Best IT Documents.com Blog


Sample Word – How to Upgrade Juniper IOS from 5.4.x to 6.x

Posted in Compliances (1300),Security (1500) by Guest on the May 30th, 2012
Comments Off on Sample Word – How to Upgrade Juniper IOS from 5.4.x to 6.x

Sample Word – Email Encryption Information Security Standard

Posted in eMail (66),Policies - Standards (600) by Guest on the May 29th, 2012
Comments Off on Sample Word – Email Encryption Information Security Standard

Sample Word – XML Data Exchange Standard

Comments Off on Sample Word – XML Data Exchange Standard

Building blocks of a comprehensive Business Continuity Program

Comments Off on Building blocks of a comprehensive Business Continuity Program

Sample Visio – McAfee ePO Firewall Architecture

Comments Off on Sample Visio – McAfee ePO Firewall Architecture

Sample Visio – Enterprise Technology Refresh Roles & Responsibilities

This Sample Visio applies to Technology Refresh workstreams for:

  1. Windows 7 upgrades,
  2. Windows 7 migrations
  3. Citrix Migrations
  4. VMWare Migrations
  5. Desktop Optimizations
  6. Application upgrades,
  7. Application Migrations

Enterprise Technology Refresh Roles & Responsibilities

 http://www.bestitdocuments.com/Services.html

 

Comments Off on Sample Visio – Enterprise Technology Refresh Roles & Responsibilities

Sample Word – Research and Visualization Tools

Posted in Compliances (1300),Security (1500),Virtual - VMWare (30) by Guest on the May 28th, 2012
Comments Off on Sample Word – Research and Visualization Tools

300+ Visio – Downloadable Enterprise Stencils

Posted in Compliances (1300),Visio Samples - Stencils (457) by Guest on the May 27th, 2012
Comments Off on 300+ Visio – Downloadable Enterprise Stencils

400+ Visio – More Downloadable Enterprise Visio Stencils

Posted in Visio Samples - Stencils (457) by Guest on the May 27th, 2012
Comments Off on 400+ Visio – More Downloadable Enterprise Visio Stencils

Firewall Audit Checklist

Security Elements

Review the rule sets to ensure that they follow the order as follows:

  • Ati-spoofing filters (RFC 1918: Blocked private addresses, internal addresses appearing from the outside)
  • User permit rules (Commonly allowed:  HTTP to public web server)
  • Management permit rules (SNMP traps to network management server)
  • Noise drops (discard OSPF / HSRP overhear)
  • Deny and Alert (Event Management)
  • Deny and log (Syslog Analysis) 

Firewalls operate on a first match basis, thus the above structure is important to ensure that suspicious traffic is kept out instead of inadvertently allowing them in by not following the proper order.

Application based firewall 

Ensure that the administrators monitor any attempts to violate the security policy using the audit logs generated by the application level firewall. Alternatively some application level firewalls provide the functionality to log to intrusion detection systems. In such a circumstance ensure that the correct host, which is hosting the IDS, is defined in the application level firewall. 

Ensure that there is a process to update the application level firewall’s vulnerabilities checked to the most current vulnerabilities. 

Ensure that there is a process to update the software with the latest attack signatures. 

In the event of the signatures being downloaded from the vendors’ site, ensure that it is a trusted site. 

In the event of the signature being e-mailed to the systems administrator, ensure that digital signatures are used to verify the vendor and that the information transmitted has not been modified en-route. 

Review the denied URL’s and ensure that they are appropriate for e.g. any URL’s to hacker sites should be blocked. In some instances organizations may want to block access to x-rated sites or other harmful sites. As such they would subscribe to sites, which maintain listings of such harmful sites. Ensure that the URL’s to deny are updated as released by the sites that warn of harmful sites. 

Ensure that only authorized users are authenticated by the application level firewall.

            Stateful inspection 

Review the state tables to ensure that appropriate rules are set up in terms of source and destination IP’s, source and destination ports and timeouts. 

Ensure that the timeouts are appropriate so as not to give the hacker too much time to launch a successful attack. 

For URL’s

  • If a URL filtering server is used, ensure that it is appropriately defined in the firewall software. If the filtering server is external to the organization ensure that it is a trusted source.
  • If the URL is from a file, ensure that there is adequate protection for this file to ensure no unauthorized modifications. 

Ensure that specific traffic containing scripts; ActiveX and java are striped prior to being allowed into the internal network. 

