CGI Web Hosting Securing Public Web Servers CGI Hosting

Guidelines on Securing Public Web Servers

Securing, installing, and configuring Web server software

Deploying appropriate network protection mechanisms:

Firewalls

Routers

Switches

Intrusion detection systems (IDSs)

Maintaining the secure configuration through application of appropriate patches and

upgrades, security testing, monitoring of logs and backups of data and operating

system

Using, publicizing, and protecting information and data in a careful and systematic

manner.

The following key guidelines are recommended to Federal departments and agencies for

maintaining a secure Web presence.

Organizations should carefully plan and address the security aspects of the deployment

of any public Web server.

As it is much more difficult to address security once deployment and implementation have

occurred, security should be considered from the initial planning stage.  Organizations are

more likely to make decisions about configuring computers appropriately and consistently

when they develop and use a detailed, well designed deployment plan that addresses security.

Establishing such a plan guides organizations in making the inevitable tradeoff decisions

between usability, performance, and risk.

Organizations often fail to take into consideration the human resource requirements for both

deployment and operational phases of the Web server and supporting infrastructure.

Organizations should address the following points in a deployment plan:

Types of personnel required (e.g., system and Web administrators, Webmaster,

network administrators, information systems security officers [ISSO])

Skills and training required by assigned personnel

Individual (level of effort required of specific personnel types) and collective

manpower (overall level of effort) requirements.

Organizations should implement appropriate security management practices and

controls when maintaining and operating a secure Web presence.

Appropriate management practices are critical to operating and maintaining a secure Web

server.  Security practices entail the identification of an organization's information system

assets and the development, documentation, and implementation of policies, standards,

procedures, and guidelines that ensure confidentiality, integrity, and availability of information

system resources.

ES 2





Unlimited Web Hosting





  
    
      
        Home :: RegularHostingPlan :: 
          DatabaseHostingPlan :: 
          JavaHostingPlan :: 
          CompareOurPlans :: AboutUs - 
          Our Network :: 
          Testimonials 
          WhyChooseTotalRoute.net :: 
          MoneyBackQuarantee :: 
          SupportOnline :: FAQ :: 
          ControlPanel :: 
          24/7TechSupport :: 
          ContactUs :: 
          Order 
          TransferYourSite :: 
          Sitemap :: 
            TermsOfService
      CGI Web Hosting 
    
  
  
    Our partners:Jsp Web   Hosting 
      Unlimited Web Hosting 
      Cheapest Web   Hosting  Java Web Hosting 
      Web   Templates 
      Best Web Templates 
      Web Design   Templates 
      Interland Web Hosting 
      Cheap Web Hosting  
      Java Web Hosting   
      Tomcat Web Hosting 
      Quality Web   Hosting 
    Best Web Hosting  Mac Web   Hosting
  
  
    TotalRoute.net Business web hosting division of Vision Web Hosting Inc. All rights reserved.