WebHostingSSH

Guidelines on Securing Public Web Servers

Securing, installing, and configuring Web server software

Deploying appropriate network protection mechanisms:

Firewalls

Routers

Switches

Intrusion detection systems (IDSs)

Maintaining the secure configuration through application of appropriate patches and

upgrades, security testing, monitoring of logs and backups of data and operating

system

Using, publicizing, and protecting information and data in a careful and systematic

manner.

The following key guidelines are recommended to Federal departments and agencies for

maintaining a secure Web presence.

Organizations should carefully plan and address the security aspects of the deployment

of any public Web server.

As it is much more difficult to address security once deployment and implementation have

occurred, security should be considered from the initial planning stage.  Organizations are

more likely to make decisions about configuring computers appropriately and consistently

when they develop and use a detailed, well designed deployment plan that addresses security.

Establishing such a plan guides organizations in making the inevitable tradeoff decisions

between usability, performance, and risk.

Organizations often fail to take into consideration the human resource requirements for both

deployment and operational phases of the Web server and supporting infrastructure.

Organizations should address the following points in a deployment plan:

Types of personnel required (e.g., system and Web administrators, Webmaster,

network administrators, information systems security officers [ISSO])

Skills and training required by assigned personnel

Individual (level of effort required of specific personnel types) and collective

manpower (overall level of effort) requirements.

Organizations should implement appropriate security management practices and

controls when maintaining and operating a secure Web presence.

Appropriate management practices are critical to operating and maintaining a secure Web

server.  Security practices entail the identification of an organization's information system

assets and the development, documentation, and implementation of policies, standards,

procedures, and guidelines that ensure confidentiality, integrity, and availability of information

system resources.

ES 2





  
    
      

    
    Home
    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    
    
         Web Hosting SSH

    
    
    
      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved


Home	About	Services	Network	Support	FAQ	Order	Contact
Web Hosting SSH
Our partners:Jsp Web Hosting Unlimited Web Hosting Cheapest Web Hosting Java Web Hosting Web Templates Best Web Templates PHP Mysql Web Hosting Interland Web Hosting Cheap Web Hosting PHP Web Hosting Tomcat Web Hosting Quality Web Hosting Best Web Hosting Mac Web Hosting Lunarwebhost.net Business web hosting division of Vision Web Hosting Inc. All rights reserved