[fw-wiz] Security and Audit Policy

• Previous message: Luis Maria Sainz Caballero: "RE: [fw-wiz] Checkpoint NAT H.323 support"
• Next in thread: R. DuFresne: "Re: [fw-wiz] Security and Audit Policy"
• Reply: R. DuFresne: "Re: [fw-wiz] Security and Audit Policy"
• Reply: gmx: "Re: [fw-wiz] Security and Audit Policy"
• Reply: Paul D. Robertson: "Re: [fw-wiz] Security and Audit Policy"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: firewall-wizards@honor.icsalabs.com
Date: Sun, 7 Nov 2004 06:38:55 -0800 (PST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Security Gurus,

When I took over as Sys Ad for this company, I found
out there
are no security and audit policies in place. I have no
way means
of getting in touch with the previous guy.

Since I have to start from scratch and document
everything
regarding this network. I feel that this group would
be in the
best position to give some suggestions as to what I
should do or
the manner of solving the problem.

I have already done the following steps:

1. Enabled Firewall rules on the network and with
Win32 clients;
2. Installed Anti Virus Software for the network and
enabled
automatic updates;
3. Enforced User Permissions for most users; (dilemma)
4. Disabled M$ Outlook and IE and replaced these with
Mozilla
Thunderbird and Firefox.

Problems:

1. I don't know how to keep track of their browsing
patterns,
some users have intermediate to advanced browsing
skills which
they can conceal where they have visited such as maybe
porn
sites and the like. How do I prove my suspiscion and
stop them
from doing this? I am afraid that by doing so, our
network may
be trojaned or may have been infected with spyware or
may be a
zombie now?

2. I wanted to enforce strict user permissions, but my
dilemma
would be, bosses or managers take it against me or
anyone
restricting on what they could or not do on their
machine. To
make a concrete example, I could do an audit policy
for all
users with less rights to install programs and the
like but some
of them, listen to radio, download .exe files or
shareware
without my knowledge.

If I enforce this restrictive permissions, they get
back on me.
If I don't, I am afraid the network is considerably
slows down
and I think, some machines may be a compromised
already unless
the bandwidth is being used up by the users. How do I
catch them
accessing forbidden sites and how do I stop them from
doing such
and how do I make them with less capacity without them
getting
furious?

3. Though, I have setup and installed Mozilla
Thunderbird and
Firefox in each client PCs, most of them still use M$
Outlook
and IE. How do I justify and convince them not to use
this
because of security loopholes and problems? Some are
so used to
Outlook and IE that they don't want change.

Any suggestions, on how to make it less of a burden to
administer this network of 12 clients would be
appreciated.

Thanks very much.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.92 (MingW32) - GPGshell v3.23

iD8DBQFBjjNBuG3YFhFblMkRAiXDAKDT0ywwBwfM7qi1VS5HOFPOi3LhkACg6eFg
FR5U6VihJqU4Otz7bYyQh9s=
=poMj
-----END PGP SIGNATURE-----

=====
Sincerely,
Servie Platon

                
__________________________________
Do you Yahoo!?
Check out the new Yahoo! Front Page.
www.yahoo.com
 

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Luis Maria Sainz Caballero: "RE: [fw-wiz] Checkpoint NAT H.323 support"
• Next in thread: R. DuFresne: "Re: [fw-wiz] Security and Audit Policy"
• Reply: R. DuFresne: "Re: [fw-wiz] Security and Audit Policy"
• Reply: gmx: "Re: [fw-wiz] Security and Audit Policy"
• Reply: Paul D. Robertson: "Re: [fw-wiz] Security and Audit Policy"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]