The Socpuppets 10 general rules for DataCenter security and operations concerns.
1:
Enforce password life-cycles ( expiration and password
lengths )
2:
Enforce policies for systems and services as required by the
users ( control who gains access and to what
)
3:
Enforce administrator
access by roles ( limit the
number of superusers , provide access by roles or deploy RBACs )
4:
Eliminate external and internal threats by using proper
traffic inspection and end-point security controls ( internal and external IPS
sensors, end-point controls )
5:
Ensure all OS and network systems software are updated and patched ( monitor software updates
and fsb , install WSUS/ SUS / )
6:
Filter traffic at the access-layer as much as possible (
don’t carry unwanted traffic across distribution, aggregation, and edge, & just to be dropped )
7:
Deploy advance UTM features ( AVC, AMP
,URL Filtering )
8:
Deploy internal services firewalls
along with access and edge ( multi-tier & statefull inspection firewalls {real or virtual} )
9:
Deploy backups on a regular basis & build a restsoral policy ( incremental, full, off-site )
10:
Deploy West & East redundant and DR DCcenters ( ensure business critical applications availability and continuity exists )
Ken Felix
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( * * )=
o
/ \
No comments:
Post a Comment