Infrastructure
CS5493
7 Domains of IT
1. User Domain
2.Workstation Domain
3.LAN Domain
4.LAN to WAN Domain
5.WAN Domain
6.Remote Access
7.System Application Domain
Logical Grouping of IT Domains
●
User/Workstation
●
Network
●
LAN
●
LAN-WAN interface
●
WAN
●
Remote (Brave new world)
●
System/Application
User Domain
●
The subjects:
●
The people using the system.
●
This is the domain of the AUP
The AUP
• Acceptable usage policy – a contract between the system owner and system user outlining the acceptable usage parameters of the computing system.
User Domain
●
Threats/Vulnerabilities
–
Lack of user awareness
–
User apathy toward policies
–
Security policy violations
–
Disgruntled employee attacks
–
Social engineering attacks
–
Etc
Mitigation strategies …
Workstation Domain
●
Usually refers to the computer on your desk or workspace. –
This includes the staff supporting the workstations
–
The AUP is a key document for this domain
Workstation Domain
●
Risks/threats/vulnerabilities
–
Unauthorized access
–
Malware
–
Support staff threats/vulnerabilities
–
Social engineering attacks
–
Etc.
Mitigation strategies…
Network Domain
●
For the purpose of this course, we will combine the domains for LAN, LAN-to-WAN, and WAN into the Network Service Domain
Network Service Domain
●
●
Includes the equipment, cables, the wireless access, etc.
Key document is the SLA
SLA: Service Level Agreement
• An agreement between the system provider and system user. Outlines provider responsibilities and defines realistic expectations to the users.
Network Service Domain
●
Threats/Vulnerabilities/
–
Unauthorized access, physical or otherwise
–
Malware attacks
–
Hardware vulnerabilities
–
Support staff threats/vulnerabilities
–
Misuse of network resource by users
–
Clear-text (unencrypted) data traffic
–
DoS
–
Wireless attacks
Remote Access Domain
●
Accessing the computing services from outside the boundary of the