WatchGuard Firewall 515 Setup – Screen Dump Example

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作) Tagged

Recently, I purchased a WatchGuard XTM515 Firewall for our company usage. Its price is lower than CISCO and Juniper, but higher than Zyxel and Huawei. So far, WatchGuard is very stable and easy to use. I configured it as the following screen dump for your reference. As a conclusion, I will recommend WatchGuard XTM515 Firewall you.

diag0

My Network Port Connection:

  1. Port # 0  for management console
  2. Port # 1  for internal network LAN connection
  3. Port # 5 & 6 for external broadband WAN connection

Management Connection Setup in two ways as below:

Read More

更換电脑防火墙设备

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作) Tagged
  1. 前言

防火墙是电脑网络的重要设备,可以监控和保障网络的通讯,确保资讯流通的效率和安全,这设备已是现今必不可少的工具。

  1. 现时的防火墙问题

约於十月中开始,本工厂的防火墙设备运作不稳定,连接外网经常断线,影响员工的上网,可是重新启动防火墙後便回复正常。以前每个月需要重启防火墙一至二次,现时每天也有机会需要重启,这可能是因为防火墙设备老化,所以本部建议更换防火墙设备。 Read More

Deploying Content Filtering to Manage Employee Browsing Behavior using Zywall USG 300 Firewall Device

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作) Tagged
  1. Introduction

In an enterprise network, there are various types of traffic. But most of the company’s Internet bandwidth is limited. All traffic will contend for it and may result in some important traffic, such as traffic getting slow or even starved. Therefore, intelligent bandwidth management for improved productivity becomes a matter of high concern for network administrators. To protect our network security, I am now using a Zywall USG 300 Firewall because its price is good and its performance is acceptable. I summarize its configuration in this document for your reference. Read More

新入职员工保密协议 – 样板

by Posted in 2. IT Security (資訊保安), 2.1 IT Security Requirement (保安要求) Tagged

甲方(员工):××××身份证号码:×××××

乙方(企业):××××公司

鉴于甲方在乙方任职,并将获得乙方支付的相应报酬,双方当事人就甲方在任职期间及离职以后保守乙方技术秘密和其他商业秘密的有关事项,订定下列条款共同遵守: Read More

电脑内网安全权限管理提纲

by Posted in 2. IT Security (資訊保安), 2.1 IT Security Requirement (保安要求)

1. 上网行为管理:

1.1 在办公时间内滥用互联网现象,主要分为以下几类:

1.1.1  获取与工作无关的资讯活动,如浏览新闻、看小说、看图片、收看收听视频和音频等。

1.1.2  从互联网下载与工作内容无关的数据,如音乐、电影、程序及其他资料等。

1.1.3  从事获取个人收益的活动,如网上购物、炒股、兼职、发布广告等。

1.1.4  进行虚拟世界的沟通活动,如上网聊天、BBS论坛、博客、收发私人邮件等。 Read More

Security Awareness for email & Internet usage

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作) Tagged ,

General Rules of using email from Corp IT policy:

l  There should be a clear business objective and need to send a mass mail.

l  The target group should be carefully selected so that the mail is relevant to all or most of the people receiving it.

l  Don’t spend spam: such as advertising or anything that can be considered as junk mail. Read More

Password Cracking Procedure

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作) Tagged

1      Introduction

1.1    Overview

Passwords are used in almost every interaction between users and information systems. Most forms of user authentication, as well as file and data protection, rely on user-supplied passwords. Since properly authenticated access is often not logged, or even if logged not likely to arouse suspicion, a compromised password is an opportunity to explore a system from the inside virtually undetected. As attacker would have complete access to any resources available to that user, and would be significantly closer to being able to access other accounts, nearby machines, and perhaps even administrative privileges. Despite this threat, accounts with bad or empty passwords remain extremely common and organizations with good password policy far too rare. The most common password vulnerabilities are that (a) user accounts have weak or non-existing passwords, (b) regardless of the strength of their passwords, users fail to protect it, and (c) the operating system or additional software creates administrative accounts with weak or non-existing passwords. Read More