Alguien sabe que es el aislamiento de redes (Network Isolation, Isolation Bridge?
Alguien sabe que es el aislamiento de redes (Network Isolation, Isolation Bridge?
What Is Network Isolation?
Benefits of introducing a logical data isolation defense layer include:
* Additional security
* Control of who can access specific information
* Control of computer management
* Protection against malware attacks
* A mechanism to encrypt network data
Network isolation: The ability to allow or deny certain types of network access between computers that have direct Internet Protocol connectivity between them
Identifying Trusted Computers
Trusted computer:
A managed device that is in a known state and meets minimum security requirements
Untrusted computer:
A device that may not meet the minimum security requirements, mainly because it is unmanaged or not centrally controlled
Goals That Are Achievable Using Network Isolation
The following goals can be achieved by using
network isolation:
* Isolate trusted domain member computers from untrusted devices at the network level
* Help to ensure that a device meets the security requirements required to access a trusted asset
* Allow trusted domain members to restrict inbound network access to a specific group of domain member computers
* Focus and prioritize proactive monitoring and
compliance efforts
* Focus security efforts on the few trusted assets that require access from untrusted devices
* Focus and accelerate remediation and recovery efforts
Risks that will not be directly mitigated by network isolation include:
* Trusted users disclosing sensitive data
* Compromise of trusted user credentials
* Untrusted computers accessing other
untrusted computers
* Trusted users misusing or abusing their trusted status
* Lack of security compliance of trusted devices
* Compromised trusted computers access other trusted computers
How Can Network Isolation Be Achieved?
Components of the network isolation
solution include:
Computers that meet the organization’s minimum security requirements
Trusted hosts
The use of IPSec to provide host authentication and data encryption
Host authentication
Verification of security group memberships within the local security policy and access control lists of
the resource
Host authorization
source: http://download.microsoft.com/downlo...p%20Policy.ppt
Ah gracias, pero esto se puede aplicar en cualquier plataforma o es exclusivo de Micro$oft?
Saludos.
Según la descripción:
Iniciado por CrAcKzMe
Es independiente de la plataforma. De hecho, lo primero que hago al instalar un sistema operativo es aislarlo de cualquier red incluída la LAN. Es tansimple como crear un par de reglas de firewall en la propia máquina que denieguen todo. Luego ya abres los servicios que quieras y les permites comunicación.
Salu2
Ok Gracias a los dos.
Saludos.
Marcadores