Description
Anti-Virus. An effective anti-virus architecture uses a multi-tier (that is, desktop, server, and gateway) approach and is not necessarily reliant on a single vendor solution. The gateway tier can be implemented at the firewall, the SMTP gateway, the SMTP relay, or a combination of all three. Using a combination of techniques at the gateway level is prudent given the frequency and impact of malicious code attacks. NIH currently implements a multi-tier anti-virus architecture.
Configuration Management. Configuration management is the basis for all other management capabilities and is a critical aspect of maintaining confidentiality, integrity, and availability. Change management and software control and distribution must be properly integrated with a comprehensive configuration management system.
File Integrity Checking. File integrity checking is used to detect and correct unauthorized changes to a file or database.
Brick Information
Tactical
(0-2 years)
|
Strategic
(2-5 years)
|
- Baseline
- Bluesocket Secure Gateway
- Tripwire
|
|
Retirement
(To be eliminated)
|
Containment
(No new development)
|
|
|
Baseline
(Today)
|
Emerging
(To track)
|
- Network Integrity
- Anti-spoofing filters
Anti-Virus
- Norton Anti-virus
- Norton Command Center McAfee Anti-Virus
- McAfee ePolicy Orchestrator
- Sybari Antigen for Exchange
- Symantec Virus Scan File Integrity Checking Samhain
File Integrity
Digital Signature
Configuration Management
- Ecora
- Peregrine IND
- Bindview
- HFNetChk Pro
- Update Expert Alteris
|
|
Comments
Time Table
This architecture definition approved on:
July 18, 2003
The next review is scheduled in:
TBD