Firewall Policies and VPN Configurations
With in-depth coverage of the top market-leading firewall products, this book focuses on creating policies that apply to multiple products and offers numerous tips for troubleshooting remote connections.
TABLE OF CONTENTS Firewall Policies and VPN Configurations
Chapter 7: IT Infrastructure Security Plan
Introduction
Infrastructure security is at the root of your entire corporate security plan. Other individual security area plans (ISAPs) may overlap with your infrastructure security plan to some extent. For example, a wireless network is part of your infrastructure, but it s also a large enough area to be addressed in a separate project plan. You ll need to ensure that your corporate IT security project and your ISAPs cover all the bases, but be aware that there are overlapping areas that should be clearly delineated if you re working on several projects in parallel. You don t want project teams wrestling over ownership of one part of your network or another. In this chapter, we ll look at the basic infrastructure components and how to secure them; then we ll create a project plan utilizing this information.
Infrastructure Security Assessment
There are two distinct processes: audit and assessment. An assessment is intended to look for issues and vulnerabilities that can be mitigated, remediated, or eliminated prior to a security breach. An audit is normally conducted after an assessment with the goal of measuring compliance with policies and procedures. Typically, someone is held accountable for audit results. Some people don t like the term auditing; perhaps it s too reminiscent of ol Uncle Sam scouring through your tax return from three years ago when you claimed that one vacation as a business trip because you talked to your boss on your cell phone while waiting at the shuttle to your beachfront hotel. Though the terms
Copyright Syngress Publishing, Inc. 2006 under license agreement with Books24x7
