In the second episode we discussed the
steps of deployment for web and mobile clients. The deployment of a web and
mobile clients implies the use of networks internal to an organization or
external for example from the internet. It will be necessary to ask the right
security to meet the necessary prerequisites to protect the system from
malicious attacks. These questions will result in the following steps: – sizing of
the system and networks – securing networks using a secure data exchange protocol – creation of digital security certificates – implementation of an
adaptive domain management. Sizing of the system networks consists of defining a
number of elements that will guide the technical decision to be made. The
following questions will need to be answered: – number of users (beyond a
certain number of users the use of server type station will be imperative).
– number of installations (networks,sites) – nature of access (internal or external
access, on one or more networks). An external access from the internet for
the web clients needs a VPN for example The deployment of a web or mobile
clients needs to follow good cybersecurity practices in terms of
network deployment to ensure that access is strictly defined and data flows are
controlled according to nature of data networks. For this it will be necessary
to set up routers to segment the networks to install firewalls to control
data flows especially from the outside to the inside of the networks and to put
the web server in a buffer zone called DMZ.
As shown in this diagram a DMZ or demilitarized zone is an isolated
network of both industrial networks and external networks. In this example networks are
segmented by a router. The web client located on an office network only
accesses industrial and field networks via LAN web server located in the DMZ.
Firewalls handle allowed flows and filters data. Thank you for watching this video
today! Find a full episode on our blog!