Securing a Local Network

• Previous message: Bruyere, Michel: "administrator hierachy..."
• Next in thread: Henry, Christopher M.: "RE: Securing a Local Network"
• Maybe reply: Henry, Christopher M.: "RE: Securing a Local Network"
• Reply: John Lewis: "RE: Securing a Local Network"
• Maybe reply: Halverson, Chris: "RE: Securing a Local Network"
• Maybe reply: Eric Curbo: "RE: Securing a Local Network"
• Reply: webmaster: "Re: Securing a Local Network"
• Maybe reply: Meidinger Chris: "RE: Securing a Local Network"
• Maybe reply: Meidinger Chris: "RE: Securing a Local Network"
• Maybe reply: Meidinger Chris: "RE: Securing a Local Network"
• Maybe reply: Steven Trewick: "RE: Securing a Local Network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 13 Apr 2004 12:16:33 -0500
To: security-basics@securityfocus.com

I started working as a sys admin at a small company (about 15 people) and
they are starting to think it's time to upgrade their network. Right now
it's just 20 computers, running a mix of xp and 2000 on a local network,
sharing files, with almost no anti virus and the only protection from the
outside world is the NAT that the routers perform.

I've tried to get the to upgrade to a domain, add a file server for backup,
get some office wide virus protection and maybe even take our email in
house, but they've balked at the price to setup a legit windows domain. The
main goals are access control on the local network and virus / worm
protection. I'm suggesting a Windows domain controller to enforce access
control and then an centralized anti-virus product. Is this enough, and are
there other (easier, cheaper, more effective ways) to make sure that only
the people who need to can access the financial records, the computer people
can access the all computers when they need to, and some user decides to
download a cute little program won't destroy the whole network with a virus.

Is a linux domain controller a solution, considering everything else in
house is windows? Is an anti-virus solution at the gateway better than an
anti-virus solution on each desktop? Basically, what's a good way to set up
a solid base of network security, which can then be expanded on?

John Roberts

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

• Previous message: Bruyere, Michel: "administrator hierachy..."
• Next in thread: Henry, Christopher M.: "RE: Securing a Local Network"
• Maybe reply: Henry, Christopher M.: "RE: Securing a Local Network"
• Reply: John Lewis: "RE: Securing a Local Network"
• Maybe reply: Halverson, Chris: "RE: Securing a Local Network"
• Maybe reply: Eric Curbo: "RE: Securing a Local Network"
• Reply: webmaster: "Re: Securing a Local Network"
• Maybe reply: Meidinger Chris: "RE: Securing a Local Network"
• Maybe reply: Meidinger Chris: "RE: Securing a Local Network"
• Maybe reply: Meidinger Chris: "RE: Securing a Local Network"
• Maybe reply: Steven Trewick: "RE: Securing a Local Network"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]