) attacks. Services are configured to avoid participating in DDoS attacks. There is a documented procedure in...

Firewall Rule Management

Description The network firewall is set up to protect hosts on the network against networkflows that are potentially insecure. The firewall is one part of a layered defense. The firewall...

DMZ

Description The DMZ (demilitarized zone) is the network location for public-facing services. Only systems in the DMZ can accept communications initiated from outside the network. The DMZ is separated from...

Network Segmentation and zoning

Description Networks are segmented if they serve different business purposes or have differing risk levels, determined by the classification of the assets in the same segment. Each network segment is...

Networking Hardware

Description Networking maintains a list of approved hardware components and their required configurations. Networking hardware components are not accessible to unauthorised individuals. Specification Switches do not operate in promiscuous mode....

Block malicious sources

Description Identify known malicious domains, IPs or other content and block access to these sources from the organisational network, systems and managed devices. Enable Domain Name System (DNS) query logging...

Network Access Control

Description Network Access Control is used to determine the level of access users are given to the internal network. Unidentified users get access to the guest network. The authentication system...