Level 1

Administration of a network security

Seeing that a machine is connected to the LAN (local area network) - and at worse with the outside world - it constitutes a potential attack source for the whole network. It is thus necessary to implement applications (daemons) in respect to the networks security in order to define a global security policy.

Potentialities and the numbers of possible attacks have been geared knowing that the attack origin has to be more and more secured.

The LAN security should be defined as a whole. It could not exist if the network administration manager and the operating system manager don't work together.

Typical case

A front end processor (FEP) also known as a communications controller is installed to handle input and output communications and to access directly to shared repertories of the server.
Conceptually: a shared disk-space is allocated
In network terms: the front end processor has access to the allocated space... and to all the others the operating system has to secure.

Nota bene: a DMZ or any other network artifice (proxy, firewall...) could not solve the problem.
(The network authorizes or prohibits overall to access to "files sharing" function but it cannot manage the rights between the different shared resources). cf: Level 6 Finality of a DMZ

"All computer specialist - such as network administration manager and operating system managers - have to work together to achieve operational solutions. It is difficult for people whoseobjectives and operating modes are completly different."

LAN: Local area network