Defense in Depth Reference Guide

Security Strategies to Protect Small Business

Defensive Layer 1: Blocking Attacks – Network Based

1. Firewalls (Must Have)
   • Firewalls:
     • PIX firewall
     • SonicWall

      

2. Secure Email – Anti-Virus and Anti-Spam (Must Have)
   • Remote protection
     • All Covered Email Protection
   • Localized Protection
     • Symantec AntiVirus Gateway Solution
     • Trend Micro™ InterScan VirusWall
     • McAfee Secure Web Gateway

      

3. Secure Web Filtering (Should Have)
   • WebSense
   • Surf Patrol from Vantage Software
   • eTrust® Secure Content Manager from CA
   • SonicWall Content Filtering Service

    

4. Discovery and Mitigation (Should Have)
   • Quarterly scan and assessment of the network for vulnerabilities and exploits
   • MBSA
   • HFNetcheck
   • Languard

    

5. Intrusion Prevention (IPS) (Enhancement)
   • SonicWall and PIX firewalls
   • MyTek Managed Security

    

6. Intrusion Detection (IDS) (Enhancement)
   • MyTek Managed Security
   • Juniper Networks IDP 50
   • Snort

    

7. Managed Security Services (Enhancement)
   • MyTek Managed Security

    

Defensive Layer 2: Blocking Attacks – Host Based

1. Personal Anti-virus (Must Have)
   • Symantec Anti-Virus
   • McAfee Anti-Virus
   • Trend Micro

    

2. Spyware Removal (Must Have)
   • Spysweeper from Webroot
   • Adaware from Lavasoft
   • Spybot search and destroy from Safer Networking
   • Windows® Defender (Beta 2) from Microsoft

    

3. Personal Firewalls (Should Have)
   • Windows XP SP2 Firewall
   • ZoneAlarm Pro from Zone Labs
   • Black Ice defender from Internet Security Systems

    

4. Host Intrusion Prevention System (Enhancement)
   • Symantec Critical System Protection
   • McAfee Host Intrusion Prevention for desktops and servers
   • Blink® Endpoint Vulnerability Prevention from Eeye digital security
   • Cisco Security Agent

    

Defensive Layer 3: Eliminating Security Vulnerabilities

1. Patch and Configuration Management and Compliance (Must Have)
   • WSUS from Microsoft
   • MBSA from Microsoft
   • HFNetChkPro from Shavlik

    

2. Vulnerability Management and Penetration Testing (Should Have)
   • MyTek Managed Security
   • Core Impact from Core Security Technologies
   • Languard Security Scanner
   • Nessus

    

Defensive Layer 4: Safely Supporting Authorized Users

1. Strong Passwords (Must Have)
   • Password cannot be based on or contain the user's account name
   • Must contain at least 8 letters
   • Must contain digits and punctuation characters (%,$,@, etc.)
   • Mandatory password change every 90 days
   • Passwords can't be reused for 270 days or longer
     
     
2. File Encryption (Must Have)
   • Windows XP Encrypting File System (EFS)
   • TrueCrypt open-source disk encryption software for Windows XP/2000/2003 and Linux
   • BestCrypt v.7 for Windows from Jetico
     
     
3. Virtual Private Networks (VPNs) (Should Have)
   • Hardware to Hardware (home office firewall)
   • Software to Hardware (VPN client)

 

4. Secure Remote Access (Should Have)
   • Citrix
   • Microsoft Windows Terminal Services
   • Microsoft Windows XP Remote Desktop

    

5. ID & Access Management (Enhancement)
   • RSA SecurID® hardware tokens
   • Enterprise Access Cards by ActivIdentity

    

Defensive Layer 5: Tools to Minimize Business Losses and Maximize Effectiveness

1. Back-Up (Must Have)
   • Backup Exec from Veritas
   • Symantec Livestate Recovery Server with Restore Anywhere
   • ArcServe from Brightstore
   • Retrospect from EMC Insignia

    

2. Security Skills Development (Must Have)
   • Localized Security Seminar
   • Lunch and learn events

    

3. Log Management (Should Have)
   • Kiwi Syslogger
   • Mytek Managed Security

    

4. Regulatory Compliance Tools (Enhancement)
   • NetChk™ Compliance from Shavlik
   • Compliance solutions from NetIQ

To ensure protection in the small business environment it is critical to implement solutions at EACH Layer to provide overlapping protection.