Security Basics mailing list archives
Product Development and security in the enterprise
From: "Smith, KC" <ksmith () systemsalliance com>
Date: Fri, 7 Nov 2003 12:22:59 -0500
All, Any advice from the collective wisdom of the list would be greatly appreciated. I manage a software development group that includes development staff, QA and the help desk. In the current network configuration all desktops and servers are in the same subnet. Our sys admin has recently installed and configured MS Auto Update Server and wants to force all machines to update automatically. While I support this type of solution for distribution of critical patches to the enterprise, I have a problem with my QA and dev machines being changed out from underneath us. I'm less concerned with the development machines, but the QA machines have established baselines when it comes to installed software, including patches. I've suggested creating a network architecture that would allow my QA boxes to remain pristine while allowing all other machines in the enterprise to be updated. How do other organizations handle this? Can a screened subnet of some sort be used to isolate the QA machines? Any other thoughts? Thanks in advance KC Smith --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- Product Development and security in the enterprise Smith, KC (Nov 07)
- RE: Product Development and security in the enterprise Richard Rees (Nov 07)