While there are difficult security concerns in any isolated computing environment, the addition of a network between geographically distributed facilities and the opening of a network to the outside world via the Internet greatly complicate all aspects of the security function. Host a discussion with the IT director and staff and let them know what you believe to be the most significant of these additional complexities and the reasons why you believe them to be difficult to manage.
TCP/IP - the language of the Internet
Geographically distributed facilities communicate over the Internet using TCP/IP - Transport Control Protocol/Internet Protocol.
TCP/IP is the ``language'' of the Internet. Anything that can learn to ``speak TCP/IP'' can play on the Internet. This is functionality that occurs at the Network (IP) and Transport (TCP) layers in the ISO/OSI Reference Model. Consequently, a host that has TCP/IP functionality (such as Unix, OS/2, MacOS, or Windows NT) can easily support applications (such as Netscape's Navigator) that uses the network.
IP is a ``network layer'' protocol. This is the layer that allows the hosts to actually ``talk'' to each other. Such things as carrying datagrams, mapping the Internet address (such as 10.2.3.4) to a physical network address (such as 08:00:69:0a:ca:8f), and routing, which takes care of making sure that all of the devices that have Internet connectivity can find the way to each ...
Security aspects of networks of distributed facilities are discussed. The following points are elaborated:
* Attacks Against IP
* IP Spoofing
* IP Session Hijacking