If filtering on MAC addresses is allowed, review the filters to ensure that it is restricted to the appropriate MAC’s as defined in the security policy.

Logging  

Ensure that logging is enabled and that the logs are reviewed to identify any potential patterns that could indicate an attack.

Port restrictions  

Service

Port Type

Port Number
DNS Zone Transfers TCP  53 
TFTP Daemon UDP 69
Link TCP 87
SUN RPC TCP & UDP 111
BSD UNIX TCP 512 – 514
LPD TCP 515
UUCPD TCP 540
Open Windows TCP & UDP 2000
NFS TCP & UDP 2049
X Windows TCP & UDP 6000 – 6255
Small services TCP & UDP 20 and below
FTP TCP 21
SSH TCP 22
Telnet TCP 23
SMTP (except external mail relays) TCP 25
NTP TCP & UDP 37
Finger TCP 79
HTTP (except to external web servers) TCP 80
POP TCP 109 &110
NNTP TCP 119
NTP TCP 123
NetBIOS in Windows NT TCP &UDP 135
NetBIOS in Windows NT UDP 137 & 138
NetBIOS TCP 139
IMAP TCP 143
SNMP TCP 161 &162
SNMP UDP 161 &162
BGP TCP 179
LDAP TCP &UDP 389
SSL (except to external web servers) TCP 443
NetBIOS in Win2k TCP &UDP 445
Syslog UDP 514
SOCKS TCP 1080
Cisco AUX port TCP 2001
Cisco AUX port (stream) TCP 4001
Lockd (Linux DoS Vulnerability) TCP &UDP 4045
Cisco AUX port (binary) TCP 6001
Common high order HTTP ports TCP 8000, 8080, 8888

http://bestitdocuments.com/Services.html

 

Comments Off on Firewall Audit Checklist

Notes: Secure Platform – Splat – Operating System Specific

Secure Platform – Splat – Operating System Specific Notes:

ifconfig –a or ifconfig <interface name>

Display the status of the currently active interfaces 

uname -a

Prints information about the current system on the standard output 

netstat – nr

Display kernel routing table 

top

Display real-time statistics, system summary information and tasks 

netstat –i

Display interface in / out / error / drop packets statistics 

uptime

Display the time since last reboot 

vmstat or vmstat <time interval in sec> 

/bin/data

Display current system date and time 

ping <ip address>

Check if the firewall has connectivity 

df – kh

Report file system disk usage 

mount /mnt/cdrom

Mount a cdrom 

ethtool <interface>

Check interface speed / duplex and connectivity 

dmesg or dmesg | more

Display last output of the console 

tail – 100 / var/log/messages or tail –f /var/log/messages (view in realtime) 

free

Display amount of free and used memory in the system 

cat /proc/interrupts

Verify how interfaces are balanced across the different IRQ’s 

modprobe usb-storage; mount <device> <mount point>

Mount a USB device

grep admin / etc/scpusers | wc –1

echo admin >> /etc/scpusers 

swapon –s

Display swap usage summary 

shutdown

Shutdown a SPLAT box 

ip route add <x.x.x.x> via <gw> ; /bin/save_route –save (to make it permanent)

Add a static route 

ip route del <x.x.x.x> via <gw> ; /bin/save_route –save (to make it permanent)

Delete a static route 

arp –an

Show arp entries 

ip route get <x.x.x.x>

Check which route a certain IP will take 

Shows the machines serial number

/usr/sbin/dmidecode | awk –F” : “ ‘  

fw ver

View installed firewall version 

fw stat

View last policy installed on the gateway 

cplic printlic

Display CheckPoint licences installed 

fwaccel stat

Verify SecureXL is enabled 

cpd_sched_config_print

Verify NTPD is enabled 

cpstop ; cpstart

Restarting the firewall processes 

cat $FWDIR/conf/discntd.if

Firewall unused cluster interfaces are defined 

cphaconf debug_data

Verify the cluster MAC addresses of the cluster interfaces

cphaprobe stats

Show the cluster status 

fw ctl get int fw_salloc_total_alloc_limit

Shows the FW kernel memory usage 

fw tab –t connections –s (show) ; fw tab –t connections –x

Shows and clears the FW connections table 

cphaprob –I list

List all monitored processes 

cphaprob –a if

List health of CCP protocol and cluster monitoring (run on both) 

fw ctl multik stat

Verify CoreXL is enabled and display multi-kernal statistics

 

Comments Off on Notes: Secure Platform – Splat – Operating System Specific

Sample Visio – Checkpoint Firewall

 Free Visio document download

High Level Checkpoint Firewall

Checkpoint Firewall

 

Suggested specific ports to block from a edge routers and firewalls:

Refer to SANS/FBI Top Twenty List. Blocking these ports is a minimum requirement for perimeter security.

