 Hello
Readers!
Need some quick advice on how to tune up security on your network? Then you’ll
appreciate today’s article by Leonard Loro. He runs down a quick list of ways
to keep the bad guys out of your internal systems without locking things up too
tightly.
| FREE
Next-Generation Business Intelligence Book
Ready
for industrial strength Business Intelligence over the Web? MicroStrategy
7i is the only Business Intelligence platform that can scale to thousands
of users and analyze multi-terabyte data warehouses. Business Objects
can't. Cognos can't. Learn how leading Fortune 500 companies rely on MicroStrategy
as their enterprise standard for Business Intelligence. Order
"An Architecture for Next-Generation Business Intelligence"
to learn more.
|
To
order your free copy,
Click here
|
Brien Posey also joins us today with a review of Alchemy Eye. Read his review
to find out if this is the right tool for your monitoring needs, or if you should
look elsewhere for a network-monitoring tool.
Okay, now it’s YOUR turn. Do you have a favorite short tale from your experiences
as a security expert? Ideally these will be humorous, though certainly astounding
examples of cluelessness as well as ironic twists will be considered. We’ll publish
the best stories and, if we get enough, we’ll make it a regular feature. Names
of companies and individuals will be withheld the innocent. Or the guilty, as
the case may be. Send your stories here: SecurityProNews
Stories.
I look forward to hearing from you!
Defense In Depth - A Layered
Approach Network Security
By Leonard Loro
External information access from partners and employees is a very important aspect
in the design of security. Corporations need to be assured that their critical
servers are safe from different internet threats. Additionally, because the Web
is worldwide, it is impossible to create a global agreement on what traffic is
inappropriate and how that traffic should be regulated. A major problem IT departments
face is how to defend critical servers from hostile network traffic and network
addresses. How do we add layers of security to protect our internet servers and
internal systems?
First Level Filters - Routers and Core Network Devices
Filtering IP addresses can be achieved using a simple router. A filter can be
created to deny access to the internal network server ports. This solution is
useful for static lists and blocking IP packets from accessing certain ports on
the network. The disadvantage is that if network policies change frequently, maintaining
a list on a daily or weekly basis can become a nightmare.
Use first level filters for static access lists that are not likely to change
much or to block unwanted services, like SQL Server access to the internet.
Second Level Filters - Firewalls and Application Layer Devices
Firewalls are a good solution for adding security to your network and preventing
outsiders from accessing your internal servers. Most firewall providers offer
tiered pricing for special features like encryption, user authentication, web-proxy
and dynamic packet filtering.
Use second Level Filters for special security requirements such as dynamic packet
filtering and user authentication.
IP Forwarding IP forwarding or NAT (Network Address Translation) allows
one server to act as the IP address for all the devices on your network. The device
provides a gateway service for all devices on the network at the IP layer and
hides your network from the outside world. Some NAT devices may include other
services like static filtering or web proxy caching.
Read
the entire article
Review of Alchemy Eye
By Brien M. Posey
One of the biggest problems associated with running a large IT organization has
always been the issue of monitoring the server’s health. Rarely do organizations
have the staff available to dedicate someone to the task of watching servers.
In most of the organizations that I have worked for in the past, the support staff
continuously kept busy with the various day-to-day activities. We usually didn’t
know that a failure had occurred until the phones started ringing. Unless of course,
we were the ones that accidentally caused the failure.
At one point, a friend of mine came up with the idea of writing a script to ping
each server every half hour or so. If the ping failed, his script would generate
an e-mail message. While my friend seemed to be on the right track, it always
seemed that the failures occurred between pings or while everyone was out to lunch
or away from their e-mail.
This is where Alchemy Eye comes in. Alchemy Eye is a product that takes the concept
of testing the servers on a periodic basis and builds on it. Alchemy Eye builds
on this concept in a couple of different ways. First, Alchemy Eye gives you a
lot of different methods for testing a server’s availability. For example, you
could test a server by performing a standard TCP/IP ping, you could check the
availability of a Web site hosted on the server, you could test the server’s SMTP
or POP3 services, the server’s disk space, and much more.
The other way that Alchemy Eye builds on the basic principle of that script that
my friend created so long ago is that it provides lots of different actions that
can be taken when a failure is detected. The most obvious of these actions are
notifications. The notifications can come in the form of E-mails, pages, or pop
up messages, or sounds. Alchemy Eye doesn’t stop there though. The software can
also react to failures by restarting the machine, restarting services, performing
a database query, running a program, or running a VB script.
Testing Alchemy Eye
Now that you know a little bit about what Alchemy Eye is and what it does, let’s
move on to the testing. For this test, I installed Alchemy Eye 4.5.7. The entire
program consumed less than 2 MB of disk space, and the installation was very quick.
After launching the program, the first thing that I saw was a completely empty
console screen with a few icons at the top. However, the icons were fairly intuitive.
All I had to do to begin the configuration process was to click the green plus
sign. This allowed me to add a server to the currently empty list.
It’s relatively easy to configure a server for testing. I was able to do it without
using the instruction book. However, I didn’t really care for the design of the
template used to configure the server. For starters, each entry that you place
on the test list can perform a single test. That means that if you had a server
that was acting as an IIS Server and as a mail server and you wanted to test both
services, you would have to create multiple entries for the server. You also have
to create multiple entries for every volume that you wish to test the disk space
for. This means that if your server has ten volumes, you’ll have ten entries for
the disk tests. Since each entry in the test list has its own output line when
the tests are run, this can result in a lot of clutter in the output portion of
the screen.
Read
this entire article
|
|