none
Design a security plan RRS feed

  • Question

  • Hi i Want To Design a security plan For My Network and  all On Paper

    i want to secure hardware and software that contain Physical Security(Physical//Switch) ,

    Active Directory,DNS,DHCP what is the most important thing and steps i  need to do

    or is there something to read ?

    Thanks


    S1M0NE
    Thursday, April 21, 2011 5:52 AM

Answers

  • 1) Plan what kind of devices are you planning to use.

    2) Use MS visio to create a network diagram and propose a plan on how you want your network diagram to be.

    3) For Servers You can google it and refer to OS hardening security. GPO pushed from Domain controller. On your server portion you can install MBSA to scan for the list of patches which you want to implement.

    Then use scripts to push the patches on your servers, compile all of them and pipe them to patch.txt then replace .exe with .exe /passive /quiet /norestart. click replace all :) 

    e.g c:\kbxxxxxx.exe /passive /quiet /norestart.

    4) Network security can be located as well. E.g Port 139 > Net bios port is wise to close that port to prevent remote attacker from accessing it.

    5) Network switches you can implement port security, Vlan, packet shaping & Qos limit :) There are much more to learn about. But in any case do let me know if you need further help on that. Thus i believe there should be more information if you were to google it :)

    May u have a blessed easter :)


    Guowen Su | CCNA, CCIP, MCP, MCSA, MCSE, MCTS, MCITP, CEH | http://www.microsoft.com/en/sg/default.aspx Our Goal? VERY SATISFIED Customers. If you're not...let's talk!!
    • Proposed as answer by Soh.M Thursday, April 21, 2011 11:45 AM
    • Marked as answer by Kevin Remde Sunday, April 24, 2011 12:27 AM
    Thursday, April 21, 2011 11:44 AM

All replies

  • 1) Plan what kind of devices are you planning to use.

    2) Use MS visio to create a network diagram and propose a plan on how you want your network diagram to be.

    3) For Servers You can google it and refer to OS hardening security. GPO pushed from Domain controller. On your server portion you can install MBSA to scan for the list of patches which you want to implement.

    Then use scripts to push the patches on your servers, compile all of them and pipe them to patch.txt then replace .exe with .exe /passive /quiet /norestart. click replace all :) 

    e.g c:\kbxxxxxx.exe /passive /quiet /norestart.

    4) Network security can be located as well. E.g Port 139 > Net bios port is wise to close that port to prevent remote attacker from accessing it.

    5) Network switches you can implement port security, Vlan, packet shaping & Qos limit :) There are much more to learn about. But in any case do let me know if you need further help on that. Thus i believe there should be more information if you were to google it :)

    May u have a blessed easter :)


    Guowen Su | CCNA, CCIP, MCP, MCSA, MCSE, MCTS, MCITP, CEH | http://www.microsoft.com/en/sg/default.aspx Our Goal? VERY SATISFIED Customers. If you're not...let's talk!!
    • Proposed as answer by Soh.M Thursday, April 21, 2011 11:45 AM
    • Marked as answer by Kevin Remde Sunday, April 24, 2011 12:27 AM
    Thursday, April 21, 2011 11:44 AM
  • Hi

    there no specific device i want to use , matter is how could i secure it

    i passed MCSE in iran and i want the best way to secure my Devices And Services

    Thanks


    S1M0NE
    Sunday, April 24, 2011 6:44 AM
  • Try e-detective. Is a security content reconstruction applicances. Such device is able to track port80 for incoming and outgoing, including, p2p, msn, skype, outlook & smtp & pop3 mail services.

    Basically it is a lawful interception devices. :) this device can act as a lawful LAN interception devices. :) im certified and trained in such appliances.. :) let me know if you are keen in such devices. This device is created by Decision Group. They are well known at Taiwan, Singapore, Australia, Germany, USA and Saudi


    Guowen Su | CCNA, CCIP, MCP, MCSA, MCSE, MCTS, MCITP, CEH | http://www.microsoft.com/en/sg/default.aspx Our Goal? VERY SATISFIED Customers. If you're not...let's talk!!

    • Edited by Soh.M Sunday, April 24, 2011 1:06 PM Additional information
    Sunday, April 24, 2011 12:03 PM