Hardware & Infrastructure > Information Security

Security Basics


Bloody Jack Kidd:
Thought a sticky post would be a good resource here - should likely make a wiki section that compliments this.  This is by no means an authoritative list, nor is it complete - please PM or email me additional ideas or opinions I will add to this. 

Basic Security Needs:

Good business class firewall - Cisco, SonicWall, WatchGuard, Juniper
     - probably not a bad idea to maintain a subscription esp. if UTM and it's doing more than just packet filtering
Good Endpoint antivirus - Sophos, ESET, Symantec, Kaspersky
     - do your research, keep it up to date
Use a modern operating system
      - don't lag behind by 3 versions, and keep up with the patches, for both servers and workstations
Use a good browser
     - use a secure, up-to-date and patch browser, new browser have more security features[/li][/list]

Great Add-Ons:

Make http://www.opendns.com/ your upstream source for DNS
Use a proxy / content filter
Use some of your Endpoint Advanced features (App whitelisting, Host IDS, etc.)
Try to enable Egress filtering (controlling what leaves your network as well as what gets in)
Do In-House DNS blackholing
Educate users

I'm going to that Mark proactively, cause I know he'll have stuff to add.  ;)


[0] Message Index

Go to full version