Server and Network Security

Security is often thought of only in terms of protecting software. However, any security plan should be implicated hierarchically at every level. Servers must be located in secure, access-controlled environments. Only authorized personnel should be allowed to supervise and administer it.

Essentially, server security is the controlling of access to the database server itself. The server must be attached to a stable power supply that provides backup up power if the there’s a problem with the supply. This enables the server to shut down in a way that protects data and causes the least amount of damage. They should comply with business standards in password policy to protect database access.

Encryption also protects data through advanced DES (Data Encryption Standard) mechanisms or cryptograms. The degree of encryption depends on government standards. Database servers should not be visible to the world. (Web servers, however, are and require specific security measurements, since they support anonymous connections.)

For security and performance issues, the database backend should never be on the same machine as the web server with its open connections. To secure the database, the server should be configured to accept only trusted IP addresses. If the database is a backend for a web server, the IP address of the web server should be the only address that can access the database server. Another security gap in servers emerges from increasingly dynamic applications that allow on-line upgrades and can infiltrate the database server.

Networks are vulnerable to intruders who ‘sniff’ or eavesdrop on networks that can contain sensitive company information, passwords, and other potential company weaknesses. Secure networks should conform to four principles that form a ‘trusted computing base’ (TCB). These are:

1) identification and authorization,
2) discretionary control
3) audit, and
4) object re-use.

Identification determines the user’s identity. The user is then authenticated through a password or the completion of a registration form or some other access-controlling barrier. Authentication also ensures the identity stays consistent across time. Authorization defines what the user is allowed to do, what processes users have access to. Discretionary access control (DAC) is a security system that gives users, processes, and devices specified permissions to gain access to system resources in clearly defined ways.

Audits are systematic evaluations of the security of a company’s information systems. Audits examine the most secure physical configuration of hardware and software connections, how information is handled, and user practices. Object reuse takes a storage medium that contains one or more objects. It protects network security by ensuring that all residual data from previous objects is removed before the storage can be re-assigned.

Endpoint Security, Firewalls, Anti-Virus Software, and Anti-Spyware

There are several types of client-server security strategies. One example of client-server security is called endpoint security. This type of security includes simpler forms of itself, such as firewalls and anti-virus software.

In endpoint security programs, security software in the form of a client program is downloaded to every endpoint or user device connected to the network being protected. The security program is hosted on a server or gateway. This centralizes security and takes care of updates, login verification and patches. A patch is a quick-fix for a programming bug that develops during product-testing.

Firewalls and anti-virus software offer the simplest examples of endpoint security software. Personal or desktop firewalls are software applications that protect single computers that are connected to the Internet. The connections are usually DSL or cable modem. Since these connections are always open and use static IP addresses, they are easy for intruders or hackers to break into. Firewalls work at the device level or link layer. This is between the physical machine and the transaction layer. It is the lowest level of Internet protocol, responsible for the physical connections between computers. It translates requests and responses into packets, decoding incoming packets by providing address and channel decoding. By acting on this level, firewalls control Internet connections, filter incoming and outgoing network traffic, and alert users to suspected intrusions.

Some of the top firewall products of 2007 are ZoneAlarm Pro, Outpost Firewall Pro, and Norton Personal Firewall. Anti-virus software is another example of simple endpoint security. It is a class of program that searches disk drives and other memory devices for computer viruses. The top anti-virus software applications for 2007 are BitDefender, Kaspersky, and F-Secure Anti-Virus.

Endpoint security is evolving to include other essentials such as the detection and prevention of intruders gaining access to a network, database, or workstation. Anti-spyware software is also increasing in popularity. Anti-spyware protects against programs that collect data on individuals or organizations without their knowledge for unknown uses. They can be secretly installed on computer through a new program or a virus. Some of the top anti-spyware products of 2007 include SpySweeper, CounterSpy, and Trend Micro Anti-Spyware.

First Page: Client-Server Security