Difference between revisions of "Team 12 Corporate Defenses"
Chris DuPuis (talk | contribs) |
Chris DuPuis (talk | contribs) |
||
| Line 14: | Line 14: | ||
- Set firewall rules to refuse all other types of service requests from outside. | - Set firewall rules to refuse all other types of service requests from outside. | ||
| + | |||
| + | '''Firewall to keep out internal intruders''' | ||
| + | |||
| + | - Security isn't just a matter of outside=bad, inside=good. | ||
| + | |||
| + | - Issues include insider hacking, unauthorized access to sensitive information, and worm containment (keeping worms from spreading to other machines on the LAN). | ||
| + | |||
| + | - Also, the definition of "inside" and "outside" for the network gets fuzzy when factors such as laptops, wireless networks, and VPN access are added. Could a visitor with a laptop plug into your network and do bad things? Could someone sit in your parking lot and access your network wirelessly? | ||
Revision as of 04:35, 24 October 2005
--Chris DuPuis 21:01, 23 October 2005 (PDT) This is just a list of items involved in defending corporate and financial networks. I will write up this section later, but, if you have anything to add, please do so here.
Network Security for Corporations
These are all supposed to be things that the DHS can recommend as policy for companies to adopt.
Firewall to keep out external intruders
- Co. should define policy listing services (specific servers and applications) that need to be accessible from outside the corporate network. (For example, most sites will require external web access to their web server.)
- Set firewall rules to refuse all other types of service requests from outside.
Firewall to keep out internal intruders
- Security isn't just a matter of outside=bad, inside=good.
- Issues include insider hacking, unauthorized access to sensitive information, and worm containment (keeping worms from spreading to other machines on the LAN).
- Also, the definition of "inside" and "outside" for the network gets fuzzy when factors such as laptops, wireless networks, and VPN access are added. Could a visitor with a laptop plug into your network and do bad things? Could someone sit in your parking lot and access your network wirelessly?
