Skip to main content
  • Industry Solutions
    • Managed Service Providers
    • Enterprise Solutions
    • Developers & Startups
    • Healthcare
    • Trading and Financial
      • Chicago Managed Trading Servers
      • Trading and Financial Colocation: Chicago & New Jersey
    • IBM AS/400 and iSeries Users
  • Support
    • Register
    • View Tickets
    • Submit a Ticket
    • Knowledgebase
    • News
  • Steadfast Blog
  • Steadfast Podcasts
  • Contact Us
Home
  • Call Us
  • Call | 888.281.9449
  • Login
  • Search

This form logs you into your management portal account. To access your help desk account, click here and use the form to the right of the news.

  • Cloud Hosting
    • Cloud Hosting
    • Private Cloud
    • Hybrid Cloud
    • Public Cloud
    • Cloud Storage
      • Secure File Share
      • Wasabi Cloud Storage
    • Virtual Data Center Platform
  • Managed Hosting
    • Bare Metal Dedicated Servers
      • Deep Learning GPU Dedicated Servers
      • Linux Dedicated Servers
      • Windows Dedicated Servers
    • Virtual Private Servers
    • Data Center Colocation
      • Managed Colocation
      • Chicago: 350 E Cermak
      • Chicago: 725 S Wells
      • Edison, New Jersey
    • Security & Compliance
      • Managed Firewall
      • SSL VPN
      • DDoS Protection
      • Email Security
  • Backup & Disaster Recovery
    • Backup
    • Disaster Recovery
    • Veeam Backup & Replication
    • Veeam Cloud Connect
    • Wasabi Cloud Storage
  • Why Steadfast
    • Why Steadfast?
    • About Steadfast
      • Our History
      • News and Press
    • Data Centers & Network
      • Our Data Centers
      • Our Network
      • Network Test
      • Peering Policy
    • Customer Stories
    • Service Level Agreement
  • Industry Solutions
    • Managed Service Providers
    • Enterprise Solutions
    • Developers & Startups
    • Healthcare
    • Trading and Financial
      • Chicago Managed Trading Servers
      • Trading and Financial Colocation: Chicago & New Jersey
    • IBM AS/400 and iSeries Users
  • Support
    • Register
    • View Tickets
    • Submit a Ticket
    • Knowledgebase
    • News
  • Steadfast Blog
  • Steadfast Podcasts
  • Contact Us
Close
Return to All Blog Posts
What Does An Enterprise Server Need To Be Truly Secure

What Does An Enterprise Server Need To Be Truly Secure?

July 27, 2016 in
Security

When a diligent system administrator gets their hands on a new server, their work is just beginning. Take a fresh Linux box, put it on the internet, and see how long it is before bots start probing for vulnerabilities. The internet is an unfriendly environment. Before a server is ready to be used to host a web application, site, or email system, it must be hardened and secured.

In this article, I’d like to take a look at five systems every security-conscious system administrator should have in place before they put their new server online. This list isn’t exhaustive; it covers the bare minimum of work required to ensure that a server stays safe and that the right people are informed when there is a security problem.

Firewall

Let’s begin with the most obvious step: installing and configuring a firewall. A firewall is a filter that sits between two networks — the internal network and the internet — determining which connections are accepted or rejected.

Firewalls, both hardware and software, inspect connections and compare them to a set of rules which indicate whether to accept them.

A firewall is the most basic level of protection every server should have.

Linux servers include a number of firewall options, of varying levels of complexity. It should be noted that configuring a firewall isn’t a set-it-and-forget-it job. The firewall rules must be regularly checked, maintained, and updated.

Intrusion Detection System

A firewall is a barrier between your server (or network) and the wilds of the internet, but a firewall on its own isn’t enough — a single line of defense never is. An intrusion detection system will monitor network and system activity and notify the system administrator of any anomaly.

Intrusion Protection Systems go a step further. Rather than simply notifying system administrators of a potential attack, an IPS can take action to prevent the attack, including blocking suspect IPs or resetting connections.

Vulnerability Scanning

Vulnerability scanners are capable of detecting known vulnerabilities before they become a serious problem. Software and network vulnerabilities are responsible for a substantial proportion of successful attacks, and new vulnerabilities are discovered every day. Plus, even the smartest system administrator might neglect to carry out a crucial security task and leave a server or network vulnerable to exploitation — especially on large networks with multiple servers.

Vulnerability scans help reduce the odds of attacker being able to successfully find a path to compromising the security of the network and server.

Web Application Firewall

A web application firewall is responsible for monitoring HTTP connections and determining if they present a risk. To take a typical example, SQL attacks are a common source of security problems for web applications. A Web Application Firewall is capable of monitoring incoming web connections for signatures that indicate malicious intent, including SQL injection attacks and cross-site scripting attacks.

Email Security

If you intend to host email on your server, a whole new landscape of security problems opens up: ideally, you’ll need malware scanning and spam prevention with subscriptions to spam blacklists. Otherwise, your users will be bombarded with spam that contains malicious links and malware. The average email server receives many times more spam than legitimate email, and spammers are a wily bunch, constantly on the lookout for new ways to get their malicious communications in front of your users.

As you can see, the road to a secure server is long and winding, and that’s before you configure major services or consider encryption, but for a diligent system administrator, there are no shortcuts.

Our managed server hosting and managed security services can slash the effort of creating a secure server environment — talk to our team about using Steadfast’s firewall, intrusion detection and prevention, vulnerability scanning, WAF, email security, and encryption solutions with your infrastructure.

Share This
facebook twitter email compact

Comments (0)

Leave a Comment

Get an image next to your comment by visiting Gravatar.com and uploading a profile photo that links to your address.

Search the Blog

Categories

backup
(1)
bare metal
(1)
Business Talk
(23)
Chicago
(11)
Chicago colocation
(1)
Cloud
(34)
cloud backup
(1)
cloud services
(2)
colocation
(4)
colocation services
(1)

Archives

  • August 2022 (1)
  • March 2022 (3)
  • October 2021 (1)
  • January 2021 (1)
  • July 2020 (1)
  • June 2020 (1)
  • April 2020 (1)
  • March 2020 (1)
  • August 2019 (1)
  • July 2019 (1)

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed
  • 312.602.2689
  • ColoHouse Sales
  • Facebook
  • Twitter
  • YouTube
  • LinkedIn

Services

  • Cloud Hosting
  • Managed Hosting
  • Backup & Disaster Recovery

Solutions By Industry

  • Enterprise Solutions
  • Trading & Financial
  • Healthcare
  • Developers & Startups
© 2023 Steadfast
  • Log In
  • Site Map
  • Legal Info & Privacy Policy