Home Office


Alice Smith has been in marketing for 15 years. Two years ago, she decided she wanted to spend more time with her two children. She left her high-level corporate marketing job to start a freelance business at home. Now, she has hundreds of clients that pay her to give them marketing advice and create deliverables like marketing plans, product collateral, and launch campaigns.

Some of her clients were referred to her, but the vast majority found her through the Internet. Alice is fairly computer literate, so when she started her business, she hired a web designer to make her a really slick web site. The site has attracted lots of clients, and she pays the web designer to update it periodically.

The Internet is more than just an advertising tool for Alice. It is the primary way she communicates with her customers. The Internet is an inexpensive and reliable way to exchange ideas, deliver product, and conduct research for her clients.

Lately, she's had some trouble with her computer and Internet connection. It's the kids. She lets them use the computer at night because they have educational games they like and they enjoy web surfing. The problem is that the kids accidentally infect her computer with spyware and viruses.

The infections are bad enough by themselves, but they are made worse because of the following:

  • She has had calls from clients complaining that the documents and e-mails she sends them contain viruses.

  • Her Internet service provider (ISP) disconnects her from the Internet when they detect virus traffic from her computer. She really likes her ISP because they are very reliable. One of the ways they stay reliable is to disconnect infected users so that they don't infect other users. Unfortunately, she's been disconnected once or twice when she really had to get a deliverable to a client.

  • To get the ISP to restore her connection, she has to open a trouble ticket with them. They let her connect to a remediation server that has tools she can use to clean her system. Also, the remediation server has patches that the ISP requires her to apply before they restore her connection.

One of the ISP technicians suggested that HIPS might help her avoid viruses and spyware.

Limiting Factors

The only limiting factor for Alice is that she wants to make sure her children can continue to use the computer at night. They really enjoy it. Plus, it's good for them to have lots of experience with computers.

Security Policy Goals

Alice doesn't have a security policy because she's a one-person company. She does have a few goals for the IPS:

  • Prevent the kids from accidentally deleting client data.

  • Not allow the children to harm any of the programs she uses for work.

  • Stop malware from infecting her machine so that the ISP doesn't cut her off.

HIPS Implementation

The ISP technician that introduced the idea of the HIPS sent Alice a short list of Internet sites related to HIPS. As she read about the capabilities of different products, she kept a running list of her requirements for:

  • Management architecture

  • Agent configuration

Management Architecture

Alice has only one computer, so she cannot use a HIPS product that requires a dedicated management server. Also, she doesn't really want to install a big management package on her existing computer. The best option for her is a product that is designed for the home or small business user. It should be easy to use, have a local user interface for configuration changes, and have useful documentation.

Agent Configuration

Only a handful of HIPS products met Alice's management requirements. Of that handful, only two could do the other things she wanted:

  • The product has to support user-based state conditions. When the kids are logged on to her computer, the user interface should be hidden so that the kids can't turn off the tool. When Alice is logged on, she has to be able to access the HIPS user interface.

  • She needs a tool that can prevent read and write operations to the directories where the client data is stored. This policy should be enforced only when the children are using the computer.

  • Alice is not a computer expert, so she wants a product that doesn't require much configuration. It should automatically update its configuration as needed via the Internet.

Eventually, Alice found a product that met her needs, bought it, and installed it. After a brief struggle with the user-based configuration, she was able to get it to work the way she wanted. The kids could still use the computer, but it was protected.

NIPS Implementation

Alice did not even consider a NIPS because the website that the technician pointed her to focused solely on HIPS. Because of the limited size of the network, however, an NIPS would not be practical anyway.




Intrusion Prevention Fundamentals
Intrusion Prevention Fundamentals
ISBN: 1587052393
EAN: 2147483647
Year: N/A
Pages: 115

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net