Internet.com ISP-Planet

 


Sections

 • Best of the Lists
 • Business
 • CLEC-Planet
 • Equipment
 • Executive
   Perspectives
 • Fixed Wireless
 • Investor
 • Marketing
 • Market Research
 • News
 • Notable Quotes
 • Politics
 • Profiles
 • Resources
 • Technology
 • Value-Added
   Services
 • Webhosting
Also ...
 • About Us
 • Authors
 • Letters
  • Site Map
 • Technology Jobs


 
ISP Glossary
Find an ISP Term
 
Search ISP-Planet


Search internet.com
 
internet.com

Internet News
Small Business

Advertise
Newsletters
Tech Jobs
E-mail Offers

internet.commerce
Be a Commerce Partner
ISP Technology

 

Best of the ISP-Lists

Managed Security Services

Knowledge Over Passive Security

Members of the ISP-Tech list complain about lax attitudes to security at client companies—and you'll also be shocked by the other extreme, which gives everyone two computers, one for the Internet and one for the intranet.

[November 13, 2001]
Email a colleague

On the ISP-Tech list in October, JS inquired,

"I just took a job at a medium-sized firm as their network admin. They've had terrible luck with viruses, which has left the owner of the company very paranoid. They still don't have any virus software, but now each person has two computers, one for the Internet and one for the peer to peer network. I'm trying to convince the owner to get a file server, put in a good firewall, and install virus software. Any thoughts?"

JC suggested that a firewall isn't really necessary:

"You do not need a firewall; if you set up your router correctly, it will act just like a firewall. I would use NAT as well."

Others disagreed, claiming that a firewall is a crucial line of defense:

[TD explained] "The advantage of a firewall over a router is that the firewall typically handles various attack/intrusion signatures that routers do not. And the firewalls can also be leveraged to work with web filtering products. You will get a lot more value and security from a firewall."

[JM added] "NAT by itself won't do much. A firewall with a good management interface may make life easier, and will keep you from accidentally opening yourself up. Firewalls capable of protecting small offices are relatively inexpensive."

Still others noted that education is the most important course of action to take:

[JM advised] "The place to start is by educating users about e-mail viruses and what kinds of attachments are and aren't safe to open. I don't think virus scanners buy you much: they're nice to have if you suspect a problem, but they're usually incapable of keeping a particularly dumb user from infecting himself. Educate your users on what is safe and unsafe behavior."

[BK agreed] "Education is key: flyers, e-mails, alerts, etc. Hold classes. Recognize potential viruses and hoaxes. Don't open things you haven't asked for, and certainly don't open things if you don't know who they are from. For virus protection, auto updates are the answer: folks are lazy when it comes to keeping things up to date."

[TD added] "Take a look at www.sans.org, www.incidents.org, and www.sarc.com. There is some very good literature on threats, vulnerabilities, and best practices. Education should be a focus for you: don't try to scare them, but you should make them aware."

—End

Related articles:
[Sept. 25, 2001] Physical Security Augments Logical Security
[July 11, 2001] ISP-Planet Survey:
Managed Security Service Providers
[Apr. 19, 2001] Slipping IPsec Past NAT

Online resources:
incidents.org by SANS
SARC from Symantec
SANS

 

 

Feedback

Advertising inquiry? Click here!

ISP-Planet's RSS feed

#