Comments Off on Sample Visio – Checkpoint Firewall

Great Reference: Ciscp PIX show access-list

Posted in Business (600),Compliances (1300),Networking (340),Security (1500) by Guest on the May 25th, 2012

 Free – Document download

Ciscp PIX show access-list

 

 Great Research Reference

 

Comments Off on Great Reference: Ciscp PIX show access-list

Great Reference: Access Control Lists and Content Filtering

Posted in Business (600),Compliances (1300),Networking (340),Security (1500) by Guest on the May 25th, 2012

 Free – Document download

Access Control Lists and Content Filtering

 

Comments Off on Great Reference: Access Control Lists and Content Filtering

Sample Visio – Configuring Firewalls When Managing Oracle Application Server

If you are using Grid Control to manage instances of Oracle Application Server, there may be other ports that you need to access through a firewall, depending upon your configurations.

For example, when you are monitoring the performance of your Oracle Application Server instance from the Grid Control Console, you can click Administer on the Application Server Home page to display the Application Server Control Console. If the Oracle Application Server target you are monitoring is separated from the Grid Control Console by a firewall, you will need to configure the firewall to allow an HTTP or HTTPS connection through Application Server Control Console port (usually, 1810).

The Agent is secured by a password

To secure the Management Agent of the new Management Service, use the following command:

emctl secure agent <password_to_secure_agent_against_new_mgmt_service> 

Use a text editor to open the file and locate the EMD_URL property.

For example: 

EMD_URL=http://managed_host1.corpnet.com:1813/emd/main

Modify the port number in the EMD_URL property so the Management Agent uses a new unused port on the managed host.

For example:

EMD_URL=http://managed_host1.acme.com:1913/emd/main

Free – Document download:

Oracle OMS Visio Drawing

http://www.bestitdocuments.com/IT_Business_solutions.html

 

Comments Off on Sample Visio – Configuring Firewalls When Managing Oracle Application Server

Sample Word – Enterprise Manager Grid Control Server

Posted in Compliances (1300),Security (1500) by Guest on the May 25th, 2012

The topology viewer is supported only on Internet Explorer Grid Control offers you several tools to help diagnose service problems and determine the potential causes. 

Performing configuration management for:

  • Configuration Information
    • Startup
    • Backup
    • Shutdown
    • Jobs
    •  Job Activity
    • Configuration Comparison
    • Policy Management
    • Compliance
      • Monitor

Free – Document download

Enterprise Manager Grid Control Server 

 http://www.bestitdocuments.com/IT_Business_solutions.html

 

Comments Off on Sample Word – Enterprise Manager Grid Control Server

Sample Visio – Oracle Management Server (OMS)

Free – Document download

Oracle Management Server (OMS)

You can search My Oracle Support (formerly Metalink) for Oracle software patches and patchsets, and download these patches or patch sets to an appropriate location in the OMS Oracle home of Enterprise Manager. 

The direction of the arrows specify the direction of ports.

  • Port 1159, 4898-4989 specify that 1159 is the default. If this port is not available, the management Service will search in the range that is specified.
  • To clone between two target hosts separated by a firewall, the agents will need to communicate to each other on the agent ports.
  • The initiating agent will make the call. 

Configuring the Firewall to Allow Incoming Management Data from the Management Agents

While the Management Agents in your environment must contact the Management Agents on your managed hosts, the Management Service must also be able to receive upload data from the Management Agents. If the Management Service is behind a firewall, you must configure the firewall to allow the Management Agents to upload data on the upload port. 

See:

http://www.scribd.com/doc/49302050/Oracle-Enterprise-Manager procedures and port assignments.

After you determine the port number assigned to the Management Service upload port, you must then configure the firewall to allow incoming HTTP or HTTPS traffic (depending upon whether or not you have enabled Enterprise Manager Framework Security) on that port. 

