Intel PRO/100 Computer Hardware User Manual


 
Intel® Packet Protect User’s Guide
8
Developing Your Deployment Model
In order to use Packet Protect successfully, you must develop a deployment
model that fulfills your security needs on your network. There are several stages
to consider in developing your deployment model.
Review your network architecture and corporate security guidelines.
Assign security behavior roles to computers that you want to use Packet
Protect.
Develop a strategy for using pre-shared keys.
Understand the Default Rule.
Consider exceptions to the Default Rule.
This discussion represents only an overview of some of the issues that should be
considered when deploying Packet Protect in your enterprise. For more detailed
information about deployment models, please refer to “Scalable Deployment of
IPSec in Corporate Intranets”white paper from the Intel Architecture Labs Inter-
net Building Blocks Initiative. This white paper can be found at:
ftp://download.intel.com/ial/home/ibbi/ipsec_122.pdf
Review Your Network Architecture and
Corporate Security Guidelines
The amount of confidential information traveling on your network grows as
more employees use your corporate network. This poses a security risk if some-
one breaks through your firewall, or someone already behind your firewall has
access to the network—those people can access confidential information. For
example, an intruder can mimic an IP address and receive information that was
intended for someone else at that IP address. Or, an intruder can use software to
view data as it travels on your LAN.
You can deploy Packet Protect in the areas of your network that transmit sensi-
tive information. Some areas of your network might require the additional pro-
tection provided by Packet Protect, while other areas might not. Use your
corporate security guidelines to help determine which areas of your network
require Packet Protect.
Perhaps you have a server that stores highly confidential information, such as
corporate financial figures or e-commerce transactions. You can use your oper-
ating system’s tools to help protect data stored on the server’s hard disk, but
what about when other computers access that information? Use Packet Protect