|
POLÍTICA DE RED
IT-DOC-11 Versión: 2 Fecha de creación: 15/03/2021 Fecha de actualización: 11/05/2026 |
![]() |
Table of Contents
1. Scope
2. Defintions
3. Network Policy
3.1 Wireless Network Security
3.2 Firewall PolicY
3.3 Remote access & vpn 4
3.4 Intrusion Detection & Prevention Policy
4. Roles and Responsibilities
5. Non-Compliance
1. Scope
The scope of this policy applies to MSC Technology production network equipment, appliances and devices. The production network is defined as any infrastructure where systems can connect to each other or to the Internet.
2. Defintions
VPN: A virtual private network, or VPN, is an encrypted connection over the Internet from a device to a network.
Firewall: A firewall is a network security device that monitors incoming and outgoing network traffic and permits, or blocks data packets based on a set of security rules.
Wireless Network: A wireless network is a computer network that uses wireless data connections between network nodes.
3. Network Policy
This policy provides minimum security requirements for protecting the MSC Technology network infrastructure.
Security mechanisms, service levels and management requirements of network services shall be identified and included in network services agreements, whether these services are provided in-house or outsourced.
- Internal IP addresses will be masked so they are not externally identifiable.
- Internet connections must be properly secured to ensure networks are protected.
- Internet activity will be logged and monitored
- Remote Access must be authorized and use two-factor authentication
- Network devices shall disable services that are not required
3.1. Wireless Network Security
- Only registered and approved Wireless Access Points/Base Stations may be connected to the network.
- Wireless access points must use approved security configurations.
- Access points will be configured and placed in a way that will limit the amount of radio signal that escape to reduce the risk of unauthorized network access.
3.2. Firewall PolicY
Firewalls shall be deployed at all points of ingress or egress on the network.
- Firewall access rules will be added or changed as business needs arise; older rules that are no longer required must be removed.
- Firewalls will be configured to block unwanted traffic and hide internal network addresses from the Internet.
- Servers operating in Cloud Service Providers networks must have local instances firewalls configured and managed.
3.3. Remote access & VPN
Remote access is granted to users that require access to MSC network resources.
- Remote access to applications, servers and equipment must be granted and managed according this Policy.
- Remote access is authorized and granted by IT Managers or Business Mangers, based on need.
- Requests are documented and retained for reference while the access is in effect.
- Requests are retained for one year after access is revoked.
- VPN or VPN Client is NOT allowed on AJOW machines. Contact GVA to discuss and design alternatives.
3.4. Intrusion Detection & Prevention Policy
- Intrusion prevention and detection tools will be installed where appropriate.
- Alerts from appliances must be sent to administrators for appropriate action.
4. Roles and Responsibilities
Matrix of Tasks and Responsible Groups.
|
Tasks |
IT Operations |
Vendor |
IT GVA |
|
Manage Routers |
X |
||
|
Manage Firewalls |
X |
||
|
Configure and Support Equipment |
X |
X |
|
|
Monitor Alerts for Issues |
X |
X |
|
|
Review Firewall Rule Sets |
X | X | |
|
Manage VPN and remote access |
X |
X |
5. Non-Compliance
Employees must adhere to the stated requirements. Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
