Security Basics mailing list archives
Re: Planning Overall Protection
From: Joe <bitshield () gmail com>
Date: Sun, 6 Aug 2006 13:27:45 +0200
Hello Network Freek I suggest you to implement the defense-in-depth strategy. This requires you to implement multiple layers of security that must be traversed sequentially. You can choose different vendors to make this strategy most effective. Beware that various products use other vendors scan engines so that a different vendor may not guarantee different Malware prevention technology. I consider the following "equipment" as good practice: Internet gateway; here you can block all kind of web content - viruses, trojans, spyware, etc - URLs - binaries and scripts based on their behavior - various content types and file types Client security suite on user's computer to: - detect and delete viruses - block network traffic - detect intrusion attempts IPS system to: - block network based attacks - block suspicious traffic e-Mail gateway to: - block viruses - block or tag SPAM There are tons of products that can do that. Implementing such a strategy requires some time and costs a lot of money. You can have simple tools that just to basic stuff and you can have tools that allow very complex configuration. I would first define the requirements and then I would figure out which technology brings you the best short term protection. This could then be the starting point of the implementation of your strategy. Regards Joe On 8/4/06, network freek <network.freek () gmail com> wrote:
Hi, I am preparing to define and to setup corporate protection from any kind of malware threat. I am envisaging to put an IPS and antivirus gateway (or looking for antivirus that can be installed in the mail/ mx servers and proxy servers) right behind the front firewall, antivirus clients capable of effectively detecting any spyware, virus, worm, spam and a management/ control server. I am also planning to define additional policy concerning virus/ malware. What do you suggest? Any suggestion about product offering a total/ comprehensive solution? What do you think about disabling or prohibiting flash disk drive (or any idea to prevent threats from removable media)? Any idea would be greatly appreciated --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Planning Overall Protection network freek (Aug 04)
- Re: Planning Overall Protection Joe (Aug 08)