• Identifying the threatened parts
• Considering the threats
• Deciding about threats
• Implementing a low cost protection method
• Reviewing the procedure to intensify security

After all network security policy must be defined to minimize the probability of threats and cost of possible damages. This would be a general policy and not about details, as details can be changed over time but the rules of security strategy are stable.
Security policies are divided into two categories:

1. Permissive: Everything is authorized unless it is marked “Forbidden”
2. Restrictive: Everything is forbidden unless it is marked “Authorized”

Security policy definition shapes a plan for a secure network which has the following elements:

1. security attributes for each system such as administrational password and SSH implement
2. firewalls
3. VPNs for remote accessing
4. Penetration vulnerability discovering
5. authorization and accounting authentication (AAA) servers and other AAA network services
6. access control and access restrict mechanism for all devices

Network group form Andisheh Negar e Pars offers the highest degree solutions for network security relying on its members` knowledge and experiment from Cisco and Junper.