i Network, Inc Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time.

Size: px
Start display at page:

Download "i Network, Inc Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time."

Transcription

1 Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time.

2 Virtual Education Laboratory Testing COTS Technology A Test-Bed Success Story in Cyber Space Building the Cyber Security Lab NU CSIA Master s Program SETM Cloud Infrastructure Design Requirements, Decisions Functional Capabilities CSIA Advisory Council Collaboration Projects, Test Bed Success Stories

3 NU CSIA Master s Program Planning began in 2009 CAC Founders include The Security Network eset SAIC Cubic Vmware AITP FBI SPAWAR CSC Unisys University of Idaho NIATEC Orange Book Repository

4 CAC Goals & Objectives 1. Define what is valuable to your organization 2. Identify/define focus areas for your needs 3. Identify how you/your organization would like to contribute to the initiative 4. Three areas of contribution Teaching: Curriculum development, content Research: H/W, S/W, resources Administration: CSIA Initiative management

5 MS CSIA Program Awards/Recognition Received The Chairman s Award for Fostering Innovation Through Collaboration, from The Security Network (February 2011) Designated Winner of the Education Category at the Cyber Security Conference 2011 that was sponsored by Securing Our ecity and the San Diego Union Tribune (November 2011) Selected for a full page ad by Securing Our ecity and the San Diego Business Journal (November 2011)

6 S CSI

7 SETM Cloud Infrastructure Supports multiple Security Enclaves Dynamic Resource Allocation Diverse collection of computing Resources IBM Blades HP, Dell Servers Multiple Storage Appliances Brocade Switches Palo Alto Firewalls 7

8 SETM Cloud Infrastructure H H SFP POWER FWS 624 STACK RPS Console BladeCenter BladeCenter CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD FastIron WS SFP 1 CD SFP 2 SFP 3 SFP 3 CD 38 PowerEdge SC G PowerEdge SC 1435 JS21 JS JS21 4 JS21 5 JS21 6 JS21 7 JS21 8 JS21 9 JS21 10 JS21 11 JS JS21 3 JS21 4 JS21 5 JS21 6 JS JS21 JS21 9 JS JS G PowerEdge SC HP StorageWorks 2408 FCoE Switch V~, 50-60Hz, 10A HP StorageWorks 2408 FCoE Switch F F V~, 50-60Hz, 10A V~, 50-60Hz, 10A HP TFT7600 HP TFT V~, 50-60Hz, 10A V~, 50-60Hz, 10A V~, 50-60Hz, 10A E PowerEdge E PowerEdge 2950 D D PowerEdge !!! PowerEdge PowerEdge PowerEdge C HP ProLiant ML350 HP ProLiant ML350! Virtual Education Lab HP Game & Sim ASIRL Drawing Number: Part Name: Description: inetwork, Inc. A Technology Solutions, Products & Services Cage Code: 1RM73 Drawing Scale: 10 9 Form ¼ =1 8 Release Date: Revision: Revision Date: Designed By: Reviewed By: Approved By: Page: AC OK B C! AC OK 2! ASIRL WAN / LAN SDI Cloud B Joseph Marsh Barry Brueseke Of 7 A

9 9

10 Virtual Education Lab (VEL) H G F AT&T 2Mb /28 AT&T 2Mb /28 To ASA-5510 in KM208 Cisco NETLAB & KM129 ISP 1 Room 127 MPOE Patch Panel Room 227 CEE 5 External Firewall PA-2050 #1 DMZ WEB HOSTS DELL 2950 Internal Firewall PA-2050 #2 ISP 2 TW Telecom 10Mb /24 via /30 Red: Light Blue: Dark Green: OD Green: Dark Blue: Tan: Purple: Light Green: LEGEND Gateway Gigabit Ether WAN/LAN Classrooms Admin Servers ESXi Host Servers SAN Node Capstone/ASIRL Projects Cisco Netlab H G F E D C B A Production Switch 1 Drawing Number: Part Name: Description: vkernel Switch Services Cluster DELL 1950 #1 DELL 1950 #2 DELL 1950 #3 inv3231 #3 inv3231 #4 inv3231 #5 CSIA inv3231 #6 inv3231 #7 inv3231 #8 CSIA On-Line SAN1 TL1200i vmotion Switch Room 227 VEL CEE 1 Release Date: Revision: Revision Date: vfault Switch inv3231 #9 inv3231 #10 inv3231 #11 CSIA On-Line 02 inv3231 #1 inv3231 #2 SETM Project SAN2 DELL MD3000i inetwork, Inc. Designed By: Joseph Marsh Reviewed By: Technology Solutions, Products & Services Approved By: Barry Brueseke Cage Code: 1RM73 Drawing Scale: ¼ =1 Page: Of Form iscsi Switch 6 ASIRL Switch FWS648G #6 ASIRL IBM BLADE Chassis 1 Gaming & Simulation Capstone KM227 CEE ASIRL IBM BLADE Chassis 2 KM227 CEE 3 SDI CLOUD SETM Project KM227 CEE 4 3 Cat6E 24 Port P / P Unisys Stealth Appliance Palo Alto NGEN Firewall 1 Palo Alto NGEN Firewall 2 KM227 CEE 5 2 Cisco NETLAB Production Switch 3 KM129 Production Switch 2 WAP 1 Classroom 222 Cisco NETLAB Demark/EQ Room 208 WAP 2 DyKnow Room 220A 1 E D C B A

