Re: E-mail filtering recommendations needed.
- From: bv@xxxxxxx (Bill Vermillion)
- Date: Tue, 04 Apr 2006 18:35:00 GMT
In article <4431F0B4.1449652D@xxxxxxx>, Steve M. Fabac, Jr.
<smfabac@xxxxxxx> wrote:
This is not and SCO UNIX specific question but I am posting it
to c.u.s.m to tap into the broad experience and acumen of the
group's members.
I have a client that has been subject to a security audit by their
major client account and I have to respond to several "action items."
Specifically, the requirement is to prohibit the use of third
party web-mail accounts (hotmail, gmail, etc..) as well as
instant messaging.
Current system configuration: A single SCO UNIX 5.0.7 Enterprise
system hosting the main application and providing SAMBA file and
print services to the Windows network. 25+ mixed Windows 98 and
Windows XP systems running terminal emulation software for UNIX
application access. Internet access is provided through a Cisco
(Linksys) 8-port cable/DSL router: BEFSR81.
E-mail for the client is provided by their Web site hosting company and
users use Outlook or Outlook express to pop e-mail from the Web hosting
company's server and send outgoing e-mail through the same server.
You could put up a local mail server which will poll the ISPs
server for local mails, and use the pop account to access that
local mail. Then the user pop accounts would be removed from
the ISP, or have a different set of passwords for the ISP accounts
that would be used by the protocol you are using to fetch the users
mail.
This way it keeps the users local.
To keep the users from using web-mail such as hotmail, gmail, etc.,
you would set the machine to use a local DNS server which has
a hosts file accessed first with bogus [eg non-routeable] addresses
for those commercial accounts.
[an aside - I do this to keep things from such places as
Jouble-click.net from appearing by mapping those names to 127.0.0.1]
1) Any recommendations on how to prevent IM and non company e-mail
providers in this environment?
On IM perhaps you could block the ports you use. The mail question
I answered before.
2) Any recommendations on examining outgoing e-mail in this environment
to prevent users from e-mailing sensitive company information including
SS numbers and protected client information?
That is going to require some extensive/complex filtering. And
if someone want's to get by this for some reason it would be easy
to work-around - such as spelling SSN's in text.
Make sure that client sensitive information can't be captured
locally to be sent out if possible.
3) Any recommendations for "network appliance" products to provide
IP filtering to prevent access to "prohibited" web sites?
I have a client using SonicWall - but they don't use a fraction of
it's capabilities, though what you want is available.
A client of mine using SWs had a new HW firm that wanted to replace
the Sonics with the VPN to another city - with Linksys - because
they knew how to configure them.
This client needed to be sure that the systems were up as much as
possible. So they opted for the 24x7 support from Sonic.
Their support - the few times it was needed - was excellent
and in one instance when someone uplugged the far city for a few
days when the office was move, the authorization codes went away.
That's a security feature.
Having a problem getting it up and running a call to Sonic actually
wound up with the Sonic tech setting the machine up remotely.
Contrast that with some of the stories I've heard about people
trying to get support from Linksys - or other low-priced devices.
I suspect other industrial strength products have similar support
policies.
Bill
--
Bill Vermillion - bv @ wjv . com
.
- References:
- RE: E-mail filtering recommendations needed.
- From: Steve M. Fabac, Jr.
- RE: E-mail filtering recommendations needed.
- Prev by Date: Re: Problem with Samba 2.2.6c
- Next by Date: Re: Issues with XWindows on 5.0.6 Reply-To: scomsc@xenitec.on.ca
- Previous by thread: Re: E-mail filtering recommendations needed.
- Next by thread: RE: how to prevent re-use of passwords
- Index(es):
Relevant Pages
|
