Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software

101

102

103

104

105

106

107

108

109

110

2-36

Customer Needs Assessment

Determine Your Endpoint Integrity Requirements

Select Security Settings for Your Company

Like other security measures, Internet Explorer security settings require you

to weigh tighter security against the users’ need for functionality. That is, the

lower your Internet Explorer security settings, the higher the functionality.

And conversely, the higher your Internet Explorer security settings, the lower

the functionality.

The NAC 800’s default settings are a good place to start. You can use these

settings until you thoroughly evaluate your company’s requirements for Inter-

net browser security. The default settings that the NAC 800 suggests for each

zone are listed in Table 2-7.

Table 2-7. Default Settings for Internet Explorer Zones

The Intranet zone has a Medium-low security setting because it is designed to

include your company’s intranet sites. Not only do your intranet sites have the

added security of being inside your firewall, but they are under your direct

control. Therefore, it should be free from adware, malware, and other threats

and does not require a high security setting.

Because you identify trusted sites as safe sites, the NAC 800 by default assigns

them a Low security setting. This allows you to designate zones that users can

access freely, without restrictions.

For that very reason, however, you should take particular care when you

assign Web sites to this zone. After all, it has the lowest security setting—even

lower than the security setting for the Intranet zone, which includes Web sites

inside your company’s firewall. You should be absolutely sure that the Web

sites you add to the Trusted zone are trustworthy. Typically, this zone should

contain only a few sites.

Not surprisingly, the Restricted zone has the highest security setting. You don’t

want your company’s users to visit sites that are known to contain adware,

spyware, or other harmful programs. Although a high security setting will not

prevent users from visiting such Web sites, it will curtail their activities on the

Web site.

Zone Default Setting

Intranet Medium-low

Trusted Low

Restricted High

Internet Medium