Thursday, March 1, 2012

Configuring Server Security Compliance

Print Friendly and PDF

Apply Defense-in-Depth to Increase Security

Defense-in-depth provides multiple layers of defense to protect a network environment.

Policies, Procedures, and Awareness - Security documentation and user education

Physical Security - Guards and/or locks

Perimeter - Firewalls

Internal Network - Network segments (subnets), IPSec

Host - OS hardening (latest patches and updates), authentication

Application - Application hardening and testing, antivirus patches

Data - ACLs (Access Control Lists/permissions), encryption, EFS (Encrypting File System)