Security Basics
Firewall Patching - Best Paractices Aug 10 2012 12:29PM
Phil Hanna (subscription geeksvictoria com au) (3 replies)
Re: Firewall Patching - Best Paractices Aug 10 2012 03:41PM
gig (gigabit satx rr com)
Phil,

in our shop, Info Sec has the job of being aware of patches for
firewalls/infrastructure.

we work with the IT Operations team to figure out if the patch is even
applicable to our configuration.

if so, we work together to assess the risk...then decide if it's an
immediate patch or if it can wait.

the risk assessment process is critical because it gives you the flexibility
to react in the best way, if you have honest conversations from both points
of view (info sec and IT Ops)

----- Original Message -----
From: "Phil Hanna" <subscription (at) geeksvictoria.com (dot) au [email concealed]>
To: <security-basics (at) securityfocus (dot) com [email concealed]>
Sent: Friday, August 10, 2012 7:29 AM
Subject: Firewall Patching - Best Paractices

> Hi All,
>
> I'm looking for opinion for what are the industry's best paractice for
> managing the upgrdae/patches to the firewalls. I'm devloping a process
> to have the firewall updated/checked for patches regulary but looking
> for opinion how other folks are doing it. My ideas are following:
>
> - A mailing list for the company with all InfoSec community part of it
> and then subscripte that list for updates from Cisco, Checkpoint.
> * for Cisco, I've found the lists but for Checkpoint I couldn't figure
> out where to subscribe.
>
> - Infosec reffers the update/patch to the network teams and they
> consider the risk factor and asses if the patch needs to be
> immediately applied for at some regular cycle.
>
> thanks,
> P
>
> ------------------------------------------------------------------------

> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL
> certificate. We look at how SSL works, how it benefits your company and
> how your customers can tell if a site is secure. You will find out how to
> test, purchase, install and use a thawte Digital Certificate on your
> Apache web server. Throughout, best practices for set-up are highlighted
> to help you ensure efficient ongoing management of your encryption keys
> and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> ------------------------------------------------------------------------

>
>

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]
Re: Firewall Patching - Best Paractices Aug 10 2012 12:52PM
rrprecilla gmail com
RE: Firewall Patching - Best Paractices Aug 10 2012 12:51PM
Joseph Laico (LAICO 0IS US) (1 replies)
Re: Firewall Patching - Best Paractices Aug 10 2012 03:49PM
gig (gigabit satx rr com)


 

Privacy Statement
Copyright 2010, SecurityFocus