POLÍTICA DE RED

 

IT-DOC-11

Versión: 2

Fecha de creación: 15/03/2021

Fecha de actualización: 11/05/2026

 

                      

Table of Contents

 

1.  Scope 

2.  Defintions

3.  Network Policy 

3.1 Wireless Network Security 

3.2 Firewall PolicY  

3.3 Remote access & vpn  4

3.4 Intrusion Detection & Prevention Policy 

4.  Roles and Responsibilities 

5.  Non-Compliance 

 

 

 

 

1. Scope

The scope of this policy applies to MSC Technology production network equipment, appliances and devices. The production network is defined as any infrastructure where systems can connect to each other or to the Internet.

 

2. Defintions

VPN: A virtual private network, or VPN, is an encrypted connection over the Internet from a device to a network.

Firewall: A firewall is a network security device that monitors incoming and outgoing network traffic and permits, or blocks data packets based on a set of security rules.

Wireless Network: A wireless network is a computer network that uses wireless data connections between network nodes.

 

3. Network Policy

This policy provides minimum security requirements for protecting the MSC Technology network infrastructure.

Security mechanisms, service levels and management requirements of network services shall be identified and included in network services agreements, whether these services are provided in-house or outsourced.

  • Internal IP addresses will be masked so they are not externally identifiable.
  • Internet connections must be properly secured to ensure networks are protected.
  • Internet activity will be logged and monitored
  • Remote Access must be authorized and use two-factor authentication
  • Network devices shall disable services that are not required

 

3.1.  Wireless Network Security

  • Only registered and approved Wireless Access Points/Base Stations may be connected to the network.
  • Wireless access points must use approved security configurations.
  • Access points will be configured and placed in a way that will limit the amount of radio signal that escape to reduce the risk of unauthorized network access.

3.2.  Firewall PolicY

Firewalls shall be deployed at all points of ingress or egress on the network.

  • Firewall access rules will be added or changed as business needs arise; older rules that are no longer required must be removed.
  • Firewalls will be configured to block unwanted traffic and hide internal network addresses from the Internet.
  • Servers operating in Cloud Service Providers networks must have local instances firewalls configured and managed.

3.3.  Remote access & VPN

Remote access is granted to users that require access to MSC network resources.

  • Remote access to applications, servers and equipment must be granted and managed according this Policy.
  • Remote access is authorized and granted by IT Managers or Business Mangers, based on need.
  • Requests are documented and retained for reference while the access is in effect.
  • Requests are retained for one year after access is revoked.
  • VPN or VPN Client is NOT allowed on AJOW machines. Contact GVA to discuss and design alternatives. 

3.4.  Intrusion Detection & Prevention Policy

  • Intrusion prevention and detection tools will be installed where appropriate.
  • Alerts from appliances must be sent to administrators for appropriate action.

 

4. Roles and Responsibilities

Matrix of Tasks and Responsible Groups.

Tasks

IT Operations

Vendor

 IT GVA

Manage Routers

X

   

Manage Firewalls

X

   

Configure and Support Equipment

X

X

 

Monitor Alerts for Issues

X

X

 

Review Firewall Rule Sets

 X   X

Manage VPN and remote access

X

X

 

 

 

5. Non-Compliance

Employees must adhere to the stated requirements. Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.