Home arrow Security arrow Page 4 - Security Management Architecture

Enforcement Processing - Security

This chapter provides a thorough guide to many security issues. The authors encourage writing strong enforcement statements of acceptable use policies (AUPs) and provide examples of wordings and a best practices checklist. They cover how to limit authority and separate duties and how to pinpoint accountability. The chapter is from Network Security: The Complete Reference, by Mark Rhodes-Ousley, Roberta Bragg and Keith Strassberg; ISBN:0-072-22697-8, McGraw-Hill/Osborne, 2003.

  1. Security Management Architecture
  2. Examples of AUP Enforcement Wording
  3. Developing AUP Enforcement Policy Text
  4. Enforcement Processing
  5. Administrative Security
  6. Management Practices
  7. Activity Monitoring and Audit
  8. A System and Device Log File Example (Windows)
  9. System and Network Activity Monitoring
By: McGraw-Hill/Osborne
Rating: starstarstarstarstar / 5
May 11, 2004

print this article



AUP enforcement is not just a matter of writing strong words and meting out punishment. Enforcement also means detecting the abuse and proactively stopping infractions from occurring. Products such as Websense (www.websense.com) and SurfControl (www.surfcontrol.com) use filtering technologies to block access to sites or even to block keywords that an organization has deemed unacceptable. Filtering products may also filter e-mail for regulated topics. Other products may take a more passive approach such as simply recording every page visited and allowing reports to track user activity on the Internet. In either case, all Internet access must pass through a control point such as a firewall or proxy server. A product is integrated with these control points and configured to meet the demands of the company. Attempts and successes are logged, and if the product is set to block, access is blocked.

NOTE  A 90-page document on the effectiveness of these types of filtering products can be found at

The Websense product is backed by a constantly updated master database of more than four million sites organized into more than 80 categories. This database makes it possible, for example, to block access to gambling, MP3, political, shopping, and adult content sites. An additional Websense product can manage employee use of media-rich network protocols, instant messaging, streaming media, and so forth, allowing access when bandwidth permits and blocking access when the organization needs that capability for business-related activity.

Remember: this chapter is from Network Security: The Complete Reference, by Mark Rhodes-Ousley, Roberta Bragg and Keith Strassberg (McGraw-Hill/Osborne, ISBN 0-072-22697-8, 2003).

Buy this book now

>>> More Security Articles          >>> More By McGraw-Hill/Osborne

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Secure Your Business for Data Privacy Day
- Google Testing Security Fob Password Alterna...
- Security News Highlights Concerns
- Going to Extremes for Data Security
- Skipfish Website Vulnerability Scanner
- Critical Microsoft Visual Studio Security Pa...
- US Faces Tech Security Expert Deficit
- LAN Reconnaissance
- An Epilogue to Cryptography
- A Sequel to Cryptography
- An Introduction to Cryptography
- Security Overview
- Network Security Assessment
- Firewalls
- What’s behind the curtain? Part II

Developer Shed Affiliates


Dev Shed Tutorial Topics: