Introducing Defense-in-Depth to a Small ISP

Author: Rodney R. Anderson Published June 27, 2011 from SANS

With the recent spate of worms and vulnerabilities, and the increasing public awareness of same, a rural Internet Service Provider (ISP) requested some assistance in assessing the security of their production server and network environment. The ISP has limited in-house technical resources, and utilizes consultants on an as-needed basis. After a few service interruptions due to security-related issues (worms, web site defacement, Denial-of-Service attacks), I was asked to provide some specific recommendations on how to increase security and availability, without significantly increasing complexity or adversely affecting service usability.

Tags:

Read the complete paper at SANS