Security Basics mailing list archives
Re: firewall change request
From: wraith () digitaloverdrive org
Date: Sat, 11 Feb 2012 15:45:06 GMT
Hello, You could have an approval team set up as follows: 1. Manager over the resources/hosts being accessed (ie: server team). This person will look at the form and provide oversight as to whether or not access is needed. This person would be the most familiar with the hosts and applications running on them. 2. Manager of the networking team (if not the same resource as above). This person would have the knowledge of the network topology and know if the request makes sense or if another solution needs to be architected. 3. A security/network administrator from the team performing the firewall change, but not the actual person performing the task. This is just as a sanity check to make sure that nothing was missed on the technical level. This team should have the most knowledge and be in contact with the CISO and/or his team for questions, exceptions, etc. Proper education from the top (CISO, etc.) as to what is acceptable traffic and access would have to be put into place and communicated throughout the chain as well. Nothing is mentioned about PCI, etc., but just to be sure, the person requesting the change should not be on the approvers list. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- firewall change request marck e. (Feb 08)
- RE: firewall change request Bahrs, Art (Feb 09)
- RE: firewall change request Dan Lynch (Feb 20)
- RE: firewall change request Daniel Tran (Feb 20)
- <Possible follow-ups>
- Re: firewall change request kartik . netsec (Feb 08)
- Re: firewall change request wraith (Feb 12)
- Re: RE: firewall change request kartik . netsec (Feb 21)