Security Basics mailing list archives
Re: Writing a comprehensive Network Policy
From: Alcides <alcides.hercules () gmail com>
Date: Thu, 24 Aug 2006 12:18:25 +0530
Hi CH, Sorry, but your question itself seems a bit obscure to me. As you say: > > 2.) Keep the standard 3-5 page policy length > I couldn't figure out what exactly do you want to express. In my opinion, In some cases your network policy outline templates itselt may run as long as 3-5 (or even longer...depends on your needs for restrictions) pages(here,assuming standard of font size 10/Arial), which later on you have to materialize into policy statements defining the controls to be implemented. Again as you stated earlier: > 1.) Should be a policy and not a procedure You must spend some time on making decisions regarding how restrictive the controls should be, particularly in all the " routers,switches, hubs, firewalls, and Workstations etc". This whole process of WRITING the policy for network security may be looked at as a 3 stepped: 1.Making decisions regarding what you want to allow and what to block 2.Discussing with the team mates involved, so that you can include whtever is missed out. 3.Writing the policy This whole process can be most feasibly taken from TOP to BOTTOM in your networks security architecure layers. ie from POP/Outermost entity towards workstations in private zone. The whole thing may take time of a few weeks depending size and complexity of network. For just a rough idea about time you need for this I'd like to share my previous experience. Once it took 4+ weeks for our team of 3, to do similar exercise+implementation for a network of 3 legged PIX firewall, 2 routers, 2 LBs, 6 switches , 15 servers, 2DCs, 50+workstations running Windows 2000. May be this helps a little bit just to start off in right direction. cheers, On 8/23/06, Chris Hammer <CHammer () fcbnm com> wrote:
Hello, I am currently writing a network policy for our business. I am having trouble figuring out exactly what I should put into it while meeting these requirements: 1.) Should be a policy and not a procedure 2.) Keep the standard 3-5 page policy length 3.) Policy should cover network architecture including: routers, switches, hubs, firewalls, etc.... Any examples or a general idea of where to start would be appreciated! Cheers, CH --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Writing a comprehensive Network Policy Chris Hammer (Aug 23)
- RE: Writing a comprehensive Network Policy Cort Boecking (Aug 24)
- RE: Writing a comprehensive Network Policy Greg Merideth (Aug 24)
- Re: Writing a comprehensive Network Policy Kurt Buff (Aug 24)
- RE: Writing a comprehensive Network Policy Dixon, Wayne (Aug 24)
- RE: Writing a comprehensive Network Policy Robert D. Holtz - Lists (Aug 24)
- Re: Writing a comprehensive Network Policy Prabhushankar Kumara Barathi (Aug 24)
- Re: Writing a comprehensive Network Policy List Spam (Aug 24)
- Re: Writing a comprehensive Network Policy Alcides (Aug 24)
- RE: Writing a comprehensive Network Policy rolando_ruiz (Aug 25)
- <Possible follow-ups>
- Re: Writing a comprehensive Network Policy revnic (Aug 24)
- RE: Writing a comprehensive Network Policy Cort Boecking (Aug 24)