RE: [fw-wiz] Client Security Policy, IT security Policy Samples

From: Marcus J. Ranum (mjr_at_ranum.com)
Date: 06/04/03

  • Next message: Paul Robertson: "[fw-wiz] [Administrivia] List Traffic/Level"
    To: <rlw@avantsystems.com>, <firewall-wizards@icsalabs.com>
    Date: Tue, 03 Jun 2003 22:32:56 -0400
    

    Bob Wanamaker - Avant Systems, Inc. wrote:
    >"We cannot develop any security policy without a risk assessment."

    Hey, we're all familiar with the stories of the guys who build
    boats in their garages and then discover that they can't get
    them out?

    If the policy is the blueprint for how security is done, and the
    firewall etc is the implementation - the risk assessment is
    the site survey.

    mjr.

    ---
    Marcus J. Ranum				http://www.ranum.com
    Computer and Communications Security	mjr@ranum.com
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Paul Robertson: "[fw-wiz] [Administrivia] List Traffic/Level"