Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: Securing the Server Farm
From: "WALI" <hkhasgiwale () gmail com>
Date: Fri, 27 Jul 2007 05:49:22 +0400
Thanks for the link anymouse, but the itsd document contained therein is too detailed, highlevel and conceptual , where I failed to find the clause that deals specifically the technology I need and ways I might employ in order to secure my server farm.
Vendors talk about deploying a firewall or an IPS before my servers but if I do that, I loose out on the bandwidth drastically where each of my IDF is getting an uplink of 10G to core switch. Firewall, IDS here would act as a bottleneck for my speeds. Also, shall I attach all my servers directly to core switches or is there another best practice?
The reason I feel that there exists a need to protect my servers from internal traffic on LAN is because there is usually a huge time lag before we get to deploy even highly critical MS patches on them and also, I have read that 80% of threat to IT infratsucture comes from an insider. 

Pls advise from your experience.

Regards
----- Original Message ----- From: <anymouse () user net> 
To: <security-basics () securityfocus com>
Sent: Wednesday, July 25, 2007 8:32 PM
Subject: Re: Securing the Server Farm
Take a look at this Canadian Security Establishment publication. Should be a good start. 


http://www.cse-cst.gc.ca/documents/publications/gov-pubs/itsd/itsd02.pdf


Regards,
DaSein

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]