The Korean Register of Shipping launched its guidelines for achieving a network security; The guidelines consists of the explanation of network security, the ways to secure a network and also guidance on cyber security system requirement.
- Definition of network security
Network security is a process that uses physical or software protection tools to protect an underlying network infrastructure from unauthorized access, misuse, malfunction, modification, destruction, and inappropriate exposure. The goal of network security is to prevent unauthorized persons or programs from accessing the network and devices connected to the network.
- How to secure the network
- Protection : Set up your system and network as best as possible.
- Detection : Quickly identify when configuration changes or some network traffic problems.
- Response : Take corrective action and restore to a safe state as soon as possible.
For implementing access control it is required to implement vaccine, behavioral analysis email security, firewall configuration, intrusion detection and prevention, separation of mobile device and wireless security network, SIEM, VPN and web security.
- KR Guidance for Maritime Cyber Security System requirement (CS1)
- Communication channel protection(218.1) : Vulnerabilities of network equipment should be periodically checked so that it does not affect other networks due to communication channel flaws.
- Network Intrusion Prevention and Monitoring(218,2) : To protect the internal network, an intrusion prevention system should be installed and operated to block external unauthorized access, and should be managed continuously.
- Network wired / wireless network separation(218.3) : The e wireless network environment should be configured separately from the wireless network that can be accessed by outside parties.
- Wireless access restrictions(218.4) : The operating system should be restricted from being accessed through the wireless network.
- Network configuration management(218.7) : When connecting to a system via an external network, a secure connection method using an enhanced authentication technique should be applied
- Network Equipment Management(218.8) : It should have a graphical network flow that can identify the network path.
Concluding, the image below presents an example of Network equipment vulnerability analysis, evaluation item
