Can we please get back to the issue at hand.... On Thu, 28 Feb 2013 13:16:03 +0000 "Bill Woodcock" <[email protected]> wrote: >Ah, yes, those expensive man-hours. Security is so much easier >when you don't give it time and attention. It also doesn't work. > > > -Bill > > >On Feb 28, 2013, at 8:09, "[email protected]" ><[email protected]> wrote: > >> I knew this was coming at some point. Yes I am starting with >> Windows, it's more functional (awaits incoming) and costs less >in >> terms of expensive man hours (the hidden cost vs software) for >an >> Linux guru to run and monitor the network. >> >> On Thu, 28 Feb 2013 13:03:00 +0000 "Bill Woodcock" ><[email protected]> >> wrote: >>> You want to do this securely, and you're _starting_ with >Windows? >>> >>> >>> -Bill >>> >>> >>> On Feb 28, 2013, at 7:40, "[email protected]" >>> <[email protected]> wrote: >>> >>>> Hi, >>>> We are a human rights NGO that is looking to invest in the >best >>>> possible level of network security (protection from high-level > >>>> cyber-security threats, changing circumvention/proxy to >protect >>> IP >>>> address etc, encryption on endpoints and server, IDS/Physical >>> and >>>> Software Firewall/File Integrity Monitoring, Mobile Device >>>> Management, Honeypots) we can get for a our internal network. >I >>> was >>>> wondering if people would critique the following network, add >>>> comments, suggestions and alternative methods/pieces of >>> software. >>>> (Perhaps if it goes well we could make a short paper out of >it, >>> for >>>> others to use.) >>>> >>>> -Windows 2012 Server >>>> -VMWare virtual machines running Win 8 for remote access >>>> -Industry standard hardening and lock down of all OS systems. >>>> -Constantly changing proxies >>>> -PGP email with BES >>>> -Cryptocard tokens >>>> -Sophos Enterprise Protection, Encryption and Patch management >>>> -Sophos mobile management >>>> -Encrypted voice calls for mobile and a more secure >alternative >>> to >>>> Skype via Silent Circle. >>>> -TrueCrypt on all drives - set to close without use after a >>>> specific time >>>> -Easily controlled kill commands >>>> -False and poison pill files >>>> -Snort IDS >>>> -Honeypots >>>> -Tripwire >>>> -Cisco Network Appliance >>>> -No wifi >>>> -Strong physical protection in a liberal country as regards >>> human >>>> rights >>>> >>>> I know there are many other factors, good training, constant >>>> monitoring, avoiding spearfishing, penetration testing, etc >but >>> if >>>> possible I would please like to keep the conversation on the >>>> network design and software. >>>> >>>> Thanks guys. >>>> -Anon >>>> >>>> -- >>>> Too many emails? Unsubscribe, change to digest, or change >>> password by emailing moderator at [email protected] or >>> changing your settings at >>> https://mailman.stanford.edu/mailman/listinfo/liberationtech >>> >>> -- >>> Too many emails? Unsubscribe, change to digest, or change >password >>> by emailing moderator at [email protected] or changing your > >>> settings at >>> https://mailman.stanford.edu/mailman/listinfo/liberationtech >>
-- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
