Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherICS DISSOLVABLE AGENT FOR SAFEGUARD
11121314151617181920
ICS Dissolvable Agent for SafeGuard Administration Guide
17
Chapter 3: General Administration Tasks
User accounts
End point computers
Your security goals are to provide data protection, session confidentiality, and protection
from network infection.
Risks
In this scenario, your organization’s intellectual property is threatened by:
Viruses
Trojans
Worms
Hackers
End Point Users and Disruption Tolerance
Your end point users are usually employees but they can also be guests and contractors.
Employees are professionals with a medium-to-high level of computer expertise. They
are more likely to understand the need for security and to tolerate a higher degree of
disruption while becoming compliant with your security implementation’s demands.
Sample Solution
A recommended solution for full network access is to use the ICS Security Scanner. The
Security Scanner protects against network infection and known spyware through the
policy you configure. The Security Scanner policy should require an antivirus application
and a firewall on each end point computer. The policy should also prohibit all types of
spyware.
Although the final goal of this security solution is to have a rather demanding and
restrictive policy, you can minimize end point user disruption through the use of security
lifecycles. You can implement a limited number of security features at first and use more
lenient options while your users become compliant. Once users have begun to comply,
you can add more security features, and use the less permissive options. For more
information see Understanding Security Lifecycles.
Understanding Security Lifecycles
Security lifecycles allow you to gradually increase your security while maintaining
reasonable user access to your network. By using a security lifecycle, you can also keep
your system up to date, by implementing changes according to changes in your systems
security needs.
Consider starting out with a security configuration that is lenient. Strategies for creating
more lenient security configurations include: