Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Securing the Server Farm

from [WALI] Network Security [Permanent Link]
Subject: Re: Securing the Server Farm
Date: Fri, 27 Jul 2007 05:49:22 +0400
Thanks for the link anymouse, but the itsd document contained therein is too detailed, highlevel and conceptual , where I failed to find the clause that deals specifically the technology I need and ways I might employ in order to secure my server farm.

Vendors talk about deploying a firewall or an IPS before my servers but if I do that, I loose out on the bandwidth drastically where each of my IDF is getting an uplink of 10G to core switch. Firewall, IDS here would act as a bottleneck for my speeds.
Also, shall I attach all my servers directly to core switches or is there another best practice?

The reason I feel that there exists a need to protect my servers from internal traffic on LAN is because there is usually a huge time lag before we get to deploy even highly critical MS patches on them and also, I have read that 80% of threat to IT infratsucture comes from an insider.

Pls advise from your experience.

Regards

----- Original Message ----- From: <anymouse@user.net>
To: <security-basics@securityfocus.com>
Sent: Wednesday, July 25, 2007 8:32 PM
Subject: Re: Securing the Server Farm


Take a look at this Canadian Security Establishment publication. Should be a good start.


http://www.cse-cst.gc.ca/documents/publications/gov-pubs/itsd/itsd02.pdf


Regards,

DaSein

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Script, korozion
Next by Date:  Disabling autorun for mapped network drives, Johnny Wong
Previous by Thread:  Re: Securing the Server Farm, anymouse
Next by Thread:  Disabling autorun for mapped network drives, Johnny Wong
Indexes:  [Date] [Thread] [Top] [All Lists]