HostedDB - Dedicated UNIX Servers
fips191_3 FIPS PUB 191 1   INTRODUCTION 1.1 Why LAN Security is Important Local area networks (LANs) have become a major tool to many organizations in meeting data processing  and  data  communication  needs.    Prior  to  the  use  of  LANs,  most  processing  and communications   were   centralized;   the   information   and   control   of   that   information   were centralized   as   well. Now   LANs   logically   and   physically   extend   data,   processing   and communication facilities across the organization Security  services  that  protect  the  data,  processing  and  communication  facilities  must  also  be distributed  throughout  the  LAN.   For  example,  sending  sensitive  files  that  are  protected  with stringent access controls on one system, over a LAN to another system that has no access control protection, defeats the efforts made on the first system.   Users must ensure that their data and the LAN itself are adequately protected.   LAN security should be an integral part of the whole LAN, and should be important to all users. Electronic  mail  (email),  a  major  application  provided  by  most  LANs,  replaces  much  of  the interoffice and even interorganizational mail that is written on paper and placed in an envelope. This envelope provides some confidentiality between the sender and receiver, and it can even be argued  that  the  integrity  of  the  paper  envelope  provides  the  receiver  with  some  degree  of assurance  that  the  message  was  not  altered.    Using  electronic  mail  does  not  provide  these assurances.  Simple  transfers  on  unprotected  LANs  of  inadequately  protected  electronic  mail messages can be captured and read or perhaps even altered.   For some LANs, there can be no assurance that the message actually was sent from the named sender.   Fortunately tools such as encryption, digital signatures, and message authentication codes help solve these problems and can help provide some assurance. Understanding  the  necessity  to  provide  security  on  a  LAN  and  how  to  decide  the  appropriate security measures needed are major goals of this document. 1.2 Purpose The intended readers of this document include organizational management, LAN administrators, system  administrators,  security  officers,  LAN  users  and  others  who  have  a  responsibility  for protecting  information  processed,  stored  or  associated  with  a  LAN.     The  purpose  of  this document is to help the reader understand the need for LAN security and to provide guidance in determining effective LAN security controls. 5