These
messages are permanently written in the headlines of the newspapers and put many
people off, to expose the own company that 'risk' with connecting the company to
the Internet
In this article, we will show you, that this 'risk' should not be so big, if the
right measurements are taken. At the end of this page,
we show you a good security, which is available
in our stock and it's going out of saying, that we can install this software at
your company network.
|
What
kind of 'risks' exist, when a company is connected to the Internet? |
|
| To
connect a company-network to the Internet is not dangerous in principle,
but the risk for your data is increasing. If you realize, that thousands of companies are 'online', the risk of being spied out is very low, unless your company does not serve secret development-news. Nevertheless you should not act like 'this doesn't happen to us' and believe in your fortune. The costs for the Firewall-Software seems to be high for the first moment, but the damages, which are caused by hacking are mostly higher. A experienced hacker has the neccessary tools to break the security of the local network in a short time, and then he has all the possibilities e.g. to read or delete databases. If an important database has been deleted because of Internet-hacking, and the actual backup is not available, it is possible, that the whole company will go bankrupt. If your company competes with others, or is developing a genius product, the possiblility of being hacked increaes dramatically. Within such attacks, most of the time no data are deleted, because the penetrator would be invisible, but your supposingly secured data have been transmitted to others.
|
|
|
How does it look, if an unsecured network is being scanned? |
|
| The
intruder from the internet normally uses a port-scanner, which can be downloaded
from several hacker-pages, to observe a foreign network for leakage. The scan
results in several open IP-Ports, where the intruder can work on. There are 65535 ports in the IP protocol, where the first 1024 ports have fixed bindings, e.g. port 80 is used for HTTP - you know as web access, and with ports 25 and 110 mail transfer is being handled. With these informations, an experienced intruder can use the appropriate tools to have access to the foreign network, and can have access to some unofficial data. If you click here, you will find an example of a scanned network, seen from the view of the intruder. This example is NOT a scan of your network, so it's no danger for you to click on.
|
|
|
Possibilities
to prevent Internet-hacking |
|
| To
protect your local network from unauthorized access, you have several
options: |
|
| 1. Only a Mail-Server with a dial-In line will be installed | ||
| This option is relatively secure and
the only solution, which could be installed without a firewall, because
only E-Mails will be transmitted and the Internet connection will be
opened only during Mail transfer. Disadvatages: If there are many messages to transmit, the costs for the dial-line is much higher than a leased line, and Web access from the network is not possible. |
||
| 2. The Internet-connection will be installed as a dial-In line | ||
| This
option is not recommended as the only security mechanism, because during
an opened session, the local network is open for attacks, like an
unsecured leased-line connection. Only during the night time, an attack is not possible. Disadvatages: With many single Internet-sessions of users from the local network - which an Administrtator can not control - the costs for the line are rising and are much higher than a leased line. If field workers or sales representatives have to get access to the local network, with this kind of Internet-access you have much administtrative work and high costs for realising |
||
| 3. The Internet-access will be installed as a leased line | ||
| This
option should never be installed without security, because the local
network is open for every hacker all the time. |
||
| 4. Installation of a UNIX-based Firewall-system | ||
| When
installing a Firewall-system, the kind of connection is of no interest,
because security is guraranteed all the time. When installing a Firewall-system on a UNIX operating system, the Administrator has to handle with another operating system, which is very time consuming without the experience. The actual UNIX Firewall-systems are configured with a text-based configuration file without any utilities. For NT-Administrators without UNIX- and TCP/IP experiences it will be mostly not more than a try. |
||
| 5. | ||
|
|
||
| This
product is a native WindowsNT Software with full graphic support. The
administration can be performed from any computer in the local network. All known ways to attack a network from the Internet could be blocked, and the Administrator gets informed about the attack. The access to the Internet can be allowed or denied for some users or defined groups. Also the bandwith could be determined for some computers, e.g web servers. With continued Updates from the manufacturer, the software is always up to date and provides security for the local network. |
||
GuardianPro can be delivered as a 'Plug&Play'-Box for small offices and branch offices.
