Home > Ask the Security Channel Experts > Security Management Questions & Answers > Hardening Linux as part of your client's network security policy
Ask The Security Channel Expert: Questions & Answers
EMAIL THIS

Hardening Linux as part of your client's network security policy

Retired Expert - Ken Smith EXPERT RESPONSE FROM: Retired Expert - Ken Smith

Pose a Question
Other Security Channel Categories
Meet all Security Channel Experts
Become an Expert for this site


Security Channel Update
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


>
QUESTION POSED ON: 26 August 2007

My customer is very new to the Linux environment, and I have to help them create a Linux network security policy, but I can't find any examples on the Web. Can you point me in the right direction? They are using SuSE Linux Enterprise Server 10.

>
EXPERT RESPONSE

Policies are usually high level and communicate the rules or expectations for everyone in the organization. They can take a long time to develop and an even longer time to get approved by management. This is why you usually want to limit the level of detail you include in a policy document.

Instead of creating written security policy for each and every operating system, platform and application used within the environment, the organization's security policy should require that specific standards and procedures documents be followed. This is where your Linux host standards or procedures would come in. In your standards and procedures documents, you can get as detailed as you want and have more flexibility to make adjustments as time goes on.

If you focus your Web search on Linux security configuration, hardening and standards guides, you will likely find what you are looking for.

Learn more about network security and open source security software at SearchSecurityChannel.com.

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


RELATED CONTENT
Security Management
Implementing wireless LAN security policies for mobile users
Should hotfix testing be performed by the QA department or by support?
Complying with the Federal Information Security Management Act (FISMA)
Automated patch management for SMB customers
Understanding ISO 27001 and ISO 17799
Maintaining HIPAA compliance
How do I create a repeatable patch testing methodology?
Creating security policies for an enterprise customer
Implementing third-party patches on customer systems
Patch management system post-deployment considerations for VARs and consultants

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice

HomeTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2006 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts