|
Hi: I am
facing some IT policy questions and wanted to get some perspectives. In each of
these areas, I am trying determine how restrictive I need to be. The client has
four sites connected over high-speed links. I have good backing from management
but will undoubtedly get resistance on some of these. The
client is small, under 200 employees with most in one office. Some small field
offices are not managed (i.e., have workgroup networks, often with a small
server, but no AD). There are no SOX requirements and the data are not
sensitive (e.g., no credit cards). Almost entirely Windows XP; all DC’s
run W2k3. Any
thoughts on these topics welcome. Connecting
to the wired network. They do not run any IDS or
machine-based authentication. Given that, written policy carries some weight. I
want to require all non-domain machines to connect only to a “public”
VLAN that goes only to the Internet. I would apply this even to staff “personal”
computers, those of contractors (including me), and machines from those field
offices that are not on the domain. VPN.
They run a Cisco VPN. I want to distribute the client only to domain-based
machines. Others want the client for their home computers, etc. Other
Operating Systems. I don’t want to allow other OS’s
on the network, unless we manage them. But what is the threat posed by a Linux
or OS X box on the network? As
always, many thanks. --
nme -- |
- [ActiveDir] OT: Security Po... Noah Eiger
- RE: [ActiveDir] OT: Se... Brian Desmond
- RE: [ActiveDir] OT... Noah Eiger
- Re: [ActiveDir... Al Mulnick
- Re: [ActiveDir... Laura E. Hunter
- RE: [Activ... Brian Desmond
- RE: [ActiveDir... Brian Desmond
- RE: [Activ... Noah Eiger
