Re: Internal Network Security

[Willis Marti <wmarti () TAMU EDU>]

I've not had good luck with finding reasonable campus-wide divisions.
Most places employ student workers, for example, and let them access
student resources from desktops in "administrative" areas. Our approach
is to still use border firewalls and IDS, then establish "secure islands"
within the campus mostly around servers.
Cheers,
 Willis Marti
 Associate Director for Networking
 Computing & Information Services
 Texas A&M University
Re:
> Divide it into different networks (either logical or physical, only you
> and your network people know the best answer to this) and use firewalls
> in the borders, not just router ACLs.
>
> For example:
> One for students.
> One for critical info dealing with student data.
> One for confidential info not student related.
> Etc.
>
> You get the idea.
>
> I hope this helps!
>
> Antonio Quesada
> Director of Networking and Computing Services
> Georgia Gwinnett College
> 1000 University Center Lane Suite B3800
> Lawrenceville, GA 30043
> USA
> 678-407-5093
>
>
> -----Original Message-----
> From: Gibbs, Aaron M. [mailto:AMGibbs () ST-AUG EDU]
> Sent: Thursday, October 26, 2006 6:28 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] Internal Network Security
>
>
> I am looking to beef up the network security of the campus
> infrastructure inside our firewall and IDS/IPS. Are there any
> suggestions that can be offered to assist me in further securing the
> network.
>
> Aaron M Gibbs
> Executive Director
> Center for Information Technology
> Saint Augustine's College
> 919-516-4379 (Office)
> 919-516-4382 (Fax)
> amgibbs () st-aug edu
> www.st-aug.edu
>
> "Always be a visionary!"