Security Basics mailing list archives
Re: Enterprise security review & design
From: krymson () gmail com
Date: 16 Aug 2006 18:13:19 -0000
Your list makes me wonder where this all came from. Each one of your bullet points is a good-sized project from the size of your userbase, and could conceivably be a single job for someone, especially if you want agility into the future if you have planned growth. Volumes could be written on any one of the items below, but I'll just quickly scattershot some ideas and products you could use to start your research and projects. One disclaimer: I may be wrong in some of the uses of certain products that I have not personally use, but since I can't actually solve any of these issues for you, I just really want to give some direction. Some leads are better than silence. - Provide a solution for assets inventory, in terms of OS & Apps GFI; Windows IT Pro recently had an issue (currently still on display at Barnes & Noble) that had an overview of CCM products. One of the aspects of a good CCM product is the ability to take inventory of systems. LANDesk is a popular example. - Provide an automated vulnerability assessment tool, which will regularly scan the clients and provide a means to correlate & prioritize vulnerabilities MBSA, Nessus, GFI...sounds like you have money to spend though, so maybe shoot for the moon and go for ISS - Provide the ability to a content security solution that will protect the business from Spyware, viruses, malicious code, spam, email abuse, P2P, IM; am especially concerned with spam, P2P & IM SurfControl may help with web-based malware or even WebSense, maybe McAfee suite will help with email spam at the gateway, although I don't know what to recommend due to not knowing whether you host your email or not, or what you currently use. Drop all users down to a non-admin role, or run a terminal environment with Citrix, or virtual machines. User training... - Ability to plan & automate the implementation of OS & applications patches, while providing a history of such updates WSUS, but it won't give you a history, necessarily. Altiris for applications and further robustness, and other CCM products perhaps. - deploy a client based Firewall & IDS/IPS applications with centralized administration console McAfee ePolicy Suite - deploy a content filtering application for web pages, which will generate reports on internet usage per user SurfControl, but keep in mind trying to generate someone's internet usage via just web page surfing is very simplistic, but you can get an inventory of the pages they visit and how often. - deploy a network forensics application, from the OS level {failed logins, access violations...} to the network infra level GFI, syslog, LogLogic appliance - deploy a network management application that will help me identify bottlenecks SolarWinds may do this? - WLAN management application to secure access to APs Cisco should have software to support you, but if you're serious about this and spending the money, may as well eliminate all those Linksys and upgrade to Cisco all around. - Bandwidth consuming applications visibility; i.e. I need to monitor which applications, and which users, are consuming my WAN connections Solarwinds may assist with this, I am not sure. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Enterprise security review & design Mohamad Mneimneh (Aug 14)
- <Possible follow-ups>
- Re: Enterprise security review & design krymson (Aug 17)
- RE: Enterprise security review & design Purushotham Reddy (Aug 21)
- Re : Enterprise security review & design Boubacar Fadiga (Aug 31)