by Ana María Restrepo
Since time immemorial, human beings have protected their lives, homes, companies and entire nations through fortifications represented in individuals or buildings that increase the defense capacity of the place.
The military buildings built for the defense against war are presented throughout the world and the different civilizations such as China, which erected its great wall, built in the fifth century BC to protect the northern border of the empire from the attacks of the nomads.
Today Western nations protect themselves with their armed forces, companies with electronic and physical security, natural persons with locks and human surveillance, but apart from this protection of facilities, human beings are protecting themselves from the attacks of a virtual reality that often does more damage than the real one.
The ways to protect yourself from a virtual attack are many and range from devices and cryptography methods to special programs such as antivirus.
This time we will talk about the protection of a server and its importance.
Why protect a server?
A server is a type of software that performs certain tasks on behalf of users, it is also a physical computer on which such software works and provides data to other machines that can use that data.
Omar Calvo, from the company Softeam of Colombia, explains that when talking about server protection, he refers to a set of technologies developed and oriented to this platform, tending to offer a high level of protection with a low impact on its functions and therefore a tolerable level of risk against different threats (malware, denial of service, others) that could affect the productive times of the organization that depend on this resource and the business as such.
These security measures also protect the integrity of the information that resides on the server, both databases and applications, coupled with high availability and a DRP (Disaster Recovery Planing) scheme, additionally only authorized persons have access to the server, according to what Salomón García and Elías Santiago expose, SYC engineers from Mexico.
Of all kinds
Servers have become a fundamental part of today's enterprise security, as they provide specific services to organizations, whether public, private or natural.
In today's market you can find many kinds of servers, ranging from applications, chat, web, groups, to audio, video and news.
•Application servers: they are designated as a software in charge of connecting two applications, these occupy a large part of the territory between the database servers and the user, and often connect them.
•Server platforms are the underlying hardware or software for a system.
•Audio and video servers add multimedia capabilities to websites, allowing this content to be displayed in the form of a continuous stream from the server.
•Chat allows the exchange of information from a cluster of Internet users in real time.
•A fax server enables organizations to reduce phone usage and fax documents through this hardware.
•FTP (protocol for exchanging files on the Internet) is responsible for the movement of one or more files between different computers with security or ordering of these files, in addition to the control of transmission.
•A groupware server is nothing more than software created to collaborate with users, in any location, via the Internet or Intranet and work together in a virtual atmosphere.
•A list server offers the ability to handle email lists, including announcements, newsletters, interactive discussions or advertising.
•IRC servers are another option for Internet users looking for a real-time discussion. Internet Relay Chat is based on several separate server networks that allow users to connect via an IRC network.
•There are other servers that store and move email across corporate networks and the Internet.
•News feeds the role of a distributor that delivers millions of public newsgroups accessible through the USENET news network.
•Proxy servers are the intermediaries between the client program, usually a browser and the web server that has the information you want to access.
•Telnets are those that allow a user to log into a host computer and carry out some activities as if they were working on that computer.
•And webs are based on serving static content to a browser that loads a file and serves it over the network to a user's browser. The browser and server communicate using HTTP.
García affirms that today, the value in the operation of a server is very high in itself and more when the information that resides there, for the most part, is that which directly impacts the operation of the companies; give yourself a payroll, medical system, credits, afores, banking, mortgages, etc.; so it is extremely costly in monetary terms and impact in operational terms when this information is not available for consultation.
Likewise, Calvo explains that the security of a server guarantees the availability, confidentiality and integrity of the information, programs, services and resources offered by this asset, aimed at business continuity and obtaining a minimum tolerable risk in the face of the adverse action of a malware or other attack.
How to protect them?
All types of servers must be protected from the different threats that may arise, each of the servers needs a technique according to its hardware technology, platform and functionalities as Elías explains.
It should be noted that this protection is vital and is performed at each functional level, going through the user layer, application, database and operating system.
Omar Calvo, Elías Santiago and Salomón García explain how the different servers are protected.
If it is an operating system (Windows, Linux, Unix, others) the following server types are protected: files, applications, printing, domain user control, network resources and rules oriented by senior management, database and web. As for the mail, external and internal access and Internet access and perimeter security are ensured.
Users are also protected by anti-virus, anti-spam, anti-spyware, content filtering software and hardware, and security policies with an identity manager.
In the case of an application, a firewall with strong security policies and access levels is used. For a database server, security is provided through access roles, permissions, etc. and an identity administrator can be applied. For a web server a firewall is used, robust web services and alternatively an antivirus, antispam, antispyware, etc. can be applied.
If it is an operating system, kerberos security algorithms (computer network authentication protocol), secure connections with encryption keys, internal firewall , user roles and permissions, antivirus, among other tools, are very effective and for the communications infrastructure, packet control monitoring software and hardware can be applied, content filtering, firewall, etc. "In itself, the security application is a synchronized and integral challenge of the entire computer structure of any company," says Salomón.
Elements of "life"
As an army protects the lives of thousands of people in a nation, different security techniques ensure and guarantee the functionality and life of the servers.
Elías explains that to carry out the security of a server, a plan must be developed to protect servers in safe places, create a list of authorized personnel for administration and maintenance, as well as one of users and resources to which they have access with their privileges; perform a server hardware and operating system upgrade project.
Technologies must also be implemented to detect hardware and software vulnerabilities in the server for their correction, as well as implement a set of techniques for the protection of the networks of the server environment and security measures and correction of vulnerabilities in the shared resources on the server.
For his part, Solomon explains that the vulnerable points of the infrastructure, both internal and external, must be analyzed. "Every company must base the basic principles of its security on policies for the use of computer resources and the handling of sensitive and confidential information; that is why the use of software mostly such as antivirus, antispyware, etc., for the control of threats that arrive internally and / or externally. "
These forms of protection are essential so that threats do not attack servers and cause irreparable damage.
And it is that these threats can occur within the organization, due to lack of contingency, updates, security patches, inadequate configuration of hardware and operating systems, aggressions by viruses, malwares, spywares and all kinds of malicious software or code, lack of secure passwords and access control policies and exploitation of vulnerabilities by intruders.
There may also be some physical hazards such as control of access to the server location, weather conditions, regulated power supply, backup system, and performance tests, up-to-date knowledge of suppliers for component replacement and response times, physical maintenance plan and complete shutdown scheduling.
Experts say that the different methods of protection a protection system consisting of several hardware and software technologies considerably increases the access time to server resources, this in decrease in the performance of the applications or resources that are consulted or used by the server.
