RE: A new concept for security management?

Thanks for that answer and all the other good information from everyone.

I'm coming to the conclusion that one of the following 3 things is true:

1. I wasn't clear about what my client wants
2. What he wants doesn't exist
3. What he wants doesn't exist because it can't or if it did, it would be too hard/expensive to manage

I don't believe that 3 is true, so that leaves either 1 or 2.

My client doesn't want to invest in the cost of securing his network (where have I heard THAT before?!?!) or the cost/effort of maintaining that security. Yes, just as most clients, he wants everything without having to pay for any of it. That aside, what my client wants, as best as I understand it, is VPN access to an existing, secure network. All access to the outside world would be via that network. This means that the only thing that has to run on the client machines is the VPN client, everything else would be handled by the network. That way, all the standard security stuff would be available, without the pain or cost of handling it himself.

Obviously, a typical network in a typical company would not allow an unknown user to connect to their backend network, but I thought that there might be a service of some sort that supplies that type of function. Based on what I've taken from this list and other research that I've done, something like I describe doesn't exist, at least as a service that could be purchased.

I suppose the question is now, why not? It seemed like a good idea when my client asked me about it. Am I missing something or did I just drink too much last night?

Thanks all.
KC Smith

-----Original Message-----
From: Chris Berry [mailto:compjma@hotmail.com] Sent: Friday, May 30, 2003 5:48 PM
To: security-basics@securityfocus.com
Subject: Re: A new concept for security management?

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

>From: "Keenan Smith" <kc_smith@clark.net>

Well there are three(four) things that are ABSOLUTELY necessary: 1) Anti-Virus software with auto-updating (assuming windows boxes). I recommend Norton Corporate
2) Firewall protection. I'd say the IPCOP package is probably about as easy as it's going to get, even a totally clueless person can run the updates. 3) Backups. Show them how to use Zipcentral, and Nero with a cd-rom burner 4) Auto-updating OS patches, for MS setup the auto-update feature, for linux, it depends on the distro, for example Mandrake make a cron job that runs urpmi.

This will take care of 95% of their needs nearly automatically. I take care of two companies, one of which only has five employees, and they're using that exact setup. I almost never have to do anything for them, the manager their can handle it (and he's not super technical or anything). I'd also recommned that you use the IPCOP box to set up a VPN, and get them some kind of consultant for on call support, he can then use VNC over the VPN to do any remote fixing they need. This is obviously no the only (and maybe not even the best) solution, but it's very cheap, and pretty effective.

Chris Berry
compjma@hotmail.com
Systems Administrator
JM Associates

"All I want is a few minutes alone with the source code for the universe and a quick recompile."