Purpose: To employ several layers of protection to ensure that unauthorized access to the network does not occur.
Procedure: 1. Webroot and MalwareBytes Anti-Virus Application is in use, and automatically updated and forced automatic rollouts to all district computers occurs on a regular basis to protect from computer virus contamination. District users cannot modify the antivirus program.
2. The district utilizes spam filters and anti-spyware software to minimize the potential for unsolicited and unauthorized access to the network.
3. The district utilizes an external firewall (a router that controls access) to prevent access from unauthorized sources.
a. Any applications or web pages (such as the video server, web server, email, Blackboard) that will be viewable by the general public or by certain users, are held in the “DMZ” (Demilitarized Zone), or that portion of the network outside of the district Wide Area Network/Intranet, where there is limited trust.
b. Network resources that are relegated to the “DMZ” are completely separated from any internal networks, thereby blocking firewall avoidance.
c. The available and open ports are reviewed periodically.
4. Automatic updates are done for operating systems and common applications such as the Webroot program.
5. The district secures the wireless network by using a combination of Wireless Equivalent Privacy (WEP) and MAC filtering done at the Radius server to avoid access by unauthorized sources.
6. District monitors wireless transmission to verify authentication of users.
7. Network administrators periodically check system access logs for unauthorized activity.