Planning for network security

Edit online

For a secure Content Manager Enterprise Edition network, plan for the following considerations.

Authorization
  • How do you ensure that users are who they claim to be?
  • How do different elements in the system locate and determine whether to trust one another?
  • How do you enable new employees, customers or business partners to access existing systems without major changes to existing security infrastructure?
  • Whose identity do you use to determine authorization: the user, the server, or some other entity?
Asset protection
  • Can you keep data confidential and private when is stored and when it is traveling across relatively untrusted networks?
  • How can you be sure that the data does not change while it is stored or in transit?
Accountability
  • How can you can tell who did what and when?
  • How can you ensure, and prove, that requests and results are not altered, inadvertently or maliciously?
Administration
  • Can you define the security policy?
  • Can you ensure that policies are consistent across all elements of applications, systems, operating systems, and networks?

Assurance
  • How will the system keep its security promises?
  • How can you ensure that the infrastructure and application resources, including systems, networks, and data, are not presently under attack?
Availability
  • How do you prevent attacks on elements of the system that cause disruptions in service?
  • How do you design for fault tolerance and ensure that applications and data are restored in the event of a serious failure?
  • How can you keep the system up and running and also make needed modifications to the application, the systems, and the enterprise network?
Transport layer security
  • How do you configure transport layer security (TLS) and secure socket layer (SSL) protocols for network communication to harden security for your particular systems?
  • How to you design your environment to accept both non-secure and secure communication protocols, http and https, either permanently or as a transitional stage in your security strategy?
  • How do you manage your security keys and certificates over time to anticipate the need for regular updates and avoid confusion in your user base?
Content Manager Enterprise Edition security prevents these three types of security risks:
  • Unauthorized network access to Content Manager Enterprise Edition systems, clients, and features
  • Unauthorized access to Content Manager Enterprise Edition functionality
  • Unauthorized viewing and use of content server information