Chapter 8.


Hardware and Network Protection


The best practice before deploying a machine into a production environment or connecting your net 


work to the Internet is to determine your organizational needs and how security can fit into the re 


quirements as transparently as possible. Since the main goal of Official Red Hat Linux Security Guide


is to explain how to secure Red Hat Linux operating system, a more detailed examination of hardware


and physical network security is beyond the scope of this document. However, this chapter is a brief


overview of establishing security policies with regard to hardware and physical networks. Important


factors to consider are how computing needs and connectivity requirements fit into the overall security


strategy. The following explains some of these factors in detail.


Connectivity is the method by which an administrator intends to connect disparate resources on


a network. An administrator may use Ethernet (hubbed or switched CAT 5/RJ 45 cabling), token


ring, 10 base 2 coaxial cable, or even cable free (wireless, 802.11x) technologies. Depending on


which medium an administrator chooses, certain media and network topologies require comple 


mentary technologies such as hubs, routers, switches, base stations, and access points. Determining


a functional network architecture will allow an easier administrative process if security issues arise.


Computing involves more than just workstations running desktop software. Modern organizations


require massive computational power and highly available services, which can include mainframes,


compute/server clusters, powerful workstations, and specialized appliances. With these organiza 


tional requirements, however, come increased susceptibility to hardware failure, natural disasters,


and tampering or theft of equipment.


From these general considerations, administrators can get a better view of implementation. The design


of a computing environment will then be based on both organizational need and security considera 


tions   a true, "ground up" implementation that places priority on both factors.


8.1. Secure Network Topologies


The foundation of a LAN is the topology, or network architecture. A topology is the physical and


logical layout of a LAN in terms of resource provided, distance between nodes, and transmission


medium. Depending upon the needs of the organization that the network will service, there are several


choices available for network implementation. Each topology has its advantages and security issues


that network architects should regard when designing their network layout.


8.1.1. Physical Topologies


As defined by the Institute of Electrical and Electronics Engineers (IEEE), there are three common


topologies for physical connection of a LAN.


8.1.1.1. Ring Topology


The Ring topology connects each node by exactly two connections. This creates a ring structure where


each node is accessible to the other either directly by its two physically closest neighboring nodes


and indirectly through the physical ring. Token Ring, FDDI, and SONET networks are connected


in this fashion (with FDDI utilizing a dual ring technique); however, there are no common Ethernet


connections using this physical topology, so rings are not commonly deployed except in legacy or


institutional settings with a large installed base of nodes (for example, a university).








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      web hosting comparison

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Jsp Hosting
Cheap Hosting



Visionwebhosting.net Business web hosting division of Web 
Design Plus. All rights reserved