WAN Access Module

Previous page
Table of content
Next page

The WAN access module is an often overlooked aspect of the perimeter, because the remote connection is part of the overall protected network. Most WAN connections are in the form of leased lines such as T1 and T3 lines, packet-switched networks such as frame relay, and cell -switched networks such as ATM. Figure 11-8 depicts a hardened WAN module.

click to expand
Figure 11-8: WAN module

At the core of the security for the WAN module is the implementation of firewalls to provide security to the enterprise network from the remote location. In Figure 11-8, the firewalls are external to the routers; however, the filtering capabilities could easily be bundled into the routers themselves through the use of firewall feature sets, ACLs, and CBAC for Cisco-based equipment.

Redundancy is provided through the use of technologies such as Hot Standby Router Protocol (HSRP) for fault tolerance. For businesses that are particularly concerned with security, IPsec can be implemented on the routers at each end of the WAN connection to provide data integrity and security over the public or private service provider network.

In addition, like all of our perimeter modules, NIDS/NIPS are implemented behind the firewall to monitor and analyze the traffic traversing the module to the internal network.



Previous page
Table of content
Next page
Hardening Network Infrastructure. Bulletproof Your Systems Before You Are Hacked.
Hardening Network Infrastructure. Bulletproof Your Systems Before You Are Hacked.
ISBN: N/A
EAN: N/A
Year: 2004
Pages: 125
BUY ON AMAZON
Interprocess Communications in Linux: The Nooks and Crannies
The .NET Developers Guide to Directory Services Programming
VBScript Programmers Reference
MySQL Cookbook
Java Concurrency in Practice
Quantitative Methods in Project Management
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy