home news blogs forums events research newsletter whitepapers careers


Network Computing Network Computing Network Computing
HOT PICKS

IMMERSE YOURSELF:

SOA

  |

Data Center

  |

802.11n

  |

Data Privacy

  |		 APO  |

Virtualization

  |

NAC

  |

Security

  |

Network Mgmt

  |

Enterprise Apps

  |

Storage & Servers

Letters
F E A T U R E  
Vulnerability Assessment Scanners

  January 8, 2001
  By Brooke Paul

Security Hardening and Certification

When deploying servers, you should have a process for security hardening and certification. This process will provide a standardized image that will improve not only security but also the quality of your system deployment process. The first step to putting this process in place is to develop a standard OS image for a given set of hardware. This standard image should be the "least common denominator" that you would use for a deployment and should not contain any special applications, such as database or Web services. A good start is to deploy a server using your current process, and then harden it using documented procedures for system security:

  • Hewlett-Packard Co. HP-UX: people.hp.se/stevesk/bastion.html

  • Linux: www.sans.org/newlook/publications/index.htm

  • Microsoft Windows NT: www.sans.org/newlook/publications/ntstep.htm

  • Novell NetWare: www.nwc.com/1120/1120ws1.html

  • Sun Microsystems Solaris: www.sans.org/newlook/resources/hard_solaris.htm

Hardening procedures for other operating systems can be obtained from the vendor. Some vendors can provide prehardened or "trusted" versions of their OSes.

Once you have created and tested your hardened image, you can use it as part of your standard deployment process. That process should follow five steps:

  1. Install your standard, hardened image.

  2. Add applications to provide the functionality the server needs (for example, database, application, Web and firewall).

  3. Add binary checksum software (and potentially host-based firewall or intrusion-detection software).

  4. Complete a vulnerability analysis on system (security certification step).

  5. Deploy the system into your environment.

Step 4 is a certification step that reduces the probability that the system you are about to deploy will add vulnerabilities into your environment. The quality of this certification is directly related to the quality of the vulnerability assessment product you use. Your vulnerability-assessment tools should also be used periodically to examine the systems you have deployed into your environment. This on-going security certification will help keep you ahead of any vulnerabilities that may develop because of new exploits or changes in systems configuration after deployment.

-- Brooke Paul


   Page: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | Next Page





Ready to take that job and shove it?

Function:

Keyword(s):

State:
SPONSOR
RECENT JOB POSTINGS
CAREER NEWS
10 Search Engines You Don't Know About
Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Yahoo Profits Fall 23%, Cuts 1,000 Jobs
Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

More articles from our career center










InformationWeek U.S. IT Salary Survey 2008
Salaries for business technology professionals are falling. Here's what you need to know in order to make good hiring decisions and personal career choices. Download Today
 
ROLLING RIGHT ALONG
Follow key Network Computing Reviews from conception to completion. This Week: Holistic APM.



Network Computing Reports Emerging Enterprise Podcast Series: Secrets to Success








TechSearch
Microsite of the Week


Powerful Information at Your Fingertips



techweb
Online Communities TechWebInformationWeekLight ReadingIntelligent EnterprisebMightyNetwork ComputingDark ReadingDigital LibraryWall Street & Technology
Byte & SwitchNo JitterInternet EvolutionLight Reading's Cable Digital NewsContentinopleUnStrungBank Systems & TechnologyAdvanced TradingInsurance & Technology
Face-to-Face Events
InteropWeb 2.0 ExpoWeb 2.0 SummitVoiceConBlack HatCSISoftwareEntrprise 2.0 ConferenceGTEC
 Mobile Business Expo
InformationWeek 500 ConferenceBuy Side Trading XchangeBuy Side Trading SummitBank Executive SummitInsurance Executive SummitTelcoTVEthernet ExpoOptical Expo
Magazines  
InformationWeekWall Street & TechnologyInsurance & TechnologyBank Systems & TechnologyAdvanced TradingMSDNTechNetSmart EnterpriseThe Architecture JournalDatabase Magazine
 
Research & Analyst Services  
Heavy ReadingInformationWeek ReportsInformationWeek Analytics
 
   
   
App Infrastructure   |   Messaging & Collaboration   |   Network & Systems Mgmt   |   Network Infrastructure   |   Security  |   Storage & Servers   |   Wireless   |   Enterprise Apps
About Us  |  Contact Us  |  Site Map  |  Technology Marketing Solutions  |   Briefing Centers
Copyright © 2008  United Business Media LLC  |  Privacy Statement  |  Terms of Service  |  Your California Privacy Rights