11 Design Objectives the Virtual Education Laboratory is a product that provides academic institutions with the ability to deliver a computer science laboratory learning experience to their remote students (distance learners) Recent educational trends have seen a rapid adoption of distance learning methodologies. To date, the technologies developed to meet this need have focused on the implementation of virtual classrooms.

12 Design Objectives inetwork s Virtual Education Laboratory (VEL) now takes the virtual classroom to the next step and provides the infrastructure/support services necessary to host a virtual computer science laboratory Inside the VEL, Professors can create their own networked environment and assign their on-site students a variety of complex laboratory learning objectives

13 VEL Features the standard VEL config has the following capabilities: Two Factor Authentication Simultaneous support for 3 student cohorts Support for 4 virtual machines per student Capacity to host up to 240 virtual machines Capacity for up to 4 virtual domains/class Ideal for red/blue cell teaming Support for white cell observation Virtual networks including LANs, WANs, switches, routers and firewalls Integration of physical Wireless Access Points (WAPs) in the virtual environment Supports multiple virtual machine templates (libraries)

14 Design Requirements, Decisions Provide Master s Students with a computer science laboratory environment Initially, use an existing (COTS) collection of diverse equipment (Dell Servers, Cisco Firewalls and other misc. appliances) Implement DOD level security into the design (Cyber Security Master s program) Ensure students can not hack system

15 Design Requirements, Decisions Phase 2 Support for multiple cohorts Fault Tolerant (FA) Administration Cluster Highly Available (HA) Lab Clusters Redundant Network Design Support for Multiple ISPs ATO level IA Documentation Package Perform STIGs on all equipment in VEL

16 Design Requirements, Decisions Phase 2 (cont d) Multiple Virtual Machine Templates New Lab configurations every month Reusable laboratory setups Professor Training Student Enrollment Storage Allocation, Retention Plans Performance Evaluation

17 Network Monitoring Lab

18 Design Requirements, Decisions Phase 3 Performance Enhancements Increased Bandwidth Network Redesign (VLAN modifications) VDI - Virtual Desktop Infrastructure Support, process refinement Professor s expectations vs. plan CYB 699 Final Project Simulate three enterprises connected via WAN

19 (3) Enterprises WW WAN

20 Virtual Machine Assignment

21 Virtual Education Laboratory Administration

22 Functional Capabilities Support for multiple, simultaneous labs Support for 80 students using up to 240 virtual machines Large variety of VM templates Endless variety of lab configurations Two factor authentication Nested design to ensure isolation between classes

23 Practical Use Cases Penetration Testing Certified Ethical Hacking Red/Blue Team Scenarios Network Monitoring (What s Up Gold) Android SDK Instruction Information Assurance Exercises Cloud Computing Training

24 VEL Test Bed COTS (or almost) Completed Collaboration Projects ItsMe! (winner, TSN Best Product, 2011) Unisys Stealth Rapid7 Metsploit

25 New User/Password Paradigm

26

27 VEL Test Bed COTS (or almost) Future Projects Blackridge (auth before TCP/IP session) ThreatStop Titania Atlas CyVision - Caldron

28 Future Plans CLaaS Cyber Lab as a Service Applied Engineering Autocad, ProModel, Solidworks, MatLab ELVIS Breadboard, National Instruments Research Projects Multi-factor Authentication Smartphone Usage in Health Care Setting Secure transmission of sensitive data Suggestions?

29 5/24/2012 CSI-SD Cyber cluster identified and documented by SDADT for SOeC and will be maintained CSI-SD will lead research for the region, generating new businesses and supporting the existing members 6

30 CSI-SD We will work with all clusters, seeking a lead for each to serve as SDADT does for defense We will transition research to our clusters for integration into their businesses We will seek funding for research from public agencies as well as private enterprises and will protect intellectual property for economic benefit of the inventors as well as the region

31 Testing COTS Technology Virtual Education Laboratory (VEL) A Test-Bed Success Story in Cyber Space Questions? Thank you for listening Barry Brueseke inetwork, Inc.

