As the network security manager, I would implement the scenario as follows:
Install and direct run into the computer a host focused firewall software, which is known as client firewall. The purpose of the firewall is to protect the computer or the host that the computer is running. Data network flows in two bearing. Inbound and outbound data entries directions. Inbound data get into the computer while the outbound data get out of the computer. The purpose of the firewall is limiting or restricting the inflow connections in the attempt of preventing any unauthorized access and distant destruction of the computer. Mac OS X and Windows built-in firewalls are purposed for this task. Advanced host focused firewall as the one found in the Symantec Endpoint Protection (SEP), is provided free to staff, students and faculty at UCSF restricts inflow connections and the outbound connections in the effort to attack methods and monitoring every program's admission in the network. Advanced host firewall is connected with various security measures and assists to avert an unauthorized admission and stealing of personal, Protected Health and confidential information (McLean & Thomas, 2012). Nowadays developers have devised various applications working properly with host-based firewalls and routers. However, some of them might demand configuration of the firewall to permit the application to communicate. Fortunately, firewalls are quite common and various applications that demand them should contain data concerning how to set firewall. The host-based firewalls are easier to set than network-based firewalls. Generally, it features a wizard to guide the end user throughout the setting procedure. Various host-based firewalls prompt automatically on the initial time that the application tries to connect to the Internet despite the connection being inbound or outbound.
Configure, maintain and monitor rules for multiple profiles, notifications and authenticated exceptions: monitoring will provide a detailed summary of the domain profile of the firewall, public profile and private profile with respect to firewall state, logging settings and general settings.
Network profiles can be used in applying various regulations of firewalls though it depends on the active profile. The windows control panel goes to the firewall, which shows the windows virtual computer rule, and is active in the Domain and Home/Work (private) profiles but not in the Public profile. The firewall in Windows selects the profile of the restrictive network once the computer has connections to a different type of network and puts in place the appropriate access regulation to the interfaces. In the Windows Firewall, there are Allowed Programs which will allow the program features by profile; the end user has the mandate to discriminatory allow the Windows Firewall for every network profile. As well, you can choose to specify whether notifications should appear on the logged - on users once the Windows Firewall blocks a virus or a malware. Still, you can choose to block all incoming connections, inclusive of the one with firewall rules. Users are only able to make rules dealing with the traffics which have been alerted once they have privileges on local administrator (McLean & Thomas, 2012).
Create and manage inbound and outbound rules: The process of setting inbound and outbound rules is quite important. In the WFAS relieve choose the knob representing rule that you want to make and then click on New Rule module. This opens New Inbound or Outbound Rules Wizard. The initial page provides a chance to identify the rule to be created. You can make a selection between port, program and custom or predefined rule. The predefined rule and the program are the same to create by the use of Windows Firewall. The custom rule provides the user with a chance to configure rules focused on the standard that is not roofed by other options. You can make use of a custom rule if you are intending to make a rule that integrates both the specific program and set of ports (McLean & Thomas, 2012).
Data encryption and connection security rules: These rules disable the data integrity rules criterion. Just ensure that the encryption list and data integrity contain combinations of your client computers. This is what will be used to connect members of the encrypted zone. The client systems will receive rules regarding their zone through the GPO. You have to ensure that the rules have in them at minimum one of the encryption algorithms and data integrity that are set in the rule.
Train all Users: All organizations should have a computer training policy, but it is my belief that few of them do. Due to the training implications, it is crucial to have effective training. Current researches have proven that effective but more costly training saves money which is wasted on the inefficient but cheap trainings. Regrettably, one for all or the thumb rule procedure of effective training. Schemes of training must be analyzed and researched before companies duly rely on them on training the competent workforce.
It is quite crucial to conduct analysis that will determine the method that works best. There are various factors to consider while making training process decisions. Factors like objectives of training, trainee demographics and cost are more important factors to be put into consideration.
Statistics have justified that the most effective training is the person-to-person training. This training is the most preferred by the end users. This is due to its ability to combine attention, self-training focus that is found in technology assisted training, flexibility; as well as the organization, formal training guidance and structure. This type of training integrates a high starting cost but the cost is offset by the quality of training the employees receive. Other means of training incorporate lower cost, and in return they provide ineffective training which creates unproductive employees.