Comments on: A new idea or a new model? http://sbin.cn/blog/2009/01/04/a-new-idea-or-a-new-model/ Technologies and comments on cloud and telecom security, bridging China and the world! Mon, 19 Sep 2011 01:16:15 +0000 hourly 1 http://wordpress.org/?v= By: Tony Liu http://sbin.cn/blog/2009/01/04/a-new-idea-or-a-new-model/comment-page-1/#comment-35418 Tony Liu Wed, 07 Jan 2009 08:58:22 +0000 http://sbin.cn/blog/?p=1005#comment-35418 WOW, great topic, i'm always thinking appropriate is the best, Moderate security for what? for you business. How to measure moderate or not? 2 measures basically, one is about coverage, another is about depth. I advise to follow following approach, 1. Think about your business, priotize them into different levels 2. Exclude the least important business from protection scope, 3. Consider the depth of security measures of the left medium-to-highly important business, think about following questions, # What's the expected protection level, on network, system or even application? # Are there any overlap when choosing security protection measures, for example, deploy network IDS and host IDS together # On the other side, what's the tollerance for your business? 4. Finalize your solution, have a communication with your manager and business user as well, get their support, WOW, great topic, i’m always thinking appropriate is the best,
Moderate security for what? for you business.
How to measure moderate or not? 2 measures basically, one is about coverage, another is about depth.

I advise to follow following approach,

1. Think about your business, priotize them into different levels
2. Exclude the least important business from protection scope,
3. Consider the depth of security measures of the left medium-to-highly important business, think about following questions,
# What’s the expected protection level, on network, system or even application?
# Are there any overlap when choosing security protection measures, for example, deploy network IDS and host IDS together
# On the other side, what’s the tollerance for your business?
4. Finalize your solution, have a communication with your manager and business user as well, get their support,

]]> By: jack http://sbin.cn/blog/2009/01/04/a-new-idea-or-a-new-model/comment-page-1/#comment-35348 jack Sun, 04 Jan 2009 06:46:28 +0000 http://sbin.cn/blog/?p=1005#comment-35348 适度防护 加入威慑的概念 适度防护 加入威慑的概念

]]> By: Why http://sbin.cn/blog/2009/01/04/a-new-idea-or-a-new-model/comment-page-1/#comment-35345 Why Sun, 04 Jan 2009 02:47:31 +0000 http://sbin.cn/blog/?p=1005#comment-35345 think systematize, action specific. think systematize, action specific.

]]>