Network Security in the workplace

Discussion in 'other software & services' started by nixie21, Nov 28, 2007.

Thread Status:
Not open for further replies.
  1. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    The Network admin wants to meet with me to see my thoughts on security (knowing I spend a lot of time reading Hijack logs and helping people). Since I would love to get into network security I would love to bring some good ideas to the table. Right now they only have symantec corporate AV and a firewall (barracuda?). They have a ton of workstations and servers (web server, exchange...) What other things would you recommend the company add for protection? I do not think they will change from symantec, but there is a chance.

    Thanks!
     
  2. dNor

    dNor Registered Member

    Joined:
    Oct 3, 2007
    Posts:
    212
    Location:
    Irvine, CA, USA
    Individual advice is a bit hard, especially with the information given, considering there's countless variables to consider for your network. What's important for one network isn't necessary in another.

    Strong policies and effective auditing along with a well configured firewall/VPN and switch management is a common answer, as well as keeping current with updates and patches.

    Running an analyzer such as MBSA, Security Manager Plus, and QualysGuard can point out and help resolve security issues and risks that weren't known.
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,694
    Hello,
    Strictly related to network, or general advice for corporate lans?
    Mrk
     
  4. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    A guess a bit of both? I agree it is hard, but I am not a network person (I am a programmer) with a security hobby. I am pretty good on the pc level, but not network....
     
  5. appster

    appster Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    530
    Location:
    Paradise (Hawaii)
    Reading this may provide a beginning in grasping the issues. ;)
     
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Hi Nixie

    Probably one of the best recommendations, would be every person who has access to any servers, should use a different password for every server he accesses. Watched a Microsoft presentation a while back, where one of the MS guys responsible for an attack was able to crack into the admin servers only because one guy used the same password on the admin servers he used on some of the general ones. He didn't need the passwords, he did it by retrieving password hashes and finding a match.

    It can be a pain for the guy that has 30 servers, and most folks being lazy will use the same password.

    Pete
     
  7. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    Thanks for the replies!
     
Loading...
Thread Status:
Not open for further replies.