Статья 'Сравнительный анализ подходов к организации безопасного подключения узлов корпоративной сети к сети общего доступа' - журнал 'Кибернетика и программирование' - NotaBene.ru
по
Journal Menu
> Issues > Rubrics > About journal > Authors > About the Journal > Requirements for publication > Council of Editors > Peer-review process > Policy of publication. Aims & Scope. > Article retraction > Ethics > Online First Pre-Publication > Copyright & Licensing Policy > Digital archiving policy > Open Access Policy > Open access publishing costs > Article Identification Policy > Plagiarism check policy
Journals in science databases
About the Journal

MAIN PAGE > Back to contents
Cybernetics and programming
Reference:

Comparative analysis of approaches to the organization of secure connection of the corporate network nodes to public network

Kolomoitcev Vladimir Sergeevich

graduate student of the Department of Information Security, ITMO National Research University

197101, Russia, Saint Petersburg, Kronverkskii prospekt, 49

dek-s-kornis@yandex.ru

DOI:

10.7256/2306-4196.2015.2.14349

Review date:

30-01-2015


Publish date:

17-04-2015


Abstract: The purpose of the study is in increasing the protection of nodes when accessing resources of an outside network. The objects of the study are the schemes of secure access from corporate network nodes to the information in the external network via "Direct connection" and "Connecting node". The study of these schemes is carried in terms of improving the security of the terminal node of corporate network, convenience and quality of organizing access of this node to the external network resources, as well as the complexity of the implementation of these schemes. In addition, the paper considers the possibility of protecting corporate network nodes from DDoS-attacks. The basis of the research is in the method of comparative analysis, which allows to reveal the advantages and disadvantages of each of the schemes. Based on the results it can be concluded that the scheme of "Direct connection" should be used in the following cases. Firstly, when it is impossible to make significant changes to the existing network architecture. Secondly, when the organization has limited financial resources. And thirdly, if it is necessary to work with external network resources in real time. Scheme "Connecting node", in contrast, requires (radical) rebuilding of network architecture and significant financial costs, but allows a much greater extent than the scheme of "direct connection", protecting an organization from the threats from the external network.


Keywords: encryption, network organization, firewalls, unauthorized access, information security, information technology, information protection, protected storage, monitoring of network traffic, access control
This article written in Russian. You can find full text of article in Russian here .

References
1.
Ingham Kenneth, Forrest Stephanie. A History and Survey of Network Firewalls // University of New Mexico. – 2002.
2.
Gatchin Yu.A. Matematicheskie modeli otsenki infrastruktury sistemy zashchity informatsii na predpriyatii / Gatchin Yu.A., Zharinov I.O., Korobeinikov A.G // Nauchno-tekhnicheskii vestnik informatsionnykh tekhnologii, mekhaniki i optiki. 2012. № 2 (78). S. 92-95
3.
Korobeinikov A.G. Matematicheskaya model' rascheta veroyatnosti nesanktsionirovannogo fizicheskogo proniknoveniya na ob''ekt informatizatsii / Korobeinikov A.G., Pirozhnikova O.I. // Programmnye sistemy i vychislitel'nye metody. 2014. № 2. S. 160-165.
4.
Korobeinikov A.G. Algoritm klassifikatsii informatsii dlya resheniya zadachi fil'tratsii nezhelatel'nykh soobshchenii / Korobeinikov A.G., Sidorkina I.G., Blinov S.Yu., Leiman A.V. // Programmnye sistemy i vychislitel'nye metody. – 2012. № 1. S. 89-95.
5.
Bogatyrev V.A. K raspredeleniyu funktsional'nykh resursov v otkazoustoichivykh mnogomashinnykh vychislitel'nykh sistemakh // Pribory i sistemy. Upravlenie, kontrol', diagnostika. – 2001. № 12. S. 1-5
6.
Bibikov S.V. Otsenka funktsional'noi bezopasnosti dublirovannykh vychislitel'nykh sistem / Bibikov S.V., Bogatyrev V.A. // Nauchno-tekhnicheskii vestnik informatsionnykh tekhnologii, mekhaniki i optiki – 2012. – № 2 (78). – S. 146-147
7.
Bogatyrev V.A. Nadezhnost' klasternykh vychislitel'nykh sistem s dublirovannymi svyazyami serverov i ustroistv khraneniya / Bogatyrev V.A., Bogatyrev S.V., Bogatyrev A.V. // Informatsionnye tekhnologii. – 2013. № 2. S. 27-32.
8.
Bogatyrev V.A. Optimizatsiya intervalov proverki informatsionnoi bezopasnosti sistem / Bogatyrev V.A., Bogatyrev A.V., Bogatyrev S.V. // Nauchno-tekhnicheskii vestnik informatsionnykh tekhnologii, mekhaniki i optiki. 2014. № 5 (93). S. 119-125.
9.
Bogatyrev V.A., i dr. Optimizatsiya raspredeleniya zaprosov mezhdu klasterami otkazoustoichivoi vychislitel'noi sistemy // Nauchno-tekhnicheskii vestnik informatsionnykh tekhnologii, mekhaniki i optiki. – 2013. № 3. S. 77-82
10.
Bogatyrev V.A. i dr Optimizatsiya vychislitel'nykh sistem s ob''edineniem mezhsetevykh ekranov v otkazoustoichivye klastery // Nauchno-tekhnicheskii vestnik informatsionnykh tekhnologii, mekhaniki i optiki. – 2011. № 6 (76). S. 140-142.
11.
Bogatyrev V.A. Otsenka i vybor otkazoustoichivykh konfiguratsii mezhsetevykh ekranov / Bogatyrev V.A., Fokin S.B., Popova M.V. // Nauchno-tekhnicheskii vestnik informatsionnykh tekhnologii, mekhaniki i optiki. 2011. № 3 (73). S. 139-140.
12.
Bogatyrev V.A. Kriterii optimal'nosti mnogourovnevykh otkazoustoichivykh komp'yuternykh sistem / Bogatyrev V.A. Bogatyrev S.V. // Nauchno-tekhnicheskii vestnik ITMO. 2009. № 5 (63). C. 92-97.
13.
Zaguzov G.V. Administrativno-pravovye sredstva obespecheniya informatsionnoi bezopasnosti i zashchity informatsii v Rossiiskoi Federatsii // Administrativnoe i munitsipal'noe pravo. - 2010. - 5. - C. 44 - 47.
Link to this article

You can simply select and copy link from below text field.


Other our sites:
Official Website of NOTA BENE / Aurora Group s.r.o.
"History Illustrated" Website