57
Developing a pre-installation security plan
Defining your security policy
Before writing your security plan
Before you begin writing rules to implement your plan using the
Symantec
Clientless VPN Gateway Administrator’s Guide
, you need to answer the following
questions:
■
What is your network topology and deypolyment scenario?
■
What types of services, such as Web, FTP, and so on, do you want to allow for
internal users?
■
To what hosts, subnets, and users do you want to allow these services?
■
What external users will have access to your network? Where will they come
from and where do you want to allow them to go? During what hours? For
what period of time?
■
Do you intend to implement a service network?
■
What types of services do you want to allow for external users and hosts?
■
What type of authentication will you require for external users? (Strong
authentication is recommended for any access from public networks.)
Becoming security-conscious
Developing and implementing a security plan for the security gateway you are
installing should be only one part of your overall security policy. The security
gateway offers the best protection against uninvited entry into your network.
However, the Symantec Clientless VPN Gateway 4400 Series cannot guard
against entry by people who obtain valid authentication credentials, any more
than a sophisticated lock can stop a thief in possession of the right key.
Formulate goals
Take the time to formulate the specific goals of your security plan. Identify the
resources you are protecting and all possible threats. Protecting your resources
from unauthorized external
users maybe only one of your goals. You may also
need to limit internal
access to certain systems to specific users and groups,
within specific time periods. You will need to define these users and groups for
the firewall and how to configure special services to be passed through these
systems. The
Symantec Clientless VPN Gateway Administrator’s Guide
explains
how to define users and user groups.
Review issues
You should review your organization’s specific issues in detail before you begin
configuring the server. Your network’s security depends on planning sound
Summary of Contents for 4400 Series
Page 20: ...16 Installing the appliance About model 4460 ...
Page 58: ...54 License setup About Symantec Clientless VPN Gateway 4400 Series licenses ...
Page 74: ...70 Developing a pre installation security plan Filling out worksheets ...
Page 96: ...92 Specifications and safety Product certifications ...
Page 100: ...4 Index ...