IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [architecture]

104 questions
1
vote
1 answer

Should the Router or Firewall Come First?

Network scenario.... I have a typical enterprise network meaning ISP > Edge Router > Firewall|DMZ > Switch > LAN I know there are several debates about what device comes first, but based on a typical medium-size office (500 people), what should…
errMSG
  • 177
  • 2
  • 10
1
vote
0 answers

Is there any advantage in using Google's IAM on Android?

We are building a few corporate apps for field workers / front office. In most cases each user will have their own device, but there are some shared devices (for example reception). The devices are going to be Android and we are planning to develop…
aquaman
  • 73
  • 5
1
vote
1 answer

Separation of devices for VPN / Firewall

Our company has two separate firewall devices from different vendors (Checkpoint / Cisco) for firewall and VPN access. We're currently evaluating the possibility of migrating to a newer, clustered solution (2 new devices) from a single vendor where…
Pavlos G.
  • 199
  • 1
  • 6
1
vote
0 answers

What would you do as first day of CSO or Head of CyberSecurity

I was asked this question at an interview today and was unable to give a structured answer since there is so many things a head of security can do. The additional info that I had were : - You can hire whoever you want - You can do whatever you…
tomatediabolik
  • 11
  • 1
1
vote
1 answer

Is INTEL-SA-00075 Detection and Mitigation Tool enough to mitigate IntelME attacks

Is that tool enough to mitigate/protect againts IntelME vulnerability? https://downloadcenter.intel.com/download/26755?v=t If it's not enough I more I can do to protect againts IntelME attacks ?
fekifulof
  • 11
  • 2
1
vote
1 answer

My company is considering collapsing from multiple independent domains to one trust network

Currently, we have a number of domains for various purposes like back office, production, DMZ, partners, etc. There has been a change in management thinking to simplification. They want all the resources to fall under one trust. I'm responsible for…
oBreak
  • 470
  • 3
  • 5
1
vote
2 answers

single secure architecture solution for below 4 threats

An e-commerce website uses LAMP stack hosted on a single rack-mounted server located at a data center. On every transaction, credit card information is stored in the MySQL database at data center. For accounting purposes transaction records…
Learning Security
  • 11
  • 3
1
vote
1 answer

Internet Access by server pattern

I'm trying to get the best picture for my infraestructure. I came across a business case where my app server (far beyond DMZ and protected by 3 levels of firewalls) needs to talk with other (external and public) server. I can open the firewalls in…
SuperPiski
  • 11
  • 1
1
vote
1 answer

Is there any architecture where the data storage is completely separate?

I want the hard disk where my data is stored to be secure from foreign external access. Is there a physical possibility to protect my hard disk or any kind of data storage, like a computer architecture where my memory is physically disconnected from…
Khan
  • 123
  • 3
1
vote
0 answers

Authenticating requests across a two tier application architecture

Consider the following architecture: Users log into a website and issue commands to the website. In parallel, separate software processes ("agents") on different computers connect to the website and wait for these commands to be issued. The agents…
Dan Gravell
  • 111
  • 3
0
votes
2 answers

Does splitting RNG into "private" and "public" entropy sources reduce risks of compromise?

I'm reading s2n's docs (https://github.com/awslabs/s2n) where it is claimed that: https://github.com/awslabs/s2n#compartmentalized-random-number-generation The security of TLS and its associated encryption algorithms depends upon secure random…
Deer Hunter
  • 5,297
  • 5
  • 33
  • 50
0
votes
2 answers

encryption protection against lost password

Here is a plan I am thinking about. I haven't seen this proposed, so I thought I would ask about it. Threat we are guarding against: A lost or stolen laptop leading to exposure of sensitive information. Project Description: Developing a desktop…
mcgyver5
  • 6,807
  • 2
  • 24
  • 45
0
votes
1 answer

using temporary tokens for secure communication with IFRAME

I have questions about our application's security architecture: A critical piece that cannot save state but collects and displays sensitive information is served up in an IFRAME inside a more modern web framework that would control login, session,…
mcgyver5
  • 6,807
  • 2
  • 24
  • 45
0
votes
1 answer

How to secure sensitive data in application with message queue

Currently we are creating one small service, where we are using some sensitive data from users(not worth zillions but to me it is like password). The idea is that application itself only inserts this data into db and creates some jobs to run in…
Jevgeni Smirnov
  • 101
  • 1
0
votes
4 answers

post-disk-wipe computer security

I have a standard Dell or Asus-motherboard based computer. it is a hard-disk or RAM. it was hacked remotely. I suspect that they were sophisticated. I am happy to reformat the disk and/or throw it away altogether. alas, because the computer was…
ivo Welch
  • 111
  • 2
1 2 3 4
5
6 7