Problem solve Get help with specific problems with your technologies, process and projects.

Securing Web/mail servers with ISA firewall

We are a new company and I have been assigned the task of securing our web servers and mail/web access servers. I am using ISA Server for the access and firewall. I have stealthed all ports except 21, 25, 1701 and 1723. I have only allowed the following protocols on the Network Card using IP filtering: 21, 25, 80, 1701 and 1723. Since I am new to the security side of networking I wondered if you could tell how secure you think this setup is and if you have any advice on securing it further.

First of all, welcome to the world of Internet security! Without having a good understanding of your company and how you are using the Internet, it is hard for me to say that the security you have in place is enough. Suffice it to say that there is no such thing as enough security! As I understand your question, you are only allowing the ports you mentioned. I therefore assume you have everything locked down and are only allowing data from those ports to be let in. If this is correct, then you are certainly on your way to secure your system.

However security does not stop there. You should also consider how you are protecting your system from "internal" attacks. A very large portion of hacking occurs from inside the organization. Are you protecting your data and information using Access Control Lists? Do your users use passwords to logon?

Attacks come in different flavors and methods. One for instance is virus attacks in the form of e-mail attachments. Others could be some type of denial-of-service attack to your web server via port 80. Based on your email, you are allowing FTP communications. Many people forget to not allow anonymous logons, therefore allowing anyone to gain access to the FTP server.

You should also be looking at three areas in data security: data integrity, data confidentiality and data availability. If you can put security controls in place to handle all three, you are well on your way!

Dig Deeper on Enterprise desktop management

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.