icintamyself
MIS
I am asked to ensure my company IT security is in place.
My problem -> security is a big issue.
Scenario :
20 Servers running on Windows NT,2000, Hp-UX, Linux and Solaris. Network is one flat network with about 250 PCs running on Windows NT/XP/2000. We have our own DNS server to maintain our company domain. We have our own internet mail server and users do surf the internet. Both internet mail server and proxy server are placed behind a firewall. We also have two web application servers that the world would access. There is no DMZ.
What are the steps needed to ensure my boss objective is accomplished ? I think abou this :
1) I think I would want to setup a DMZ where the proxy servers, mail relays, and the web servers would be relocated to the DMZ. I guese, correct me if I am wrong, doing this would ensure that the only machines that are supposed to be interacting with Internet via firewall are those machine in the DMZ. If those computers are being hacked or attacked, at least my internal network is secured and I can address the rectification issues on the computers residing on the DMZ. Of course I would load the DMZ computer with latest security patches plus disabling unneccesary internet services. By doing this, would my internal network be completely secured from the world community ? Knowing the internal network is secured, I would then be able to zoom into my internal network and protect the network from internal hacking (hacking from internal).
2) This is what I intend to do :
1) Install latest security patches for various OSes.
2) Disable unnecessary internet services.
3) Antivirus implementation with latest virus definition files update periodically.
4) Implementing Security policy and standard practice including strong password.
Any suggestions and comments ?
Oh ! And well, the periodically penetration test and security assessment.
My problem -> security is a big issue.
Scenario :
20 Servers running on Windows NT,2000, Hp-UX, Linux and Solaris. Network is one flat network with about 250 PCs running on Windows NT/XP/2000. We have our own DNS server to maintain our company domain. We have our own internet mail server and users do surf the internet. Both internet mail server and proxy server are placed behind a firewall. We also have two web application servers that the world would access. There is no DMZ.
What are the steps needed to ensure my boss objective is accomplished ? I think abou this :
1) I think I would want to setup a DMZ where the proxy servers, mail relays, and the web servers would be relocated to the DMZ. I guese, correct me if I am wrong, doing this would ensure that the only machines that are supposed to be interacting with Internet via firewall are those machine in the DMZ. If those computers are being hacked or attacked, at least my internal network is secured and I can address the rectification issues on the computers residing on the DMZ. Of course I would load the DMZ computer with latest security patches plus disabling unneccesary internet services. By doing this, would my internal network be completely secured from the world community ? Knowing the internal network is secured, I would then be able to zoom into my internal network and protect the network from internal hacking (hacking from internal).
2) This is what I intend to do :
1) Install latest security patches for various OSes.
2) Disable unnecessary internet services.
3) Antivirus implementation with latest virus definition files update periodically.
4) Implementing Security policy and standard practice including strong password.
Any suggestions and comments ?
Oh ! And well, the periodically penetration test and security assessment.