Internet Security

A firewall is a system or set of systems which implement part of your companies' security policy. The cost and nature of this system depends on the particulars of this policy, and the value of the information and systems you are protecting.

Some of the salient policy points are:

1. What access should outsiders be allowed to your resources. Probably web and mail, maybe others.
2. What access do employees need from home or on the road. Do they need full access, or do they just need to pick up their e-mail? If you set up a VPN, then their home machines can be a channel for breakins.
3. What access should people on the inside have to the internet. If you let them connect out via ssh, they can set up their own VPN in.
4. How much do you trust your employees (or the software they are running) not to be stupid. For example, Outlook (which will heretofore be known as "the virus engine"), can be made to execute active content without the user even opening the message. And how many times have you had to tell them not to open attachments? You may want some serious content filtering to prevent this.

Remote Access

Securing Services

Securing Hosts

Intrusion Detection

Scanners and Hacking

Resources

• 3 Com
• amaonline
• alliance
• cisco
• netsecurity
• macintouch
• Sun
• YASSP: Yet Another Solaris Security Package
• Solaris Hardening