"INTERNET/INTRANET SOLUTION FOR EASTERN BAY COLLEGEwe can say that SNI is providing proactive security strategies, while the old version ofthe TLS was reactive and the security certificate was not generated or requested formthe host server. Hence, we can say that the SNI is providing a wide range of different security futuresand the whole configuration of the SNI is very easy for making the session more secureand powerful. Similarly, the SNI is enabling the virtual host to operate on different IPaddress for each URL or website and this facility is allowing the server and user tomaintain the security of the sessions and also the identification of the session will alsoincrease.7. Access restrictions Security, privacy, copyright issues The structure of the information security policy is very important, because by using thisstructure we can easily analyze the implement the policy in the college according to therequirements. Following structure will be used for policy making and implementation inthe college.• General Policy statement• Organizational Structure and duties of employees• Different arrangements and procedures to follow• Tasks and Objectives of the policy statementThese information security functions are very important for information security policyimplementation and analysis. In the following I am going to priorities these functionsaccording to the college business and requirements. Planning is the first step for making any decision and policy. In other words we can sayif we want to launch new product then we need to plane all the requirements,advantages, disadvantages and many other things. This why Planning has number onepriority in the information security functions.As our college is working for different software and IT solutions and Risk is the keyfactor in the information technology, that’s why we need to fully analyze and assess allPage 13 of 16 INTERNET/INTRANET SOLUTION FOR EASTERN BAY COLLEGEthe risk which can hurt our solution or working. That’s why Risk Assessment has prioritynumber 2 in the information security functions. Policy is very essential before the development of any solution and also Policy isproviding the key features of the product how we will go through the whole process ofproduct development and production. Keeping in mind all these things Policy is relatedto priority number three.Because before the development of the solution or software we also need to register thelicense and also we need to take care of the other legal issues related to rules and laws.After the policy we need to move towards the legal assessment.After identifying all the risks, now we need to make some policies or we need to followsome steps to stop or avoid these risks, so after policy making and legal assessmentwe need to manage all the risks in the Institute. That’s why risk management is placedat the number five in the priority list of the information security functions.System Testing is placed at number 6 because at this stage we need to test all thesystems and according to the requirements now we need to develop the solutiondescribed in the planning and policy. After the risk management we need to movetowards the development of the system but before development we also need to testthe system also.At this stage we need to measure all the possible solutions according to therequirements of the client. Measurement is placed at number 7 because we need tomeasure all the problems and then we will focus towards the training of the staff andclients.After defining all the problems in the system now we need to conduct the training for thestaff and clients for easy system handling and usage. That’s why training is placed rightafter the measurement of the information security functions.Vulnerability assessment is placed at the number 9 because in information security thisstep is performed by the project development team and they will assess this afterPage 14 of 16 INTERNET/INTRANET SOLUTION FOR EASTERN BAY COLLEGEconducting all the testing’s and trainings and then they will get feedback from the usersregarding the vulnerabilities.Network security administration is placed at number 10 because we network securityadministration is always reactive and we can implement it after analyzing thevulnerabilities.Disaster recovery is a plan or policy which is being used to recover the system and datafrom any natural or human incident. This type of contingency plan is very helpful torecover all the data due to any incident. The IT professionals are responsible to prepareand manage the disaster recovery plan for the system of the college. In this type of planthe IT professionals setup some rules and regulations to take the backup of the data. Inother words we can say that the disaster recovery team is responsible for recovering allthe data and information of the system. The main purpose of this plan is to enable thesystem in such a way that the business of the organization will not disturbed and thesystem will keep working during the incident. Data backup and recovery is veryimportant for smooth and regular working of the system.8. ConclusionAt the end of this report, I will conclude all the findings of this project and research andalso I will recommend some new features to make the security of the internet moreadvance and accurate. The SNI is very helpful for the virtual domain server and todaythis technique is allowing the servers to generate the security certificate for many websites, but as we know that the technology is growing day by day and websites are alsoincreasing day by day. Due to this scenario the domain servers are going to be overloaded in near feature anddefinitely the Server Name Indication will not support this whole condition. That’s why,we need to go for some advance or we can enhance this existing the SNI technique tohandle more traffic and websites on a single IP address for easy and accurate securitycertificate generation. Page 15 of 16 INTERNET/INTRANET SOLUTION FOR EASTERN BAY COLLEGEHere I am going to recommend SNI for making the communication and browsing themore easy and secure. I am recommending SNI, because it providing multiple securitycertificates on a single IP address and also it very cheap as compare to the other TLSand SSL security parameters and fields. As we discussed earlier that the SAN is alsovery advance technique and it is being used in different web browsers, but still SNI isproviding more security features and choices as compare to the SAN.9. ReferencesFederal Trade Commission (2006). Financial Institutions and Customer Information:Complying with the Safeguards Rule.Retrieved 27 Sep 2015 Federal Trade Commission:http://www.ftc.gov/tips-advice/business-center/guidance/financial-institutions-customer- information-complyingJoyner, J.(2013). How to Use IP Address Management in Windows Server 2012.Retrieved25 Sep 2015 http://www.techrepublic.com/blog/data-center/how-to-use-ip-address- management-in-windows-server-2012/Savill, J. (2013).Windows Server 2012 File Classification Infrastructure.Retrieved 25 Sep2015 http://windowsitpro.com/windows-server-2012/windows-server-2012-fciSorcha Canavan (2010), Information Security Policy-A Development Guide for Large andSmall Companies, 26 Sep 2015,http://www.sans.org/reading_room/whitepapers/policyissues/information-security-policy- development-guide-large-small-companies_1331Dancho Danchev (2012), Building and Implementing a Successful Information SecurityPolicy, 26 Sep 2015, http://www.windowsecurity.com/pages/security-policy.pdfR. O. Sinnott, D. W. Chadwick ,T. Doherty ,D. Martin ,A. Stell ,G. Stewart ,L. Su ,J. Watt(2008) Advanced Security for Virtual Organizations: The Pros and Cons of Centralized vsDecentralized Security Models, ISBN: 978-0-7695-3156-4, 26 Sep 2015,http://doi.ieeecomputersociety.org/10.1109/CCGRID.2008.67Page 16 of 16 "