Security Basics mailing list archives
RE: A new concept for security management?
From: "Keenan Smith" <kc_smith () clark net>
Date: Mon, 2 Jun 2003 02:09:26 -0400
Thanks for that answer and all the other good information from everyone. I'm coming to the conclusion that one of the following 3 things is true: 1. I wasn't clear about what my client wants 2. What he wants doesn't exist 3. What he wants doesn't exist because it can't or if it did, it would be too hard/expensive to manage I don't believe that 3 is true, so that leaves either 1 or 2. My client doesn't want to invest in the cost of securing his network (where have I heard THAT before?!?!) or the cost/effort of maintaining that security. Yes, just as most clients, he wants everything without having to pay for any of it. That aside, what my client wants, as best as I understand it, is VPN access to an existing, secure network. All access to the outside world would be via that network. This means that the only thing that has to run on the client machines is the VPN client, everything else would be handled by the network. That way, all the standard security stuff would be available, without the pain or cost of handling it himself. Obviously, a typical network in a typical company would not allow an unknown user to connect to their backend network, but I thought that there might be a service of some sort that supplies that type of function. Based on what I've taken from this list and other research that I've done, something like I describe doesn't exist, at least as a service that could be purchased. I suppose the question is now, why not? It seemed like a good idea when my client asked me about it. Am I missing something or did I just drink too much last night? Thanks all. KC Smith -----Original Message----- From: Chris Berry [mailto:compjma () hotmail com] Sent: Friday, May 30, 2003 5:48 PM To: security-basics () securityfocus com Subject: Re: A new concept for security management?
From: "Keenan Smith" <kc_smith () clark net> I've been contracted to build the infrastructure, as it were, for a small company. Right now, they've got a single computer hooked up to a cable modem. No security and little LAN functionality. They want to add 5 computers, for a total of 6 and network them together, all having access to the Internet. Not a big problem, if they had an IT staff or even any technical ability at all. However, these folks are newbies to technology and can't afford to hire anybody to manage it for them. Creating a LAN is no problem. A bare-bones firewall or Linksys-type router to provided NAT functionality and they're off and running. What they'd still be missing is active security. So I started looking around at the MSSPs (Managed Security Service Provider) as a possible security solution. My thought was that I could create a bare-bones LAN for the company and let an MSSP provide the security. However, after researching MSSPs for a while, they all seem to provide the same basic function: they manage/monitor your network and security devices. That implies that the company would have to buy a firewall, intrusion detection of some sort and a virus scanner before an MSSP could come into play. My question is this: is there an MSSP (or some other acronym) that provides security as a service? My thought is to provide a secure tunnel from this company's LAN to a remote LAN. The remote LAN would be secure and managed and provide that service for a monthly fee. Is there anything like that out there or am I stuck trying to sell a complete security solution of some sort to this company? Thanks in advance for any help.
Well there are three(four) things that are ABSOLUTELY necessary: 1) Anti-Virus software with auto-updating (assuming windows boxes). I recommend Norton Corporate 2) Firewall protection. I'd say the IPCOP package is probably about as easy as it's going to get, even a totally clueless person can run the updates. 3) Backups. Show them how to use Zipcentral, and Nero with a cd-rom burner 4) Auto-updating OS patches, for MS setup the auto-update feature, for linux, it depends on the distro, for example Mandrake make a cron job that runs urpmi. This will take care of 95% of their needs nearly automatically. I take care of two companies, one of which only has five employees, and they're using that exact setup. I almost never have to do anything for them, the manager their can handle it (and he's not super technical or anything). I'd also recommned that you use the IPCOP box to set up a VPN, and get them some kind of consultant for on call support, he can then use VNC over the VPN to do any remote fixing they need. This is obviously no the only (and maybe not even the best) solution, but it's very cheap, and pretty effective. Chris Berry compjma () hotmail com Systems Administrator JM Associates "All I want is a few minutes alone with the source code for the universe and a quick recompile." _________________________________________________________________ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: A new concept for security management? Chris Berry (Jun 01)
- RE: A new concept for security management? Keenan Smith (Jun 02)
- Re: A new concept for security management? Anders Reed Mohn (Jun 10)
- <Possible follow-ups>
- RE: A new concept for security management? sanjay . patel (Jun 01)
- RE: A new concept for security management? Roland (Jun 02)
- RE: A new concept for security management? Chris Berry (Jun 03)
- RE: A new concept for security management? Keenan Smith (Jun 02)