Designing Access Controls
Choose the Access Control Methods
Network Access Zones: Security
What type of security do you need in each zone?
As explained in Chapter 2: “Customer Needs Assessment,” when you are planning network access control, it is helpful to identify network zones, which are network segments or areas that provide a particular type of connec-
Each zone has different security requirements, as shown in Table
Table 3-2. Security Concerns by Zone
Security Zone | Private | Public |
Wired | • Limit users to only the information they need | • Provide access to limited resources, such |
| to do their job. | as Internet access or a public printer. |
•Protect the network from
•Protect the network from attackers who may try to hack into the network or attach an unauthorized device.
Wireless | • | Protect against “war drivers” who try to |
|
| eavesdrop on wireless communications or |
|
| steal bandwidth. |
| • | Determine what type of information can be |
|
| viewed in each wireless zone. |
•If giving only courtesy Internet access, leave security concerns to guests (because they will not be viewing information from your network).
Remote | • | Establish a VPN to protect communications. • | Typically, does not provide a practical |
| • | Determine what type of information can be | solution for public. (HTTPS provides |
|
| accessed over a remote connection. | access to a Web server, rather than to your |
|
|
| network, so it is not covered in this guide.) |
|
|
|
|
