Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: What firewall for small medical research lab

from [Justin Shore] Network Security [Permanent Link]
Subject: RE: What firewall for small medical research lab
Date: Sat, 29 Apr 2006 10:59:37 -0500 
-----Original Message-----
From: rmillisl@millis-it.com [mailto:rmillisl@millis-it.com]
Sent: Wednesday, April 26, 2006 9:55 PM
To: firewalls@securityfocus.com; security-basics@securityfocus.com
Subject: What firewall for small medical research lab

I have been asked to research what good, low cost, firewall solutions
might prove suitable for a medical research lab at a local University

to

protect confidential patient data from outsiders.


I believe you just answered your own question.  You have confidential
patient medical information to protect.  There are serious HIPAA
concerns here.  It is also quite likely that you are required to undergo
security audits because of HIPAA (consult a HIPAA security consultant
for more information).

I won't say that an open source solution is the wrong way to go; I use
them myself all the time.  I will say that I recommend a Cisco Pix 506E
or an ASA 5510.  You don't have to maintain an overall system.  The
system is the firewall.  There aren't any system-level packages to be
concerned with.  You can also get instant support for the product at any
time of the day.  You're more likely to find a local Cisco shop that can
help you out than you'll be able to find a local shop that is
experienced with your choice of Linux distro and your choice of firewall
package (assuming you don't role your own like I usually do).  If your
company has the ability to provide adequate support for a Linux-based
solution then by all means go for it.  If you're the only person who'll
be supporting this appliance or if you question your own abilities then
go with a canned solution.

http://www.cisco.com/en/US/partner/products/ps6120/prod_models_compariso
n.html

I would strongly recommend that you enlist the services of a security
professional when setting up whatever solution you go with.  This is not
one of those cases where learning on the job is a good thing when HIPAA
is concerned.  

Justin

-------------------------------------------------------------------------
This List Sponsored by: Webroot

Don't leave your confidential company and customer records un-protected. 
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no 
obligation. See why so many companies trust Spy Sweeper Enterprise to 
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise

http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: What firewall for small medical research lab, adnan@techiesonly.com
Next by Date:  Re: What firewall for small medical research lab, chris
Previous by Thread:  RE: What firewall for small medical research lab, Arturas Zalenekas
Next by Thread:  Re: What firewall for small medical research lab, chris
Indexes:  [Date] [Thread] [Top] [All Lists]