The Internet provides global access

The Internet provides global access to an agency’s web site. The web site is usually on a separate
computer or a ‘web server’. The web server can be directly managed by the agency or by a third party
such as an Internet Service Provider (ISP). The agency usually needs to be connected to the web server to process transactions generated by users and to update web site information. Agencies often use the same infrastructure to process emails going into and out of the agency. Because of this there is a continual two-way flow of information traffic into and out of an agency’s network to the Internet.

The first line of defence against a cyber attack through the Internet is the ability to detect and prevent
Suspicious or malicious traffic. Generally this would be done through a combination of a Firewall and an Intrusion Detection/Prevention System (IDPS).

The firewall will permit or deny network traffic based on a set of rules configured by the agency. A
Firewall is a bit like a traffic policeman who has been instructed to only allow certain types of cars to pass backwards or forwards across a bridge.

An IDPS is more like a border control guard, who is on the look out for suspicious goods and will search the car before it is allowed to go across the bridge. An IDPS monitors network and system activity to identify traffic that is known or suspected to be malicious. The IDPS can be configured to automatically prevent certain types of traffic or to signal to a system administrator that suspicious activity is occurring.

Agencies have a responsibility to ensure the security of their computer networks. Information security
Standards and good practice guidance can assist agencies in this task.