Security Questions

  1. What are your corporate security policies?

  2. What network security is already in place?

  3. What level of security is desired?

  4. What are the security policies for each service?

  5. What is the authentication method (directory, database, NIS/NIS+, etc.)?

  6. What are the logging requirements for management, business, and subscriber reporting?

  7. Will you allow subscriber’s CGIs?

  8. Will you allow subscriber’s Java servlets?

  9. Is there any intention of supporting shell accounts?

  10. Do you plan to use VPNs?

  11. Will RADIUS be authenticated using LDAP?

  12. Will you use NAT (Network Address Translation)?

  13. Do you plan to use split-DNS?

  14. How are you going to harden each system?

  15. How are you going to manage the security posture of each system over time?

  16. How will you validate that patches ...

Get Designing ISP Architectures now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial