Security Zones

  • Firewalls – The most important. A good firewall at the perimeter can eliminate most types of attacks if it is configured properly. The correct way to configure a firewall is to block everything, and then allow only what is needed. Businesses typically need some help with this, but it’s worth the extra expense and time.
  • Proxy / Admin Servers – It’s less expensive to use a proxy server to do filtering, monitoring, and logging rather than doing this at the firewall. These operations take significant CPU power and available storage, but a dedicated server will provide you with visibility into your network.
  • Policy & Group Policies – Set sane defaults for what users can do. Consider carefully your policies about taking data off-site.
  • Education – Users often need a clue about:
    • Threats that might result in disclosure of sensitive information
    • Threats that might result in abuse or destruction of data or network resources