  • SSH (Secure Shell) Setup
  • SSH Setup is the connectivity that is established between the host running Oracle
  • Management Service and the host where the Management Agent needs to be installed.
  • This is primarily required for the Agent Deploy application to install Management. 

Agents over HTTP on remote hosts.

The Agent Deploy application is an application that is part of the Enterprise Manager Grid Control console. It is used for deploying Management Agents in your environment using an interactive user interface. The installation of a Management Agent from the source host to the remote target host happens over HTTP, and for this communication to happen over HTTP, an SSH setup is required between the two hosts. This also helps to avoid SSH authentication calls during future Agent Deploy operations. 

Firewalls between the Management Service and the Management Repository

Secure connections between the Management Service and the Management Repository are performed using features of Oracle Advanced Security. As a result, if the Management Service and the Management Repository are separated by a firewall, you must configure the firewall to allow Oracle Net firewall proxy access. 

SSH Setup is required if you are installing a Management Agent using Enterprise Manager 10g Grid Control Release 3 (10.2.0.3) or higher, but you do not have to set it up manually. 

In Enterprise Manager 10g Grid Control Release 3 (10.2.0.3) or higher, the Agent Deploy application sets up and drops the SSH connectivity automatically, but if the Management Agent is going to be on a Microsoft Windows operating systems, then you need to install and configure Cygwin on that host. 

Therefore, if you are installing a Management Agent using Enterprise Manager 10g Grid Control Release 3 (10.2.0.3) or higher, then you do not have to set up the SSH connectivity manually, but have to install Cygwin for Microsoft Windows hosts. So you do not have to run the SSH script (sshUserSetup.ssh/sshUserSetupNT.ssh, sshConnectivity.sh) before starting with the Agent Deploy application. 

This site is your central information source for all Enterprise Manager extensibility information. Partners can build plug-ins for their products, and post the plug-ins there. Customers who want to monitor their custom applications can download documentation and tutorials on how to build custom plug-ins. In addition to tutorials and the latest documentation, you can download ready-to-use Management Plug-ins developed by Oracle as well as third-party integrators. Because this list is continually being updated, you should check the Extensions Exchange site regularly. 

Management Plug-ins that are currently available include:

  • BEA WebLogic Plug-In
  • Check Point Firewall Plug-in
  • EMC Celerra Plug-in
  • F5 BIG-IP Local Traffic Manager Plug-in
  • IBM DB2 Database Plug-in
  • IBM WebSphere Plug-in
  • Juniper Netscreen Firewall Plug-in
  • Microsoft SQL Server Plug-in
  • Microsoft Active Directory Plug-in
  • Microsoft BizTalk Server Plug-in
  • Microsoft Commerce Server Plug-in
  • Microsoft Internet Information Services (IIS) Plug-in
  • Microsoft Internet Security and Acceleration (ISA) Server Plug-in
  • Microsoft .NET Framework Plug-in
  • NetApp Filer Plug-in

http://www.bestitdocuments.com/IT_Business_solutions.html

 

Comments Off on Sample Visio – Oracle Management Server (OMS)

Sample Word – Firewall Technology Selection Considerations

Posted in Compliances (1300),Firewalls (75),Networking (340),Security (1500) by Guest on the May 24th, 2012

Criteria that could be used to evaluate and compare firewall technologies: 

  • Extent to which a firewall must support and enforce a usage (e.g., Internet) policy
  • Adherence to an existing agency standard that details the specific firewall that should be acquired
  • Existence of a certification or warranty by the vendor to perform in an acceptable manner
  • Traffic volume and connectivity requirements that the firewall must support
  • Specific hardware and software required by the firewall
  • System administrative skills required to support the firewall and what vendor support is available
  • Cost of firewall 

Current performance considerations: 

  • Firewalls can range from host based personal firewalls serving a single user and a simple security policy to networked based enterprise firewalls serving large organization’s with complex security policies. 
  • The costs can range from around one hundred dollars to over ten thousand dollars.
  • Packet filtering firewalls tend to be faster than application-level firewalls and consequently tend to have greater throughput and lower latency.
  • Firewall appliances, at the low end, do not require extensive OS expertise, thus reducing the amount of support time required to keep the firewall secure, where-as high end enterprise firewalls tend to be quite complex, requiring extensive OS and maintenance expertise.

