Information assurance security framework for enterprise networks

Today Networks play a vital role and act as the information center of industries, enterprises and organizations of Civilian and Defense sectors. The networks are helping to transfer vital and often highly sensitive information while ordinary users are also connected to access network. Protecting the information of an enterprise is a must in the competitive world of information age. With the growing network size and complexity, their protection from threats has become increasingly difficult. The problem with network security solutions is that technology driven, non-integrated products such as firewalls and intrusion detectors provide only protection for specific type of threats. But the need for the organization today is comprehensive coverage of threats to their enterprise networks. Individual security products often lack inter-operability, scalability and ease of manageability. So a holistic security management and centralized control solution that integrates and manages the different security appliances is required for enterprise networks. This paper offers implementation of such solution for information security management. In any organization information assurance is very much important. It requires integrity of the network system with respect to security appliances of different varieties in the network. Information assurance also requires centralized log gathering and analysis for getting unified view, which will make monitoring and troubleshooting easier. Centralized log analysis helps in timely situation awareness with respect to organizational policy implementation. This will also help in easy classification of the policy violations caused either by the known source (administrators) or external malicious users, thus providing the information assurance to the organization.