The first step in developing a network security policy is conducting a risk analysis of the company network and data storage environment. For the network security policy task, follow the steps below:
Think about the security threats that the company will be exposed to and apply the necessary threat detection and mitigation strategies from companies like https://www.fortinet.com/products/sd-wan to its network.
After the network security policy task is complete, identify the network resources or user accounts that will be subject to network security policy.
Step 1 is the first step in developing a network security policy, and it is usually the most challenging step to complete. In this first step, the network security policy document establishes a management framework that outlines all of the security rules that will be applied in the organization. Network security policies define whether a resource or account is subject to security rules and the degree to which those rules can be applied. This step is also the first step in the application of network security rules to a resource. For example, if the company has an email client that was previously created, the organization will need to review whether that resource is to be subject to network security policies. In the future, if another account is created using that email client, a network security policy for that account is in place. If the organization needs to take additional action, it must review whether the appropriate network security policies are in place for that account or resource.
An organization should identify the tools and techniques that it uses to monitor and address security vulnerabilities in the network. Doing so will provide knowledge that can be used in developing policies, monitoring and responding to security threats. The tools and techniques that an organization uses for network security monitoring and management can vary, depending upon the requirements of the organization. Network security monitoring may include a variety of tools such as IDS software, scanners, scanning software, network address translation (NAT) and threat intelligence. Similarly, network security management may involve command and control (C&C) tools and automation tools. If the network security policy document specifies whether network security monitoring and management will be implemented using system management tools (Microsoft Windows Defender, VMware, Citrix, QRadar) or an application such as a web management application (Inbound firewall, Domain Controller Manager) or an application that uses static rules and does not require a network administration interface (ISO), the tools or techniques used by the organization will be further detailed in the policy document.
The company will need to determine the degree to which it will monitor and manage threats. Maintaining an effective security posture will require the use of both manual and automated tools, and the exact technique will depend on the nature of the threat. For example, a site-based application, such as a Web application firewall, typically requires manual monitoring, while a threat detection service, such as those described in the previous section, typically requires automation.
The next step is to identify what security rules will be applied. In general, most security rules will not require a network administrator to intervene. However, security rules that impact customer data and the privacy of customers should be applied. This step can be conducted by using automated tools, as described in the previous section. It can also be conducted using manual tools, as described in the manual security monitoring steps.
Once an organization has identified the network resources that will be subjected to network security policy, it must determine how network security policies will be applied to those resources.