Re : Enterprise security review & design

[Boubacar Fadiga <boubacar_fadiga () yahoo fr>]

CHECKPOINT
ISA Server
MOM
NETVIEW
MBSA
SUS
MCAFEE
...
Good luck

----- Message d'origine ----
De : Purushotham Reddy <purushotham.reddy () nevisnetworks com>
À : Mohamad Mneimneh <mmneimneh () comium com>; security-basics () securityfocus com
Envoyé le : Dimanche, 20 Août 2006, 6h51mn 15s
Objet : RE: Enterprise security review & design


Hi

   Look at www.nevisnetworks.com 

  You will definitely find all in one device
   
Thanks & Regards
Purushotham Reddy


-----Original Message-----
From: Mohamad Mneimneh [mailto:mmneimneh () comium com] 
Sent: Monday, August 14, 2006 2:31 PM
To: security-basics () securityfocus com
Subject: Enterprise security review & design

Hi All,

I have the following scenario:

-    An enterprise with nearly 600 employees {LAN environment
including VLANs}
-    Current security architecture below average; objective is to
bring it up to speed
-    Cisco powered network {LAN switches include 6509s}
-    Windows XP clients in a Win 2003 based AD setup
-    Norton A/V deployed on the clients
-    Cisco/Linksys APs deployed around the campus {2 buildings, 10
floors each}

As part of implementing a security architecture design, I need your
advice/suggestions, in terms of applications & products, in order to
meet the following requirements:

-    Provide a solution for assets inventory, in terms of OS & Apps
-    Provide an automated vulnerability assessment tool, which will
regularly scan the clients and provide a means to correlate & prioritize
vulnerabilities 
-    Provide the ability to a content security solution that will
protect the business from Spyware, viruses, malicious code, spam, email
abuse, P2P, IM; am especially concerned with spam, P2P & IM
-    Ability to plan & automate the implementation of OS &
applications patches, while providing a history of such updates
-    deploy a client based Firewall & IDS/IPS applications with
centralized administration console
-    deploy a content filtering application for web pages, which will
generate reports on internet usage per user
-    deploy a network forensics application, from the OS level
{failed logins, access violations...} to the network infra level
-    deploy a network management application that will help me
identify bottlenecks
-    WLAN management application to secure access to APs
-    Bandwidth consuming applications visibility; i.e. I need to
monitor which applications, and which users, are consuming my WAN
connections

Apologies if the list of requirements is long.

-Mohamad.
************************************************************************
***********************************************************
No employee or agent is authorized to conclude any binding agreement on
behalf of Comium with another party by e-mail without expressed written
confirmation by an officer of Comium. Any views expressed by an
individual in this electronic message do not necessarily reflect views
of Comium or its subsidiaries and associates.
This electronic message and its attachments are solely addressed to the
addressee's, and contain confidential information protected from
disclosure belonging to Comium.
If you are not the intended addressee of this electronic message and its
attachments, kindly delete it immediately from your system and notify
the sender by electronic mail. You must not copy this message or
attachment or disclose its content to any other person.
Comium does not guarantee the integrity of this electronic message and
any of its attachments, or that they are free from computer viruses or
other defects.
************************************************************************
************************************************************

------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------