| About InfoWorld : Advertise : Subscribe : Contact Us : Awards : Events : Store |
 |
||||
|
||||
 |
||||
 |
|
|||
 |
||||
|
|
|
||
|
|||||||||||||||||||||||||||||||||||||||||
 COLUMN
Low-cost defense FOR THOSE OF you who don't have hundreds of thousands of dollars to spend on fortifying your network, fear not. There are things you can do that won't break the bank. An obvious first step is to know the systems' normal behavior and follow established best practices for auditing access privileges, activity, and applications. Another is to use the built-in features of firewall and router software.
Furthermore, firewalls should be configured with only necessary ports open and unnecessary ports blocked. Use desktop or personal firewall software such as that from Internet Security Systems (formerly NetworkICE), Symantec, or Zone Labs; the best contain intrusion-detection features that are especially useful for telecommuters and mobile users. I know a lot of this is common sense. But it's the kind of advice that needs repeating. Anyone who believes they can't be compromised has no inkling how pervasive the threat is. I hope you're already following some of these practices. It's the networking equivalent of requiring your staff to wear badges, itself a common-enough practice. ISPs in particular need to make sure that routers are filtering packets as described, because the best way to keep spoofed packets from flooding your customers' networks is to stop them at your peering points and customer links. I'm writing this column on September 12, and for obvious reasons, I'm having a hard time staying on track. The attacks on the Pentagon and the World Trade Center remind all of us that security is never 100 percent. They also remind us of the importance of maintaining backups, knowing where the fire exits are, and staying calm in a crisis. The events of September 11 were a painful reminder of the importance of having and testing a disaster recovery plan. Businesses that followed best practices have a chance of recovering from this disaster, even though they may have lost staff or key executives in the attack. The data lost might be important, but the people you lose in a disaster can never be replaced. Any good recovery plan has to account for the possibility that your leadership will be out of touch. Realistic rehearsals should include unplanned substitutions of junior personnel to test your chain of command and to ensure that crucial decisions can be made effectively, even in a chaotic situation. P.J. Connolly (pj_connolly@infoworld.com) covers groupware, messaging, networking, and security for the InfoWorld Test Center. Get this column free via e-mail each week. Sign up at www.iwsubscribe.com/newsletters .  RELATED SUBJECTS  SecurityMORE > SPONSORED WHITE PAPERS 
SPONSORED LINKS
|
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||
|
||||||||||
