locking down a network

By gtechstuff ·
I would like to keep people within our corporate network from accessing their computers from home. Can anyone give me any advice on how to go about doing that? Our execs are concerned about sensitive data being copied to an employees home computer. We are currently using a checkpoint firewall. So what ports can I block etc?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

locking down a network

by dspeacock In reply to locking down a network

The easiest way (and the correct answer on the CISSP exam) is to adopt the "that which is not expressly permitted is denied" principle. Close ALL ports and then open up only those that are absolutely required.

Collapse -

Network Sec

by sbrown95 In reply to locking down a network

I would have to agree with dpeacock on that one. If the above is too complicated, you could just block all outbound to 3398 (the default remote desktop port) but that can easily be changed. A great and easy way to resolve this issue would be to implement a proxy server as Remote Desktop does not work through a proxy.

Collapse -

Security Ideas

by Toivo Talikka In reply to locking down a network

Some thoughts about security:

Have the confidentiality agreements and internet/email policy agreements been signed by key employees with access to intellectual property and commercial secrets?

Have you also banned diskette drives, CD burners and USB memory sticks? Does your company monitor the outgoing emails, especially the attachments, use of webmail?

Electronic cameras, iPODs and such like may also need to be confiscated by your corporation.

And, last but not least, loose lips sink ships...

Related Discussions

Related Forums