IT Infrastructure Security-Step by Step

After having worked as a system/network administrator for couple of years, I was instrumental in the design and implementation of my organization's System Networking and Communication Infrastructure. I had been given the responsibility for the installation, improvement and maintenance of security of the entire Information Technology Infrastructure of the organization. During this period, I realized the need for acquiring a high level of understanding of the critical issues of security and implementing the same in a real life network and system environment. While reviewing various papers and books on security, and some security breach incidents, I realized that that there are not many resources available that provide a step-by-step approach for building comprehensive security systems. Most of the existing material talks about particular security breaches or security holes and their remedies. After working on security issues for over a year, and having studied the GIAC Level One Security Essentials Certification (GSEC) courseware, I am making an attempt in this paper to document the process and methodology for implementing computer security based in corporate networks. It describes the various aspects of security through a layered model.