* Fix for memory leaks in trusted ca load functionality.
* Integrated latest webfiltering engine.
Needless to say – “Internet access to Steven, Helen and their colleagues was very important to perform their duties”. The management decided to ensure they had this access available to them but wanted to be sure that the Internet Access was used to ensure efficiency and nothing else. So an CIAP was framed to ensure just that.
Steven and Helen work at Great Stocks Inc., a company dealing in stocks, bonds and shares.
Helen is a research officer.
It is very important for Helen and her colleagues to get the latest of the world news, market trends, weather reports, visit the web-sites of various companies to understand more of their business.
Steven is one of the network administrators.
Steven needs to ensure that every computer used by Helen, her colleagues, and the management, is delivering optimum results. He also needs to ensure that all the company’s application servers used for emails, databases and other important files are optimally secured. For this he has to download various software from the web-sites of respective vendors like Microsoft®, IBM, F-Prot, etc. His application servers also have to regularly update themselves by automatically downloading software from the vendor web-sites. He is also required to visit dozens of technical web-sites to get updated with techniques for improvisation and efficient use of the various software and hardware used at the company. At times he is also required to upload some data to these web-sites so that the relevant technicians could analyse problems and suggest solutions.
Each of the application servers should access only the web-sites of the vendors whose software was setup on them, respectively. They should access them any hour of the day and should download any amount of data from these web-sites, but should not upload data more than 20kb in a single request to anywhere. They should however not download at a speed of more than 128Kbps, but could send responses or requests at 512Kbps to quickly start the download.
Helen and her colleagues should visit any web-site of their choice, but only from their own desktops or from the few computers installed in the cafeteria. They should however not receive any content like music files, download software or any form of compressed archives like zipped files. Since the company had a rather relaxed work-culture, checking personal emails was allowed, but only to any two specific free email services per person. So Helen specified that she wanted to use her yahoo, and her new Gmail account, whereas another colleague, Martin requested to access Hotmail and yahoo, as he still did not have a Gmail account. It was also decided that, such personal emails should be checked only from the computers in the cafeteria. But during the specified lunch hours the employees could check the personal emails from their own desktops. Helen was a little senior officer, who had to stay back for longer hours in office and so just to make her a little more comfortable she should be allowed to attach small images not more than 50kb each, of her kids in her personal emails, but only when she logged in from any of the computers in the cafeteria.
Steven should be allowed to visit only the computer and technology related web-sites, besides a few other search engine web-sites like Google, Lycos and yahoo. Steven should be allowed to download any form of files including streaming data from these sites but not download music files. Steven should be allowed to upload files to specified web-sites of the company’s software and hardware vendors.
All employees should be able to visit any web-site from the cafeteria besides pornographic and adult web-sites, they may even download music files, but they should not be able to download software and other compressed archives. Each employee when accessing Internet from the cafeteria should be able to use a maximum bandwidth of 100 Mb in a week, but not exceed 25 Mb in any single day.
All the content downloaded or uploaded by any employee should be scanned for viruses. All employees except those from the HRD should not be able to access any employment web-sites that published job opportunities.
Armed with such clear managerial guidelines, the technicians created the map for CIAP. The departmental perspective of the map clearly profiled exact purpose of Internet access for each department, with clear exceptions to the rule for each user, as required.
Similarly, the network perspective of the map clearly profiled exact purpose of Internet Access for each network & sub-net, with clear exceptions to the rule for each computer.
The management of Great Stocks Inc. could now be quite sure that the Internet access provided to the employees was put to good use. Weekly / monthly log reports were generated and reviewed long-with the review and audit of other corporate resources.