- Remember that perimeter security is not the only thing you need to worry about. To see the big picture, you can get a roadmap from SANS. The site also has many guidelines and articles.
- Secure hosts on your network. See CIAC, NSA, the Center for Internet Security, Microsoft and other product guidelines for doing so. This includes not just servers, but workstations, too.
- Have a corporate security policy that covers everything including what admins can do, acceptable Internet access and use policy. Have management support and if people break the rules, have repercussions.
- Use firewalls and other perimeter security devices. See info on SANs site, Trusecure (the NISTS firewall guide).
- Check out products before buying -- see reviews at ICSA labs.
This was first published in June 2003