Security Basics mailing list archives
Re: Securing the Server Farm
From: "WALI" <hkhasgiwale () gmail com>
Date: Fri, 27 Jul 2007 05:49:22 +0400
Thanks for the link anymouse, but the itsd document contained therein is too detailed, highlevel and conceptual , where I failed to find the clause that deals specifically the technology I need and ways I might employ in order to secure my server farm.
Vendors talk about deploying a firewall or an IPS before my servers but if I do that, I loose out on the bandwidth drastically where each of my IDF is getting an uplink of 10G to core switch. Firewall, IDS here would act as a bottleneck for my speeds. Also, shall I attach all my servers directly to core switches or is there another best practice?
The reason I feel that there exists a need to protect my servers from internal traffic on LAN is because there is usually a huge time lag before we get to deploy even highly critical MS patches on them and also, I have read that 80% of threat to IT infratsucture comes from an insider.
Pls advise from your experience. Regards----- Original Message ----- From: <anymouse () user net>
To: <security-basics () securityfocus com> Sent: Wednesday, July 25, 2007 8:32 PM Subject: Re: Securing the Server Farm
Take a look at this Canadian Security Establishment publication. Should be a good start.http://www.cse-cst.gc.ca/documents/publications/gov-pubs/itsd/itsd02.pdf Regards,DaSein
Current thread:
- Re: Securing the Server Farm anymouse (Jul 25)
- Re: Securing the Server Farm WALI (Jul 26)