Page 459 - StudyBook.pdf
P. 459
Topologies and IDS • Chapter 7 443
TEST DAY TIP
A proxy server is a server that sits between an intranet and its Internet
connection. Proxy servers provide features such as document caching
(for faster browser retrieval) and access control. Proxy servers can pro-
vide security for a network by filtering and discarding requests that are
deemed inappropriate by an administrator. Proxy servers also protect
the internal network by masking all internal IP addresses—all connec-
tions to Internet servers appear to be coming from the IP address of the
proxy servers.
Of course, there are literally hundreds of other issues that may need to be
addressed but these are some of the easiest ones to take care of and the most com-
monly exploited ones.
NOTE
All of the Internet security measures listed here should be used at your
discretion, based on what is available and what meets the business
needs of your company. You can use any one of these, all of these, or
continue with an almost infinite list of applied security measures that
are covered in this book.
Extranet
Extranets are a special implementation of the intranet topology. Creating an
extranet allows for access to a network (more likely, certain parts of a network) by
trusted customers, partners, or other users.These users, who are external to the net-
work—they are on the Internet side of the firewalls and other security mecha-
nisms—can then be allowed to access private information stored on the internal
network that they would not want to place on the DMZ for general public access.
The amount of access that each user or group of users is allowed to have to the
intranet can be easily customized to ensure that each user or group gets what they
need and nothing more.Additionally, some organizations create extranets to allow
their own employees to have access to certain internal data while away from the
private network.
www.syngress.com
