Re: Network Segregation to prevent spread of malware

["Sagar" <sagarnseas () gmail com>]

Hi Tom,

In my experience and humble opinion, technology and architecture would just amount to about 30 percent of your attempt 
to secure systems and infrastructure, what you would be aiming at (of course once your network is setup) is not only 
perimeter security coupled with best practice architecture but detection of traffic flow.. Pattern and pattern anomaly 
detection will play a vital role. 
IMHO a few critical aspects in this regard will be using SIEM technology, that is evolving by leaps and bounds.. 
DETECTION is the keyword, though setting up an efficient SIEM and continous monitoring will involve resources in terms 
of cost and human resources .
Of course nothing beats employees aware of safe internet practices so I would invest sufficiently in training them.
In a nutshell my two cents - SIEM monitoring (aggregation and correlation) and Employee awareness training.

Cheers,
Stay Info Safe :)
Sagar Narasimha
LA 27k,20k,9k
PMP,six sigma GB,ITIL
CCSA,NCSS,CCSP
Sent from my BlackBerry® on Reliance Mobile, India's No. 1 Network. Go for it!

-----Original Message-----
From: Jerry Bell <jerry () riskologist com>
Sender: listbounce () securityfocus com
Date: Wed, 23 Jan 2013 07:07:25 
To: tomright006 () gmail com<tomright006 () gmail com>
Cc: security-basics () securityfocus com<security-basics () securityfocus com>
Subject: Re: Network Segregation to prevent spread of malware

Hi Tom,

The answer is 'it depends', but probably no. If you are talking about a classic company network and dividing 
workstations into separate networks to prevent cross contamination, you have to consider the pivot points for most 
malware - email, file shares, etc, which can still allow malware to propagate between networks even if no traffic is 
allowed directly between them. Some kinds of malware, notably worms who propagate directly from one system to another 
via some kind of remotely exploitable vulnerability, would be contained by network segmentation, however those sorts of 
events are becoming increasingly rare (however when they do happen, they tend to be big events). 

Jerry

Sent from my iPhone

On Jan 22, 2013, at 5:33 PM, tomright006 () gmail com wrote:

> Hello All,
>
> I need few tips on Network Segregation to prevent spread of Malware. Can I avoid Malware spreading from one network 
> segment to another just by segregating network with access list or firewalls?
>
>
> Thanks,
>
> Tom
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------