Firewalls + ?

[Lee Merrill]

Stephen,

Kind of a complicated question.  Mostly the answer is based on what is
needed in the cooperate Intranet/Extranet for protection.
Security Policy/ Plan should always start it off.  Address who will access
what, where, and why.  From there you can make a lot of decisions.  The
quick list:

Boundary firewall  (required)
Intrusion Detection System (not required but should be if you have internal
sensitive LANs)
VPN for remote access (If you have telecommuters or sales people that need
access to controlled corp. info)
VPN for Branch office connection (If you have multiple sites that require
communication of controlled data)
Distributed Firewalls (personal firewalls,  Most attacks appear now to be
from internal sources like the disgruntled worker)
A really good IT dept. knowledgeable in security concerns and policy.
(probably the most important thing of all)

This is pretty much the big stuff.  You can also add internal boundary
firewalls or VPN gateways for protection of distinctly sensitive data
centers or legacy systems. etc, etc.

And then there is how you implement the whole thing.  What can you afford
and what comes first.  And what product in particular.  Many companies now
have systems that can handle several of these pieces in one box, thus making
your life easier.  Not to mention the management of the whole mess.

Good Luck,

Lee Merrill
IPCA Lab
Nortel Networks
leemerri at nortelnetworks.com


-----Original Message-----
From: Stephen Chowning [mailto:schowning at HOME.COM]
Sent: Wednesday, March 21, 2001 7:08 PM
To: VPN at SECURITYFOCUS.COM
Subject: Firewalls + ?


In reading about security in general, and VPN's in particular, I have come
across articles that raised a
question. The first article made the point that any corporate officer, when
inquiring about their network
security and getting the answer that it consisted of firewalls alone should
fire the person responsible for
network security. The second article likened network security to castles. No
security/castle is completely
impenetrable, but the best of both had/have multiple defenses to heighten
the effort required to penetrate,
hopefully beyond the attacker's desire or resources.

So my question is, what would be the list of multiple defenses for networks?
Firewalls, obviously, but what
would the others be?

Stephen Chowning

VPN is sponsored by SecurityFocus.COM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/vpn/attachments/20010322/33b21e38/attachment.htm