Free – Document download

More educational details on firewalls

 

Comments Off on Sample Word – Firewall Technology Selection Considerations

Sample MindMap – Free Downloadable Files

Posted in Mindmap (100) by Guest on the May 23rd, 2012
Comments Off on Sample MindMap – Free Downloadable Files

Sample Word – Technical Writing Style Guide

Posted in Business (600) by Guest on the May 23rd, 2012

Word Document download.   Author unknown,

Technical Writing Style Guide

http://bestitdocuments.com/Services.html

Comments Off on Sample Word – Technical Writing Style Guide

Sample – Enterprise Project Management

Posted in Business (600),Compliances (1300),Security (1500) by Guest on the May 22nd, 2012

Project Statement

The project statement is a modified version of the form provided as part of the Organizations Project Management Methodology.  At each phase of the project, the project statement should be reviewed to insure it remains current and accurate. A blank project statement form may be found on the Corporate web site under “Templates”. 

The project statement identifies:

  • Project planners
  • Sponsor
  • Project manager
  • Technical lead
  • Assumptions
  • Business problem
  • Statement of work
  • Goals & objectives
  • Success factors (project scope)
  • Planning budget & timeline
  • High level plan & timeline 

Risk Analysis Assessment

  • Staffing & Skills Assessment 

What are the skills required to complete this project?

  • Project management
  • Web
  • Middle-ware
  • Unix, Linux, Microsoft, Novell administration
  • Database expertise (Oracle, Microsoft SQL, MySQL, DB2, etc..)
  • Authentication
  • Security
  • Application management
  • Training
  • Do we have the necessary skills to begin the project?
  • Is training required before we begin?
  • Do we have sufficient staff to begin the project?
  • Has time been planned for acquiring staff?

 

Comments Off on Sample – Enterprise Project Management

Guidelines for Media Handling

Posted in Compliances (1300),Security (1500) by Guest on the May 22nd, 2012

As part of most business processes, information is generated and stored on many different types of media including paper documents, computer media (e.g., tapes, compact discs, flash drives / memory) and others. Much of the information being stored on paper and electronically is critical and can include (among others): 

  • Mission-critical data
    • Financial information 
  • Operational data
    • Sensitive information 
  • Personnel files 

Other questionnaires have covered different aspects of security as it relates to the examples listed above in areas such as backup and recovery and physical security. One aspect of securing this information that has not been covered in any detail is the protection of the media where the information is stored, which is the content of this questionnaire. 

The questions below are primarily based on the International Standards Orga­nization (ISO) 2700x information security standard for media handling. The key areas addressed in media handling include: 

  • Media management
  • Media disposal
  • Media in transit 

The questions below are a starting point in discussing security related to media handling. Other questions should be added based on the client’s specific business. 

General 

Is there a documented policy for media handling? 

Guidance: A security policy to communicate management’s position on media handling should exist. The policy should outline high-level roles and responsibilities and the requirements as they relate to media handling. 

The policy should be easily accessible to employees so they can refer to it as necessary. The policy also helps in enforcing good media handling practices.

 http://www.bestitdocuments.com/Authentication.html

 

Comments Off on Guidelines for Media Handling

Sample Word – Handy Cisco Command Reference for Network Analyst’s

Posted in Compliances (1300),Networking (340),Security (1500) by Guest on the May 22nd, 2012

 Free Word document download

Cisco Command Reference

 

Access Control 

Access Control prevents unauthorized access to—and unauthorized use of—resources.  Access controls are safeguards used to control user access to files, ports, or other system resources.  It is normally a fundamental part of an overall defense in depth strategy.  Access controls are often inherent in the application or OS software (e.g., setting file access privileges in Unix).  

In the organization’s operating environment, access controls must ensure that organization’s facilities are safe from unauthorized physical access and harm and that access is controlled for the information system resources used in those facilities.

Comments Off on Sample Word – Handy Cisco Command Reference for Network Analyst’s

Unicenter – Asset Management business benefits

Posted in Business (600) by Guest on the May 22nd, 2012

 

  • Software license compliance
  • Contract and lease management
  • Procurement Optimization
  • Asset retirement
  • Vendor auditing and risk management
  • Redistribution of assets
  • And more 

And supports IT Service Management

  • HelpDesk
  • Service Level Management
  • Service Catalog
  • Metering
  • Billing
  • Chargeback

 

Comments Off on Unicenter – Asset Management business benefits

Sample Visio – Network Management Evolution

Comments Off on Sample Visio – Network Management Evolution
Next Page »