Develop a security policy. | |
Install an intrusion prevention system. | |
Update servers and user PCs with the latest patches. | |
Install a firewall. |
access-list 101 permit tcp host 192.168.1.10 eq 80 10.1.0.0 0.0.255.255 eq 3030 | |
access-list 101 permit tcp 192.168.1.10 0.0.0.0 eq 80 10.1.0.0 0.0.255.255 | |
access-list 101 permit tcp any eq 3030 | |
access-list 101 permit tcp 10.1.129.0 0.0.0.255 eq www 192.168.1.10 0.0.0.0 eq www | |
access-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 3030 192.168.1.0 0.0.0.15 eq www | |
access-list 101 permit ip host 10.1.129.100 eq 3030 host 192.168.1.100 eq 80 |
The self-defending network should be the key point of your security policy. | |
Integrate security throughout the existing infrastructure. | |
Upper management is ultimately responsible for policy implementation. | |
Security is static and should prevent most known attacks on the network. |