We often hear that computer security is not a product in itself, but more of a process that we constantly have to review due to the quick evolution of the technology and the vulnerabilities that might come with it. This is why it is recommended to implement a multi-layer security architecture on your network, in order to prevent having a single point of failure and to be able to block different kind of attacks. This is the strategy I chose to follow when I wrote this document. Not only the act of securing the internal network is part of a multi-layer strategy, but the multi-layer strategy will also be applied in order to secure this network, for the reasons mentioned above.
It is important to mention that the measures described in this document apply principally on securing Windows workstations. These measures can also be applied on Windows servers, but server administration implies other measures that are out of the scope of this document. Also out of the scope of this document are the measures to take to secure the periphery of your network, such as firewalls and IDS. Even if these measures are not covered in this document, it is important to take these into account in a global computer security strategy.
There is a common saying that says that there a conflict between ease-of-use and security. In order to have efficient result, the solutions proposed must find the balance between these two concepts. However, in the case of Microsoft Windows, I think there is enough fat in the ease-of-use side that we can cut in it generously and this way re-establish the balance between ease-of-use and security, which is otherwise dangerously inclined. The different concepts that I will explain later are in part derived from my previous whitepapers, and in part from recent experiences. For a more theoretical approach of these same concepts, I recommend the excellent paper "Protecting against the unknown" from Mixter. More precisely, this document will speak of antivirus protection, personal firewalls, securing the operating system and the various applications used on workstations, and various deployment techniques that can be used to facilitate the task.
1. Introduction
3. Maximising antivirus protection