Re: Security design methodology

[Alex Creek <acreek83 () yahoo com>]

Finding requirements first makes sense.  I can see how that would set the tone for what's needed.  Say if a company has 
a lot of users who connect externally, then a VPN would probably be the main driver.  

For compatibility between security systems, would it be best to just follow vendor recommendations?   


Alex
________________________________
From: Chris Stefan <chris.stefan1844 () gmail com>
To: Alex Creek <acreek83 () yahoo com> 
Cc: "security-basics () securityfocus com" <security-basics () securityfocus com> 
Sent: Friday, November 2, 2012 3:40 PM
Subject: Re: Security design methodology


Get the client requirements and objectives out of the way first. Then decide on hardware/software.
On Nov 2, 2012 3:26 PM, "Alex Creek" <acreek83 () yahoo com> wrote:

Lately I've been doing some research into network security.  For anyone with experience in network security 
design/build,  is there a method for what to do first when planning?  For example, should security be planned 
externally first then internally or vice versa? Which system is the most important?  Does everything need to work with 
firewall xyz or does everything need to work with a monitoring system abc?
> Alex
>
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
> it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
> install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
> highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------