Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Rule management process

from [Park Foreman] Network Security [Permanent Link]
Subject: Re: Rule management process
Date: Tue, 18 Oct 2005 12:49:39 -0400 
Bret and Matthew,

I have done some work in this area. Items ii and iii are largely mechanical processes that require firewall management skills. The real problem is the first item. Most of this work involved comparing the rules with risk assessments, policy, current threat environment and security posture of the organization. You will have to define all of these in some detail and understand where they relate directly to the rules. That is a big task and more complex than the other two.

Good Luck

Park Foreman
CISSP, ISSAP, CCSE
park4man@mac.com

NOTICE: This email is confidential, privileged and intended only for the stated addressee(s).

If you receive this in error, please inform me immediately and delete it and all copies from your system. Any unauthorized disclosure, use, or dissemination, either whole or partial, is prohibited.

This email and its attachments are believed to be free of any virus, or defect, but it is the responsibility of the recipient to ensure this.

On Oct 17, 2005, at 8:55 AM, Bein, Matthew wrote:

Funny, I was just about to post the same thing.. Has anyone sent you a
response?

Matthew

-----Original Message-----
From: Bret Watson [mailto:lists@ticm.com]
Sent: Wednesday, October 12, 2005 9:41 AM
To: security-management@securityfocus.com
Subject: Rule management process

Hi All,
we are in the last stages of our SSE-CMM lvl1 process improvement.
One last thing I'm a little stuck on is developing a process for
ensuring our rule set is i. sensible, ii. optimised and iii. does not
have unused rules.

Has anyone else done something like this ?

Thanks



[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Rule management process, Cronican, John
Next by Date:  Re: Top Information Security Management Challenges in the Enterprise Today?, Josh Tolley
Previous by Thread:  RE: Rule management process, Bein, Matthew
Next by Thread:  Re: Rule management process, David Lawson
Indexes:  [Date] [Thread] [Top] [All Lists]