nanog mailing list archives
RE: Sources of network security templates or designs
From: "Tomas L. Byrnes" <tomb () byrneit net>
Date: Sat, 26 Jun 2010 08:57:05 -0700
While the DISA STIGs are probably the archetype, you have to start with whatever the sponsoring or certifying authority uses, if you need to pass some audit later. Those almost always reference NIST docs: http://www.nist.gov/itl/publications.cfm?defaultSearch=false&authorlist= &keywords=&topics=309&seriesName=&journalName=&datepicker1=&datepicker2= # For generic sources, I agree with Cymru as a good resource, but my favorite is SANS. http://www.sans.org/reading_room/
-----Original Message----- From: Sean Donelan [mailto:sean () donelan com] Sent: Wednesday, June 23, 2010 5:45 PM To: nanog () nanog org Subject: Sources of network security templates or designs While every network designer/architect with an emphasis on security
has
his or her favorite design templates, I'm wondering what public
sources
do people start with?
Cisco SAFE and other published designs
IBM Redbooks
DOD Security Technical Implementation Guides (STIGs)
NIST Special Publications
O'Reilly series (specific books?)
Of course, every designer customizes things based on the project and
preferences. So I'm not asking for what's best, or even what's wrong
with particular sources. Just where do you start?
Current thread:
- Sources of network security templates or designs Sean Donelan (Jun 23)
- RE: Sources of network security templates or designs Chris Gravell (Jun 24)
- RE: Sources of network security templates or designs Sean Donelan (Jun 24)
- Re: Sources of network security templates or designs jul (Jun 26)
- RE: Sources of network security templates or designs Tomas L. Byrnes (Jun 26)
- RE: Sources of network security templates or designs Sean Donelan (Jun 29)
- RE: Sources of network security templates or designs Chris Gravell (Jun 24)