Lack of consensus on just about everything ÒsecurityÓ
¥baseline security policy
¥vendor (!) vs central (helpdesk) vs
individual control
¥enterprise vs consumer, parent vs
child
¥end-to-end vs point-to-point with proxy
intermediaries
¥performance!
Even the best best practices aren't good enough!
¥one-size just won't fit all
¥need a few characteristic profiles to
tackle
Ðdepartmental servers, enterprise data
center servers
Ðpublic interface servers, proxies,
guards
Ðnetworking (routing, authentication)
infrastructure