Re: A new concept for security management?

["Chris Berry" <compjma () hotmail com>]

> From: "Keenan Smith" <kc_smith () clark net>
> I've been contracted to build the infrastructure, as it were, for a small
> company.
>
> Right now, they've got a single computer hooked up to a cable modem.  No
> security and little LAN functionality.
>
> They want to add 5 computers, for a total of 6 and network them together,
> all having access to the Internet.
>
> Not a big problem, if they had an IT staff or even any technical ability at
> all.  However, these folks are newbies to technology and can't afford to
> hire anybody to manage it for them.  Creating a LAN is no problem.  A
> bare-bones firewall or Linksys-type router to provided NAT functionality 
> and
> they're off and running.  What they'd still be missing is active security.
>
> So I started looking around at the MSSPs (Managed Security Service 
> Provider)
> as a possible security solution.  My thought was that I could create a
> bare-bones LAN for the company and let an MSSP provide the security.
>
> However, after researching MSSPs for a while, they all seem to provide the
> same basic function: they manage/monitor your network and security devices.
> That implies that the company would have to buy a firewall, intrusion
> detection of some sort and a virus scanner before an MSSP could come into
> play.
>
> My question is this:  is there an MSSP (or some other acronym) that 
> provides
> security as a service?  My thought is to provide a secure tunnel from this
> company's LAN to a remote LAN.  The remote LAN would be secure and managed
> and provide that service for a monthly fee.
>
> Is there anything like that out there or am I stuck trying to sell a
> complete security solution of some sort to this company?
>
> Thanks in advance for any help.

Well there are three(four) things that are ABSOLUTELY necessary:
1) Anti-Virus software with auto-updating (assuming windows boxes).  I 
recommend Norton Corporate
2) Firewall protection.  I'd say the IPCOP package is probably about as easy 
as it's going to get, even a totally clueless person can run the updates.
3) Backups.  Show them how to use Zipcentral, and Nero with a cd-rom burner
4) Auto-updating OS patches, for MS setup the auto-update feature, for 
linux, it depends on the distro, for example Mandrake make a cron job that 
runs urpmi.

This will take care of 95% of their needs nearly automatically.  I take care 
of two companies, one of which only has five employees, and they're using 
that exact setup.  I almost never have to do anything for them, the manager 
their can handle it (and he's not super technical or anything).  I'd also 
recommned that you use the IPCOP box to set up a VPN, and get them some kind 
of consultant for on call support, he can then use VNC over the VPN to do 
any remote fixing they need.  This is obviously no the only (and maybe not 
even the best) solution, but it's very cheap, and pretty effective.

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"All I want is a few minutes alone with the source code for the universe and 
a quick recompile."

_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.  
http://join.msn.com/?page=features/virus


---------------------------------------------------------------------------
----------------------------------------------------------------------------