Security Basics mailing list archives

Re: Defense in Depth

From: <sf_mail_sbm () yahoo com>
Date: 3 Nov 2004 13:43:46 -0000

In-Reply-To: <200411010033.16288.miles () mstevenson org>

From: Miles Stevenson <miles () mstevenson org>

Applying the practice of "Defense in Depth" to computers, means implementing=20
defenses at each of the above layers. A good security plan would ensure that=20
there are effective controls in place to ensure security at each of the above=20
"layers". Let's work with an example here: sensitive data stored in a=20
database.


Dear all, 

Thanks for your remarks 7 comments

From what I gather from your mails, in particular Miles Stevenson's remarks, the following approach would be true 
Defense In Depth:


(a) Ensure that firewall ruleset allows only those ports that are needed for accessing servers

(b) Use a firewall or another intermediate device that will provide Network IDS, Antivirus protection

(c) Harden the servers

(d) Install Host IDS, Antivirus, AntiSPyware on the servers

(e) Implement Patch Management infrastructure for rapid patch deployment

(f) Implement log monitoring infrastructure

(g) etc.. etc..

Current thread:

Re: Defense in Depth Daniel Miessler (Nov 01)
- <Possible follow-ups>
- RE: Defense in Depth Randy Golly (Nov 01)
- Re: Defense in Depth Naren (Nov 01)
  - Re: Defense in Depth Ghaith Nasrawi (Nov 03)
- Re: Defense in Depth Javier Blanque (Nov 01)
- Re: Defense in Depth Spencer Hall (Nov 02)
- Re: Defense in Depth Miles Stevenson (Nov 02)
- Re: Defense in Depth sf_mail_sbm (Nov 03)
- RE: Defense in Depth Randy Golly (Nov 04)
  - RE: Defense in Depth Ghaith Nasrawi (Nov 08)