In the firewall‐centered security environment, all security measures (e.g. passwords, encryption,
            authentication and auditing, among others) can be configured on the firewall. This approach is more
            cost‐effective than a decentralized network security mode.
            If all network accesses go through the firewall, this can record and make a log of these visits, and
            also provide statistical data of network usage. When suspicious actions occur, the firewall can then
            generate the appropriate alarm, and provide detailed information about the incident for threat
            analysis purposes.

                   Protecting intrusion dynamically
            Intrusion detection is another important dynamic security technology, which can collect and analyze
            information from a number of key points of computer network and system, and find out whether
            there is any suspicious behavior, sign of an attack or policy violation. There are three types of
            intrusion detection systems (IDSs):
            (a)     network‐based IDS;
            (b)     host‐based IDS;

            (c)     integrated IDS.

                   Preventing DDoS attacks
            There are different mechanisms that can enhance the ability to withstand DDoS through increasing
            the cost of attack. These include the use of high‐performance network equipment, the guarantee
            of sufficient network bandwidth, the upgrade of the host server hardware, the use of static pages
            whenever  possible,  the  enhancement  of  the  operating  system  transmission  control  protocol
            (TCP)/IP stack, and the installation of specialized anti‐DDoS firewall.
                   Network security audit

            A network security audit carries out compliance management by fine‐grained auditing the network
            operating behavior of the business environment. Through recording, analyzing, and reporting the
            network behavior of system and authorized users, the network security audit can function as a
            mechanism for planning and preventing, concurrently monitoring, as well as reporting and tracking
            the source after the incidents take place. Consequently, network security audits can strengthen the
            internal and external networks behavioural regulation.

                   Child online protection in SSC

            As the analysis conducted thus far has demonstrated, the design of a comprehensive cybersecurity
            strategy for SSC should take into account multiple sources of vulnerabilities, as well as existing and
            emerging threats. Children are among the most vulnerable users of online services. As identified by
            the ITU‐T Joint Coordination Activity on Child Online Protection (ITU‐T JCA‐COP):
                    "Child  online  protection  covers  a  number  of  issues,  and  is  being  addressed  at  national,
                    regional  and  international  levels,  across  a  myriad  of  environments,  including  social  and
                    legal. At the international level, and within the ITU, the Council Working Group on Child
                    Online Protection has received much information on national activities, and has developed
                    guidelines, and the Joint Coordination Activity on Child Online Protection has identified many
                    technical  activities  that  are  contributing  to  the  safety  of  children  on  line  at  a  global
                    level."(ITU‐T JCA‐COP)

            Further details about child online protection can be found in the reports produced by the ITU‐T JCA‐
            COP, at http://www.itu.int/en/ITU‐T/jca/COP/Pages/default.aspx.



            446                                                      ITU‐T's Technical Reports and Specifications