A new concept for security management?

From: Keenan Smith (kc_smith_at_clark.net)
Date: 05/29/03

  • Next message: Chris R: "Re: W2K server "sniffer"" 
    To: <security-basics@securityfocus.com>
Date: Thu, 29 May 2003 17:50:27 -0400

    All,

    I've been contracted to build the infrastructure, as it were, for a small
    company.

    Right now, they've got a single computer hooked up to a cable modem. No
    security and little LAN functionality.

    They want to add 5 computers, for a total of 6 and network them together,
    all having access to the Internet.

    Not a big problem, if they had an IT staff or even any technical ability at
    all. However, these folks are newbies to technology and can't afford to
    hire anybody to manage it for them. Creating a LAN is no problem. A
    bare-bones firewall or Linksys-type router to provided NAT functionality and
    they're off and running. What they'd still be missing is active security.

    So I started looking around at the MSSPs (Managed Security Service Provider)
    as a possible security solution. My thought was that I could create a
    bare-bones LAN for the company and let an MSSP provide the security.

    However, after researching MSSPs for a while, they all seem to provide the
    same basic function: they manage/monitor your network and security devices.
    That implies that the company would have to buy a firewall, intrusion
    detection of some sort and a virus scanner before an MSSP could come into
    play.

    My question is this: is there an MSSP (or some other acronym) that provides
    security as a service? My thought is to provide a secure tunnel from this
    company's LAN to a remote LAN. The remote LAN would be secure and managed
    and provide that service for a monthly fee.

    Is there anything like that out there or am I stuck trying to sell a
    complete security solution of some sort to this company?

    Thanks in advance for any help.

    KC Smith

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

  • Next message: Chris R: "Re: W2K server "sniffer""

    Relevant Pages

    • Re: WOL security issue
      ... issue if somebody inside our LAN is infected with malware. ... WOL itself is not a security issue. ... it needs to know the MAC address of the ethernet card. ...
      (alt.internet.wireless)
    • Re: Unauthorised switchport access
      ... Your LAN becomes a major target to ... And don't be pacified into a false sense of security by VLANs they are ... Lock all non used switchports and enable a "sticky" MAC learning ... Look into Network Access Control, even if you don't want to ...
      (Security-Basics)
    • Re: A new concept for security management?
      ... Creating a LAN is no problem. ... What they'd still be missing is active security. ... >bare-bones LAN for the company and let an MSSP provide the security. ... Anti-Virus software with auto-updating. ...
      (Security-Basics)
    • RE: Linux on military aircraft
      ... Subject: Linux on military aircraft ... Which Base LAN are they talking about? ... Maybe Linux is really more secure than people here want to admit ... Its just that in order to keep that level of enhanced security, ...
      (comp.os.vms)
    • RE: [Full-Disclosure] Learn from history?
      ... SMB generally arent worrie about running simething like WIndows Update ... >>That does not work with the workarounds customer need to facilitate ... Block the ports BEFORE they hit the LAN. ... Proactive security. ...
      (Full-Disclosure)