Search
Topics
  Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Downloads
· FAQ
· Feedback
· Forums
· Papers
· Statistics
· Surveys
· Top 10
· Topics
· Web Links
· Your Account

Who's Online
There are currently, 10 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here

ISO17799 Search



Languages
Select Interface Language:


ISO 17799 Resources
There are now quite a few BS7799, ISO27001 and ISO 17799 portals on the web offering commercial tools & products. Possibly the most complete is ISO 17799 and ISO 27001 Central.

Call for Papers
We are shortly to launch a content section for papers and articles on ISO 17799 implementation, BS7799, AS4444, ISO 27001, UNE71502, and information security generally. If you have produced a paper and would like us to publish it, please contact us via the feedback form above.

ISO 27001, ISO 27002 & ISO17799 User Group: Forums

17799.Com :: View topic - Interpretation of control A9.4.6 - Segregation of Networks
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Interpretation of control A9.4.6 - Segregation of Networks

 
Post new topic   Reply to topic    17799.Com Forum Index -> ISO17799 Discussion and Debate
View previous topic :: View next topic  
Author Message
Midnight
Newbie
Newbie


Joined: Aug 17, 2005
Posts: 2
PostPosted: Wed Aug 17, 2005 7:29 pm    Post subject: Interpretation of control A9.4.6 - Segregation of Networks Reply with quote
Does this control suggest segregation of web servers for a service that is used by internet and intranet based users?

Or can the web servers be shared and still satisfy the control?
Back to top
View user's profile
smashingvicky
Newbie
Newbie


Joined: Aug 22, 2005
Posts: 18
PostPosted: Mon Aug 22, 2005 6:54 pm    Post subject: Sharing of web server Reply with quote
No, the web server can be shared.....

Vikas Garg
BS7799 Lead Auditor
vikas.garg@bsi-india.com
Back to top
View user's profile Send e-mail
sulla
Newbie
Newbie


Joined: Aug 27, 2005
Posts: 3
PostPosted: Sun Aug 28, 2005 1:28 am    Post subject: Reply with quote
I think that segregation in networks is one of the most important control in ISO17799.

It isn't just about protecting the core applications or seperating internet and intranets...

Most companies today needs to protect each department from each other so that when one network is compromised, it will be much harder for an employee or an attacker to propagate to other targets within the company.

When we do a pen test.. instead of trying to compromise a secure DMZ directly we will target people who have legitimate access to sensitive systems such as people in operations or development.

Even when development doesn't have direct access to production and all changes have to go through QA... The people in QA only do user acceptance test (UAT), they rarely perform a code security review and look for backdoor or vulnerable code.

Sulla
Back to top
View user's profile
Midnight
Newbie
Newbie


Joined: Aug 17, 2005
Posts: 2
PostPosted: Tue Aug 30, 2005 11:11 pm    Post subject: Reply with quote
Sulla

The point is that the intranet and internet networks are segregated (there are firewalls in place to protect the users).

The users share the same web server for the service, whether the user is based on the internet or intranet.

I don't believe this violates control 9.4.6. Question
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic    17799.Com Forum Index -> ISO17799 Discussion and Debate All times are GMT + 10 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.8 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem, sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops © 2003 http://www.nukecops.com

Forums ©

 
The ISO 17799 Implementation Forum: A BS7799 / ISO27001, ISO17799 and ISO 27000 User Group
All logos and trademarks are property of their respective owner. Comments are property of their posters. The rest © 2005 ISO17799 / ISO 27002 Forum
AKA: BS 7799, SPE 20003, SS 627799, JIS X 5080, AS/NZS 4444, ISO 27001. Other links: UKAS accreditation body. SV
Website source phpnuke.org (c) 2003, and is Free Software under GNU / GPL licence. All Rights Are Reserved.