Unit 3 assignment 1
Purpose
The purpose of this policy is to define standards for connecting to Richman Investments network from any host. These standards are designed to minimize the potential exposure to Richman Investments from damages which may result from unauthorized use of Richman Investments resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical Richman Investments internal systems, etc.
Scope
This policy applies to all Richman Investments employees, contractors, vendors and agents with a Richman Investments owned or personally-owned computer or workstation used to connect to the Richman Investments network. This policy applies to remote access connections used to do work on behalf of Richman Investments including reading or sending email and viewing intranet web resources and wireless devices.
Remote access implementations that are covered by this policy include, but are not limited to, dial-in
Modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc.
VPN access control model for a large scale company.
* This policy will support remote access control for systems, applications, and data access.
Remote access Defined
Remote access for employees is deployed by using remote access VPN connections across the Internet based on the settings configured for the VPN Server, and the following additional settings.
The following diagram shows the VPN server that provides remote access VPN connections.
Domain/Network Config:
For each employee that is allowed VPN access:
* The network access permission on the dial-in properties of the user account is set to Control access through NPS Network Policy.
* The user account is added to the VPN_Users group in Active Directory.
To define the authentication and encryption settings for remote access VPN clients, the following remote access network policy is created in Network Policy Server (NPS):
* Policy name: Remote Access
The purpose of this policy is to define standards for connecting to Richman Investments network from any host. These standards are designed to minimize the potential exposure to Richman Investments from damages which may result from unauthorized use of Richman Investments resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical Richman Investments internal systems, etc.
Scope
This policy applies to all Richman Investments employees, contractors, vendors and agents with a Richman Investments owned or personally-owned computer or workstation used to connect to the Richman Investments network. This policy applies to remote access connections used to do work on behalf of Richman Investments including reading or sending email and viewing intranet web resources and wireless devices.
Remote access implementations that are covered by this policy include, but are not limited to, dial-in
Modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc.
VPN access control model for a large scale company.
* This policy will support remote access control for systems, applications, and data access.
Remote access Defined
Remote access for employees is deployed by using remote access VPN connections across the Internet based on the settings configured for the VPN Server, and the following additional settings.
The following diagram shows the VPN server that provides remote access VPN connections.
Domain/Network Config:
For each employee that is allowed VPN access:
* The network access permission on the dial-in properties of the user account is set to Control access through NPS Network Policy.
* The user account is added to the VPN_Users group in Active Directory.
To define the authentication and encryption settings for remote access VPN clients, the following remote access network policy is created in Network Policy Server (NPS):
* Policy name: Remote Access