ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaj4_5.4.0.1/rzaj45zssecurityplanning.htm

80 lines
5.4 KiB
HTML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Planning Internet security" />
<meta name="abstract" content="Use this information to gain a general understanding of the strengths of iSeries security for e-business and the iSeries security offerings available to you." />
<meta name="description" content="Use this information to gain a general understanding of the strengths of iSeries security for e-business and the iSeries security offerings available to you." />
<meta name="DC.Relation" scheme="URI" content="rzaj4secoverview.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaj40a0internetsecurity.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaj40j0securitypolco.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaj45lbasiccorpusage.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1999, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1999, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzaj45zssecurityplanning" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Planning Internet security</title>
</head>
<body id="rzaj45zssecurityplanning"><a name="rzaj45zssecurityplanning"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Planning Internet security</h1>
<div><p><span>Use this information to gain a general
understanding of the strengths of iSeries™ security for e-business and the iSeries security
offerings available to you.</span></p>
<p>As you develop your Internet usage plans, you must carefully plan for your
Internet security needs. You must gather detailed information about your Internet
usage plans and document your internal network configuration. Based on the
results of gathering this information, you can accurately evaluate your security
needs.</p>
<p>For instance, you should document and describe such things as the following:</p>
<ul><li>Your current network configuration.</li>
<li>DNS and e-mail server configuration information.</li>
<li>Your connection to your Internet Service Provider (ISP).</li>
<li>What services you want to use from the Internet.</li>
<li>What services you want to provide to Internet users.</li>
</ul>
<p>Documenting this type of information helps you determine where your security
exposures are and what security measures you need to use to minimize these
exposures.</p>
<p><img src="./delta.gif" alt="Start of change" />For example, you decide that you want to allow your internal
users to use Telnet to connect to hosts at a special research location. Your
internal users need this service to help them develop new products for your
company. However, you have some concerns about confidential data flowing unprotected
across the Internet. If competitors capture and exploit this data, your company
might face a financial risk. Having identified your usage needs (Telnet) and
the associated risks (exposure of confidential information), you can determine
what additional security measures you should put into effect to ensure data
confidentiality for this usage (Secure Sockets Layer (SSL) enablement).<img src="./deltaend.gif" alt="End of change" /></p>
<p>As you develop your Internet usage
and security plans, you may find it helpful to review these topics: </p>
</div>
<div>
<ul class="ullinks">
<li class="ulchildlink"><strong><a href="rzaj40a0internetsecurity.htm">The layered defense approach to security</a></strong><br />
Your <strong>security policy</strong> defines what you want to protect and
what you expect of your system users.</li>
<li class="ulchildlink"><strong><a href="rzaj40j0securitypolco.htm">Security policy and objectives</a></strong><br />
Defining what to protect and what to expect of users.</li>
<li class="ulchildlink"><strong><a href="rzaj45lbasiccorpusage.htm">Scenario: JKL Toy Company e-business plans</a></strong><br />
Describes a typical business, the JKL Toy Company which has decided to expand its business objectives by using the Internet. Although the company is fictitious, their plans for using the Internet for e-business and their resulting security needs are representative of many real world company situations.</li>
</ul>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaj4secoverview.htm" title="Accessing the Internet from your LAN is a major step in the evolution of your network that will require you to reassess your security requirements.">iSeries and Internet security</a></div>
</div>
</div>
</body>
</html>