Security Basics mailing list archives
Re: Firewall Patching - Best Paractices
From: "gig" <gigabit () satx rr com>
Date: Fri, 10 Aug 2012 10:41:56 -0500
Phil,in our shop, Info Sec has the job of being aware of patches for firewalls/infrastructure.
we work with the IT Operations team to figure out if the patch is even applicable to our configuration.
if so, we work together to assess the risk...then decide if it's an immediate patch or if it can wait.
the risk assessment process is critical because it gives you the flexibility to react in the best way, if you have honest conversations from both points of view (info sec and IT Ops)
----- Original Message ----- From: "Phil Hanna" <subscription () geeksvictoria com au>
To: <security-basics () securityfocus com> Sent: Friday, August 10, 2012 7:29 AM Subject: Firewall Patching - Best Paractices
Hi All, I'm looking for opinion for what are the industry's best paractice for managing the upgrdae/patches to the firewalls. I'm devloping a process to have the firewall updated/checked for patches regulary but looking for opinion how other folks are doing it. My ideas are following: - A mailing list for the company with all InfoSec community part of it and then subscripte that list for updates from Cisco, Checkpoint. * for Cisco, I've found the lists but for Checkpoint I couldn't figure out where to subscribe. - Infosec reffers the update/patch to the network teams and they consider the risk factor and asses if the patch needs to be immediately applied for at some regular cycle. thanks, P ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital CertificateIn this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Firewall Patching - Best Paractices Phil Hanna (Aug 10)
- RE: Firewall Patching - Best Paractices Joseph Laico (Aug 10)
- Re: Firewall Patching - Best Paractices gig (Aug 10)
- Re: Firewall Patching - Best Paractices rrprecilla (Aug 10)
- Re: Firewall Patching - Best Paractices gig (Aug 10)
- RE: Firewall Patching - Best Paractices Joseph Laico (Aug 10)