Results 1 to 8 of 8

Thread: Any IT Security Experts Around?

  1. #1
    LWA
    LWA is offline
    Senior Member
    Join Date
    Jul 2003
    Location
    London
    Posts
    2,171
    Thanks
    134
    Thanked
    57 times in 41 posts

    Question Any IT Security Experts Around?

    Dear all,
    Firstly apologies for posting this in GD but I couldn't find a better home for it....

    I'm currently researching the IT security hardware required to secure two businesses with around 600 employees at one location and 200 at another.

    The sites will have some Internet facing applications (such as an ordering customer portal). The businesses invest a lot of money in R&D and as such have a large amount of intellectual property to protect.

    I have some knowledge around firewalls and intrusion detection but lack knowledge in the ability to design and cost an overall system. Are there any experts on Hexus that can offer me some guidance?

    Edit: I should add that prior to a divestment the businesses would have been tied into a corporate WAN and would have behind a corporate firewall (and other relevant technology)

    Many thanks in advance,
    Leon

  2. #2
    Senior Member
    Join Date
    Mar 2005
    Posts
    4,944
    Thanks
    171
    Thanked
    387 times in 314 posts
    • badass's system
      • Motherboard:
      • ASUS P8Z77-m pro
      • CPU:
      • Core i5 3570K
      • Memory:
      • 32GB
      • Storage:
      • 1TB Samsung 850 EVO, 2TB WD Green
      • Graphics card(s):
      • Radeon RX 580
      • PSU:
      • Corsair HX520W
      • Case:
      • Silverstone SG02-F
      • Operating System:
      • Windows 10 X64
      • Monitor(s):
      • Del U2311, LG226WTQ
      • Internet:
      • 80/20 FTTC

    Re: Any IT Security Experts Around?

    Best thing to do is get a 3rd party to design it for you. I have some contacts but it depends on where in the country you are based.
    "In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship."

  3. Received thanks from:

    LWA (13-10-2012)

  4. #3
    LWA
    LWA is offline
    Senior Member
    Join Date
    Jul 2003
    Location
    London
    Posts
    2,171
    Thanks
    134
    Thanked
    57 times in 41 posts

    Re: Any IT Security Experts Around?

    Badass, appreciate the reply. However We're still in the hypothetical hence me asking some generic questions rather than engaging a security specialist.

    I was hopeful I could get some base ideas (and therefore a budget) prior to engaging a third party.

    Thanks.

  5. #4
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: Any IT Security Experts Around?

    I think I'd be looking at separating the business side away from the R&D side.

    But you need to start thinking about threat assessment, and internal education. While technical measures are an important part of a security solution, the greatest risk is from the users.

    You also need to formulate some security policies, based on the threat and ridk assessment, and then build your security solution round those.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  6. Received thanks from:

    LWA (14-10-2012)

  7. #5
    Seriously casual gamer KeyboardDemon's Avatar
    Join Date
    Feb 2012
    Location
    London
    Posts
    3,013
    Thanks
    774
    Thanked
    280 times in 242 posts
    • KeyboardDemon's system
      • Motherboard:
      • Asus Sabretooth Z77
      • CPU:
      • i7 3770k + Corsair H80 (Refurbed)
      • Memory:
      • 16gb (4x4gb) Corsair Vengence Red (1866mhz) - (Because it looks good in a black mobo)
      • Storage:
      • Crucial M550 SSD 1TB + 2x 500GB Seagate HDDs
      • Graphics card(s):
      • EVGA GTX 980 SC ACX 2.0 (Warranty replacement for 780Ti SC ACX)
      • PSU:
      • EVGA 750 watt SuperNova G2
      • Case:
      • Silverstone RV03
      • Operating System:
      • Windows 10 Pro 64 Bit
      • Monitor(s):
      • Asus Swift PG278Q
      • Internet:
      • BT Infinity (40mbs dl/10mbs ul)

    Re: Any IT Security Experts Around?

    I thought that a security consultant would need more information than that, not just two sites with 600 + 200 users but also how many terminals, servers, network printers/devices. How they connect, IT policy information, how the company is structured and traffic priorities etc... But I'm no expert so I'll leave it for someone that knows a lot more than I do to take it from here.

  8. Received thanks from:

    LWA (14-10-2012)

  9. #6
    LWA
    LWA is offline
    Senior Member
    Join Date
    Jul 2003
    Location
    London
    Posts
    2,171
    Thanks
    134
    Thanked
    57 times in 41 posts

    Re: Any IT Security Experts Around?

    Quote Originally Posted by peterb View Post
    I think I'd be looking at separating the business side away from the R&D side.

    But you need to start thinking about threat assessment, and internal education. While technical measures are an important part of a security solution, the greatest risk is from the users.

    You also need to formulate some security policies, based on the threat and ridk assessment, and then build your security solution round those.
    Thanks for the reply. At the moment we're still at the basic cost and the type of possible hardware needed stage. I need to provide the business with some order of magnitude costs so we can start talking about where to go from here.

    Quote Originally Posted by KeyboardDemon View Post
    I thought that a security consultant would need more information than that, not just two sites with 600 + 200 users but also how many terminals, servers, network printers/devices. How they connect, IT policy information, how the company is structured and traffic priorities etc... But I'm no expert so I'll leave it for someone that knows a lot more than I do to take it from here.
    Thanks for the reply. As above really. I would certainly expect to have to go into far more detail once the professionals are on site.

  10. #7
    Mostly Me Lucio's Avatar
    Join Date
    Mar 2007
    Location
    Tring
    Posts
    5,163
    Thanks
    443
    Thanked
    445 times in 348 posts
    • Lucio's system
      • Motherboard:
      • Gigabyte GA-970A-UD3P
      • CPU:
      • AMD FX-6350 with Cooler Master Seldon 240
      • Memory:
      • 2x4GB Corsair DDR3 Vengeance
      • Storage:
      • 128GB Toshiba, 2.5" SSD, 1TB WD Blue WD10EZEX, 500GB Seagate Baracuda 7200.11
      • Graphics card(s):
      • Sapphire R9 270X 4GB
      • PSU:
      • 600W Silverstone Strider SST-ST60F
      • Case:
      • Cooler Master HAF XB
      • Operating System:
      • Windows 8.1 64Bit
      • Monitor(s):
      • Samsung 2032BW, 1680 x 1050
      • Internet:
      • 16Mb Plusnet

    Re: Any IT Security Experts Around?

    Even at the research stage, you should consider contacting the appropriate professionals for a quotation. Any figures you work out now will be at best inaccurate, and at worst, used to argue against best practice.

    In very very general terms, the chances are a site as large as yours should already have the equipment, both hardware firewalls on your network switches and appropriate proxy servers. As such, your main costs will likely be consultancy and ongoing support, which to cost up, you need to get a quote

    (\___/) (\___/) (\___/) (\___/) (\___/) (\___/) (\___/)
    (='.'=) (='.'=) (='.'=) (='.'=) (='.'=) (='.'=) (='.'=)
    (")_(") (")_(") (")_(") (")_(") (")_(") (")_(") (")_(")


    This is bunny and friends. He is fed up waiting for everyone to help him out, and decided to help himself instead!

  11. Received thanks from:

    LWA (15-10-2012)

  12. #8
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    384 times in 313 posts

    Re: Any IT Security Experts Around?

    Personally I would Co-Lo the internet facing aspects to reduce the onsite attack footprint - as Peter says, divide and rule
    Consider how many layers of security you want to put in place & dont ignore physical security and layer 8 protection ( ie the Human aspect )
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  13. Received thanks from:

    LWA (15-10-2012)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •