Protecting Yourself and Your Business

The question begging to be answered is, "How do I protect myself and my business from an Internet attack?" The protection is not as difficult as you might imagine. Fortunately, the anatomy of an attack hasn't changed since the original Morris worm in 1998. Defense in depth has proven to be an effective, proactive technique. Generally speaking, companies that have deployed defense in depth have not been affected by the successful attacks of the past several years. The attacks might have circumvented some layer of defense in depth, but they were eventually stopped before they did damage, even if the attack needed to be stopped at the host targeted by the attack. Chapter 2 explains how to deploy defense in depth.

Developing a Security Policy

Because almost every company has unique networking requirements, the way you deploy defense in depth needs to be defined by means of a document called a security policy.

A security policy defines what services (network traffic) you are going to let into and out of your network and the ways that your users are allowed to use these services. This information serves as the foundation for your security policy.

A small, high-level sample of information that you should include in your security policy is as follows:

• Policies to define network services

• Policies to define how user may use network services

• Policies to define who can access your network

For an excellent in-depth discussion of the elements of and ideas for a security policy, refer to the SANS website at http://www.sans.org. You can find various papers on this site about security policies. Just search for "security policy" and determine which guidelines make sense for you and your network.

The examples in this book make various policy assumptions. The assumptions are only to help you understand the fundamental steps of deploying defense in depth. You are given enough information about how to configure your firewall that you should be able to apply your individual policy easily.