Welcome Guest. | Log In| Register | Membership Benefits

News

November 1, 1999

Extra Steps Can Protect Extranets

By Kay Blough

You are taking a risk when you open your systems and networks to outsiders via an extranet. But a variety of security systems can reduce that risk, according to analysts and vendors.

There are four key areas of concern, says Dan Merriman, an analyst at Giga Information Group:

  • Authentication, a way to make sure that those seeking access are who they say they are;
  • Authorization, a method to ensure that users have access only to information they are suppose to see;
  • Encryption, a system that scrambles content that is in storage or that is being transmitted;
  • Auditing and intrusion-detection administration.

One way to minimize security threats is to keep the network segments separate with firewalls, says Frederick Rica, a partner with PricewaterhouseCoopers. Your public interface for trading partners will be a Web server, a mail server, and domain name system. That way, you can contain a breach to the smallest area possible.

Companies should routinely call all extranet access numbers and company phone numbers to check what equipment is attached to those lines. So-called war dialing uses hardware and software to dial hundreds and thousands of numbers, with the software reporting phone lines with computers and modems attached to them. Ive been watching this for 10 years. Most times you get in because some knucklebrain has hung a modem off a PC and left it unprotected, Rica says.

Companies also should consider using centralized security monitoring to respond to an attack quickly. You can monitor your extranet through your extranet, says Alan Buffington, chief technology officer of e-Security. The console is secure and can be located at either or both ends of the extranet. Central monitoring also frees security staff for other tasks.

return to main story, "In Search Of More-Secure Extranets."


Back to This Week's Issue
Send Us Your Feedback
Top of the Page