Re: Personal Firewall rulebase

From: Meritt James (meritt_james_at_bah.com)
Date: 10/07/03

  • Next message: Scott Seglie: "Network Security Architecture Training" 
    Date: Tue, 07 Oct 2003 10:46:58 -0400
To: Angie Urtel <aurtel@fastenal.com>

    Personally, I would recommend blocking everything (nice, simple rule)
    then only allowing those services that are identified as necessary. And
    THEN if someone gripes about simething breaking you would be able to
    shove the problem off onto THEM, and insist upon THEM properly
    registering their service!

    Jim

    Angie Urtel wrote:
    >
    > How about following the principle of least privilege - not allow anything
    > and then see what breaks? Work backwards from there.
    >
    > -----Original Message-----
    > From: ssgrif@yahoo.com [mailto:ssgrif@yahoo.com]
    > Sent: Monday, October 06, 2003 3:24 AM
    > To: security-basics@securityfocus.com
    > Subject: Personal Firewall rulebase
    >
    > Hi,
    >
    > I need to create a rulebase from scratch for our corporate cenrally managed
    > personal firewall solution.
    >
    > I was hoping I could get some advice on quick wins or sites that could help
    > me get the basics set up first.
    >
    > The personal Firewall software in question here is Zone Labs Integrity Agent
    > along with Integrity Server.
    >
    > Thanks
    >
    > G
    >
    > ---------------------------------------------------------------------------
    > ----------------------------------------------------------------------------
    >
    > ---------------------------------------------------------------------------
    > ---------------------------------------------------------------------------- 

    -- 
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566
---------------------------------------------------------------------------
----------------------------------------------------------------------------
  • Next message: Scott Seglie: "Network Security Architecture Training"

    Relevant Pages

    • Personal Firewall rulebase
      ... I need to create a rulebase from scratch for our corporate cenrally managed personal firewall solution. ... The personal Firewall software in question here is Zone Labs Integrity Agent along with Integrity Server. ...
      (Security-Basics)
    • RE: Personal Firewall rulebase
      ... How about following the principle of least privilege - not allow anything ... Work backwards from there. ... Subject: Personal Firewall rulebase ...
      (Security-Basics)