Secure Networking Best Practices for Municipalities

Slide Note
Embed
Share

Explore the implementation of secure networking practices for municipalities, including dedicated circuits, VPN connections, VLAN segmentation, and VoIP considerations. Learn about maintaining network integrity and protecting sensitive information in compliance with CJIS policies.

ianthe
ianthe Follow

Uploaded on Jul 20, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Sample Diagram

  2. FIPS.gif (Dedicated Circuits) VPN to Municipalities via Internet See Figure C-1-D in CJIS Policy Other WWW CSA Municipalities Remote Admin? FIPS.gif Other Relationships: Fiber to other Facilities SAN Storage (CJI ?) Regional Provider (CSA approved) Internet Router Intrusion FIPS.gif Detection Extranet AA Server Router/Firewall/VPN CAD System (CJI) 128-bit TLS LE Non-LE VLAN (see following slide) VLANs CAD Client w/AA TLS Web App. hosted by State with AA See following slide for more examples Other Department workstations/Local 802.11X LAN CAD Clients TLS Web App. hosted by State

  3. What we would like to see

  4. (Dedicated Circuits) VPN to Municipalities via Internet (See Figure C-1-D in CJIS Policy) Other WWW CSA FIPS.gif Municipalities Remote Admin? FIPS.gif Other Relationships: Fiber to other Facilities SAN Storage (CJI ?) Regional Provider (CSA approved) CISCO 2800 IOS v6.1 IBM FIPS.gif Proventia CISCO 2800/v6.1 CISCO ASA 5505 AA Server (RSA) RMS System (CJI) TriTech Perform Netmotion Mobility XE CAD System (CJI) Tritech Perform 128-bit TLS LE Non-LE VLAN (see following slide) VLANs CAD Client w/AA (RSA) TLS Web App. hosted by State with AA See following slide for more examples Other Department workstations/Local 802.11X LAN (if 802.11X used for CJI see CJIS Policy 5.5.7) CAD Clients TLS Web App. hosted by State (Name of State System)

  5. VLANS 5.5.7.1 All 802.11x Wireless Protocols physically (e.g. firewalls), the wireless network from the operational wired infrastructure. Limit access between wireless networks and the wired network to only operational needs. Segregate, virtually (e.g. virtual local area network (VLAN) and ACLs) or 5.10.1.4 Voice over Internet Protocol (IP) services.Among VoIP s risks that have to be considered carefully are: myriad security concerns, cost issues associated with new networking hardware requirements, and overarching quality of service (QoS) factors. In addition to the security controls described in this document, the following additional controls shall be implemented when an agency deploys VoIP within a network that contains unencrypted CJI: 1. Establish usage restrictions and implementation guidance for VoIP technologies. 2. Change the default administrative password on the IP phones and VoIP switches. 3. Utilize Virtual Local Area Network (VLAN) technology to segment VoIP traffic from data traffic. VoIP can be installed in-line with an organization s existing Internet Protocol

  6. VLANs

  7. Mobility XE examples

  8. Source: http://discover.netmotionwireless.com/rs/netmotionwireless/images/NetMotion-Wireless_Security-Wireless-Networks_WP.pdf

  9. Source: http://discover.netmotionwireless.com/rs/netmotionwireless/images/NetMotion-Wireless_Security-Wireless-Networks_WP.pdf

Related


Understanding Municipalities in Ontario

Understanding Municipalities in Ontario

calytrix
Municipalities Legal Cases Overview

Municipalities Legal Cases Overview

decima
Support Provided to DR. Ruth Segomotsi Mompati District and its Local Municipalities

Support Provided to DR. Ruth Segomotsi Mompati District and its Local Municipalities

pilar
Challenges and Engagements in Working with Non-Delegated Municipalities in Gauteng

Challenges and Engagements in Working with Non-Delegated Municipalities in Gauteng

armin
Growth of CA Firms through Networking & Merger

Growth of CA Firms through Networking & Merger

laylarose
Diploma in Hardware & Networking: Upgrade Your IT Skills

Diploma in Hardware & Networking: Upgrade Your IT Skills

melia
Networking and Partnership Formation for AECD at University of Gondar College of Education

Networking and Partnership Formation for AECD at University of Gondar College of Education

tariq
Networking: Mastering the Basics

Networking: Mastering the Basics

bryn
Sustainable Municipal Waste and Wastewater Management in Serbia Conference

Sustainable Municipal Waste and Wastewater Management in Serbia Conference

khaleesi
Tamper-Evident Pairing (TEP) Protocol for Secure Wireless Pairing Without Passwords

Tamper-Evident Pairing (TEP) Protocol for Secure Wireless Pairing Without Passwords

quer_sna
Deciphering SALGA's Stance on the 2024/25 Division of Revenue Bill

Deciphering SALGA's Stance on the 2024/25 Division of Revenue Bill

denise
Indigent Policies in Municipalities: Legislative Framework and Requirements

