Re: Oh Dear, Where to start?!
From: Mitch Pirtle (mitchell.pirtle_at_verizon.net)
Date: 06/25/03
- Previous message: Kelly Martin: "RE: Firewall configuration statistics"
- In reply to: Steve Frank: "Oh Dear, Where to start?!"
- Next in thread: bugtraq_at_tehlunix.org: "Re: Oh Dear, Where to start?!"
- Reply: bugtraq_at_tehlunix.org: "Re: Oh Dear, Where to start?!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Steve Frank <stevefrankrit@yahoo.com> Date: 25 Jun 2003 14:47:09 -0400
> So basically, if you had to start from nothing, where
> would you start first? What would you consider to be
> the most important things to be implemented? I am
> literally working from ground zero here... heh!
Sounds familiar, I took on the same challenge but it was at a global
organization... Here are my thoughts, with significant disclaimers due
to total lack of details.
First, get something controlling your WAN access (both incoming and
outgoing), as this will limit the damage caused if something Really,
Really Bad happened(TM).
Then, work on upgrading your systems (desktops, I assume), while
understanding the impact that updates would do to their performance
(ancient hardware, old software needing old DLLs, etc.). Test it first!
Then, start on policies that help with passwords on post-its and such,
you could certainly start that step off in parallel with the firewalling
issue. I always had fun "Post-It hunting" in my office(s). Each
Post-It costs $50 for a return.
I believe this would keep you completely swamped for your three months,
and the order performed would give you time to figure out how you could
afford bringing these systems current.
Most important - you need political backing for your policies, or they
are a waste of time. Make sure someone several levels above you will
enforce your policies, and make sure they are 'sponsored' by people at
high levels.
And let me know how it goes, I'd like to know what your experiences are.
-- Mitch
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
- Previous message: Kelly Martin: "RE: Firewall configuration statistics"
- In reply to: Steve Frank: "Oh Dear, Where to start?!"
- Next in thread: bugtraq_at_tehlunix.org: "Re: Oh Dear, Where to start?!"
- Reply: bugtraq_at_tehlunix.org: "Re: Oh Dear, Where to start?!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
