[Agenda] [Examples] [Network Partitioning] [Concepts] [Policy] [Process] [Organization] [HW-SW] [Cases studies] [Conclusion] [Resources]
[first slide] (3) Apply the security policy on the service flows [previous slide] [next slide]

* Security Officer validates the service flow
o Apply corporate security policy
o Refuse dangerous services
o Remove Un-necessary services
o Control that no service is missing like NOC, HelpDesk and Security Office services

* Gain consensus on the diagrams
o Compromise between business needs and security policy
o If too many services are denied, HTTP or DNS could be used as covert-channels for TCP/IP encapsulation

* Sign-off of the diagrams as Ok for enforcement, by
o People responsible for each domain
o Security Officer

HSC ® © Hervé Schauer Consultants December 1999 - 142, rue de Rivoli - F-75001 Paris - France
Phone: +33 141 409 700 - Fax: +33 141 409 709 - Email: <secretariat@hsc.fr>
- Page 68 -