Indigent Policies in Municipalities: Legislative Framework and Requirements

nicolo
Action Plan to Address Poor Performing Municipalities' Water Services Drop Programmes 2023 Results

Action Plan to Address Poor Performing Municipalities' Water Services Drop Programmes 2023 Results

sumayyah
Quick Course on Setting up Fund Accounting in QuickBooks Pro for Municipalities

Quick Course on Setting up Fund Accounting in QuickBooks Pro for Municipalities

salem
Overview of Informal Settlements in KwaZulu-Natal: Growing Together

Overview of Informal Settlements in KwaZulu-Natal: Growing Together

cadence
Progress Update on Ring-Fenced MIG Programme Implementation by DSAC

Progress Update on Ring-Fenced MIG Programme Implementation by DSAC

ruairi
Overview of Mpumalanga Water Service Infrastructure

Overview of Mpumalanga Water Service Infrastructure

lynx
Department of Cooperative Governance and Traditional Affairs (COGTA) Budget Underspending Review

Department of Cooperative Governance and Traditional Affairs (COGTA) Budget Underspending Review

piero
Mastering Networking for Career Development

Mastering Networking for Career Development

aodh
Important Networking Concepts Overview

Important Networking Concepts Overview

bernice
Understanding Networking Bridges and Transceivers

Understanding Networking Bridges and Transceivers

islarose
Networking Modes in AWS VPC Environments

Networking Modes in AWS VPC Environments

hadlee
Unlocking the Power of Networking and Developing Your LinkedIn Profile

Unlocking the Power of Networking and Developing Your LinkedIn Profile

chloe
Understanding Cabling Types and Specifications in Networking

Understanding Cabling Types and Specifications in Networking

midge

More Related Content

Understanding IMIX in Networking and Testing Tools
Understanding IMIX in Networking and Testing Tools
Exploring Time-Sensitive Networking Horizons and Possibilities for Low Latency Solutions
Exploring Time-Sensitive Networking Horizons and Possibilities for Low Latency Solutions
Networking Fundamentals and Challenges in Data Centers
Networking Fundamentals and Challenges in Data Centers
Understanding the OSI Model and Layered Tasks in Networking
Understanding the OSI Model and Layered Tasks in Networking
Networking Education Quiz - Test Your Knowledge!
Networking Education Quiz - Test Your Knowledge!
Exploring Management Plane Analytics in Networking
Exploring Management Plane Analytics in Networking
Understanding Secure Act 2.0 Key Provisions
Understanding Secure Act 2.0 Key Provisions
Introduction to SFTP & PGP Encryption for Secure Data Transfer
Introduction to SFTP & PGP Encryption for Secure Data Transfer
Ensuring Secure Testing Environments in Oregon Education System
Ensuring Secure Testing Environments in Oregon Education System
Secure Computation Techniques in RAM Models with Efficient Automation
Secure Computation Techniques in RAM Models with Efficient Automation
Empowering Educators: Collaboration, Communication, Networking
Empowering Educators: Collaboration, Communication, Networking
Revolutionizing Network Management with Intent-Based Networking
Revolutionizing Network Management with Intent-Based Networking
Deploying Secure Applications on Azure PaaS
Deploying Secure Applications on Azure PaaS
Secure Network Infrastructure Best Practices
Secure Network Infrastructure Best Practices
Alpha Kappa Alpha Sorority Leadership Seminar 2023 Overview
Alpha Kappa Alpha Sorority Leadership Seminar 2023 Overview
Faculty of Radiologists and Radiation Oncologists Annual Scientific Meeting 2023
Faculty of Radiologists and Radiation Oncologists Annual Scientific Meeting 2023
Nottingham City Safeguarding Children Partnership Networking Event
Nottingham City Safeguarding Children Partnership Networking Event
Virtual Labs on SDN and P4 Programmable Switches
Virtual Labs on SDN and P4 Programmable Switches
Introduction to Networking Devices: Hubs, Switches, and Routers
Introduction to Networking Devices: Hubs, Switches, and Routers
Exploring the PROTEOCURE COST Action: Targeting Proteolysis for Proteome Remodeling
Exploring the PROTEOCURE COST Action: Targeting Proteolysis for Proteome Remodeling
Exploring the Impact of Social Networking Services on Global Connectivity
Exploring the Impact of Social Networking Services on Global Connectivity
Understanding TCP/IP Networking Tools in Linux Administration
Understanding TCP/IP Networking Tools in Linux Administration
Empowering Women Across the CAREC Region through WEOP
Empowering Women Across the CAREC Region through WEOP
Understanding TCP/IP Networking Fundamentals
Understanding TCP/IP Networking Fundamentals