Dear Experts,
I am trusted with a responsibility of securing network of my client and also look after some security issues they are facing with their webmail server, proxy etc. Kindly advise me in structuring of LAN taking care of security and settings to check for in webmail and proxy, apart from this suggest me some idea in implementing IDS & IPS. In case I miss out any detail please notify me I will provide that.

Regards,
nm

Please allow me to ask a few counterquestions. If your client entrusted you with securing your clients network then shouldn't you at least possess basic admin knowledge of this? Haven't you already made an initial inventory of the network, networked devices, services, users, machines security posture and maintenance / security history? If not please start with giving us a brief overview of the above.


Please be specific. Post anything you think may (or may not) be related.

Sir I do have knowledge but I think it is not sufficient I need a few more suggestion, The n/w they are creating is for their new office,for which the ISP has laid the fiber optics to the site, now its my duty to secure the Intranet their servers and services on these servers. I also need suggestion on creating a secure LAN Design.
their webmail (Zimbra) server acted abnormally, what happened was few other people in the same n/w were able to send mails from someone superior's account without having password.

I need to concur with unSpawn on this.

The help you need is above your knowledge, and it would be a massive operation for us to help you.
We have the knowledge, but literally would need access to all your configs and set up to help you.
It is one thing to know IDS software, and then posting help on the issue, than asking help with IDS and IPS systems etc.

Hope you understand ?

Let me see if I can provide you more details, till then can you help me with LAN design, and a few tools to check n/w & server vulnerabilities, weak points.

Regards,
nm

Please do, verbosely.


So what does this LAN comprise of? Only user machines? Or also servers? Do any servers have business critical roles? Is the LAN part of a WAN? Is there redundant connectivity? What hardware is already in use or slotted for use?


Are there industry-specific compliance rules you must adhere to? What checklists and tools do you currently use?

yes give me some time!


This is a new site for which new fiber optics have been laid by the ISP, all I need to know where should I connect them first, border router>firewall>server>firewall>router>switches>users, this is one hierarchy I presented (kind of a LAN design, something like this I am expecting from you people, a better one).
Yes the LAN comprises of user machines, servers etc.

They say that there is no such compliance rules, but they also say that I am responsible if anything goes wrong. Eg. if any tool I downloaded and the tool misbehaved and created a vulnerability, any thing like that I will be held responsible.
I am yet to start using any tool in this n/w. till now I have used metasploit, nmap, most tools available in BT5 OR KALI.

Regards,
nm