Re: [fw-wiz] Exchange & Blackberry

• Previous message: Paul D. Robertson: "Re: [fw-wiz] Web server security?"
• In reply to: Paul D. Robertson: "Re: [fw-wiz] Exchange & Blackberry"
• Next in thread: Claussen, Ken: "RE: [fw-wiz] Exchange & Blackberry"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Paul D. Robertson" <paul@compuwar.net>
Date: Tue, 22 Jun 2004 07:32:43 -0500

All true Paul, but you know us techno weenies don't want to deal with
policy, risk assessments, etc...we want to play with toys ;)

Don
On Tue, 22 Jun 2004 08:13:42 -0400 (EDT), "Paul D. Robertson"
<paul@compuwar.net> said:

> More importantly, what does your security policy say about the
> requirements for such servers/services?
>
> Every decision point shouldn't require a completely new assessment, it
> should require going into a category of risk management that's already
> outlined, with the appropriate software and hardware infrastructure needs
> outlined, and adjusting for the quirks of the particular thing.
>
> For instance "This type of server only gets access to the communications
> segment," or "This type of server doesn't get carte blanch access to the
> internal network," or "This type of server has to be on a separate
> external segment" are all valid security policy statements- but the
> policy
> should address such things at a macro level, with detailed adjustments
> for implementation.
>
> Paul
> -----------------------------------------------------------------------------
> Paul D. Robertson "My statements in this message are personal
> opinions
> paul@compuwar.net which may have no basis whatsoever in fact."
> probertson@trusecure.com Director of Risk Assessment TruSecure
> Corporation

-- 
  
  strider@mailworks.org
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Paul D. Robertson: "Re: [fw-wiz] Web server security?"
• In reply to: Paul D. Robertson: "Re: [fw-wiz] Exchange & Blackberry"
• Next in thread: Claussen, Ken: "RE: [fw-wiz] Exchange & Blackberry"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Domain vs Local Security Policy ... You guys (Steven and Paul) are correct but I believe the OP ... but for logging onto machine specific accounts that remains irrelevant. ... >> own password policy and block the policy inheritance from ... To affect domain accounts, the ... (microsoft.public.win2000.security) Re: Kerry criticizes Bushs space vision ... Paul wrote: ... > As far as I?m concerned, Kerry is looking at low-earth orbital missions and ... What kind of policy is that? ... The space advocacy groups would welcome it simply because its space policy;-) ... (sci.space.policy) Re: Lost all network connectivity after clean FC3 install ... > Hi Paul! ... > Chain POSTROUTING (policy ACCEPT) ... RedHat's firewall tool and instead I use ... (Fedora) Re: Password Policy & GPO Settings ... Thanks Paul, that makes sense. ... > User account password policy settings are only applied at the domain ... >> domain password policy settings. ... (microsoft.public.win2000.active_directory) Re: password complexity ... I'd remove all password policies other than the global. ... includes the old NT 4 BDC and the OU based policy. ... >> Paul Williams ... (microsoft.public.windows.server.active_directory)