32 Network Vulnerability Analysis New (unpracticed) Presentation

33 Topological Vulnerability Analysis Proactive Management to Improve your cyber security profile

34 Cyber Challenges Threats are expanding too much surface area to cover Silo solutions address specific problems... Overwhelmed by data Empowering the workforce Still need: Situational Awareness Common Operating Picture Visualization of Vulnerabilities

35 Elements of Cyber Security Time Cycles Scans once every two weeks ACL changes once each week Evented log files on demand every hour every minute Rhythms Different tools to gather Different purposes Different skill sets required Different remediation plans

36 DHS CAESARS Framework Most vendors focus on the expanding toolset for monitoring. Gathering the data is just the beginning. Expanded data sets are overwhelming cyber specialists. See Know Do framework Ref: Department of Homeland Security Federal Network Security Branch Continuous Asset Evaluation, Situational Awareness, and Risk Scoring Reference Architecture Report September 2010

37 DHS CAESARS Framework Evidence of the evolution of security monitoring. Cauldron is the result of 8 years of R&D. Cauldron is functional now, by aggregating data independently or will integrate into this framework.

38 DHS CAESARS Framework Evidence of the evolution of security monitoring. Cauldron is the result of 8 years of R&D. Cauldron is functional now, by aggregating data independently or will integrate into this framework.

39 Our Approach Vulnerability Database Exploit Conditions Network Capture NVD FoundScan Vulnerability Scanning Environment Model Asset Inventory Firewall Rules Attack Scenario Graph Engine Visual Analysis Optimal Counter Measures Network Capture builds a model of the network. represents data in terms of corresponding elements in Vulnerability Reporting and Exploit Specifications. Vulnerability Database a comprehensive repository of reported vulnerabilities Graph Engine simulates multi-step attacks through the network, for a given user-defined Attack Scenario. analyzes vulnerability dependencies, matching exploit preconditions and post-conditions, generates all possible paths through the network (for a given attack scenario).

40 Cyber Security is an Ecosystem Common Operating Picture Situational Awareness Patching servers vs changing firewalls Combined vulnerabilities are real Firewalls Logs, etc Vulnerability Scans Patch Mgmt/ Asset Mgmt

41 Aggregate/Correlate/Visualize We analyze vulnerability dependencies Calculates the impact of individual and combined vulnerabilities on overall security We show all possible attack paths into a network Transforms raw security data into a roadmap All known attack paths from attacker to target are succinctly depicted Supports both offensive (e.g., penetration testing) and defensive (e.g., network hardening) applications Strategic Proactively prepare for attacks, manage vulnerability risks, and have current situational awareness A response strategy can be more easily created.

42 Cauldron Components Host Vulnerability Data Firewall Data Access Rule Interpreter Access Rules Access Rules Vulnerability Modeler Network Topology Policy Modeler Network Model Network Model Analyzer/ Visualizer

43 Visualizing Just Firewall Policies visualizing back doors

44 Combining Dissimilar Data in a Proof of Concept Scans tell you one thing Subnet configurations support the scan information

45 Visualized Combined Data Sets

46 What the Access Control List really says Greater access than expected Outside the network

47 Visualizing/discovering high Outside the known network risks

48 The Role of Filtering Attack Graph Before Remediation

49 Focused on Risk Scores CVSS > 7 Remediated Attack Graph

50 Focused on Host Vulnerabilities Top 3 by Hosts Remediated Attack Graph

51 Focused on Connections Top 3 by Connections Remediated Attack Graph

52 Remediate By Host (Top 3) No remediation Remediate By Connection (Top 3) Remediate By CVSS (Top 15)

53 Visualizing Combined Vulnerabilities thru Multiple Firewalls Unique to Cauldron: Key Differentiator

54 Foundational Concepts Any network device is filtering data flow Network Device 1 Network Device j Subnet 1 Subnet k Devices can connect to other devices or to subnets Network Device Access List (Rules) Each network device has unique Access rules/policies

55 The Challenge Firewalls can be configured a variety of ways SN4 SN6 SN7 Example - Subnet 1 can reach Subnet 7 or 10 using a variety of paths but not directly SN1 SN2 SN3 ND 1 ND2 SN5 ND 3 SN8 ND 4 ND 5 SN9 SN10

56 Example: Supply chain management Partners to /25:0

57 Simple changes modeled can have significant impact Both firewalls: Partners to /25:80 only

58 DHS CAESARS Framework From Executive Summary These tools can provide current security status to network operations centers and security operations centers, but they typically do not support prioritized remediation actions and do not provide direct incentive for improvements in risk posture.

59 Cauldron Benefits Individual Firewalls can be reviewed faster Prioritized remediation plans Situational Awareness by programs, etc High priority assets are contextual Security elements become more granular More can be done with less

i Network, Inc Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time.

i Network, Inc Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time. Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time. 2 Barry Brueseke (619) 401 7334 www.inetwork west.com 4/3/2014 IEEE Cyber Security Workshop

More information

Remote PC Guide Series - Volume 1

Remote PC Guide Series - Volume 1 Introduction and Planning for Remote PC Implementation with NETLAB+ Document Version: 2016-02-01 What is a remote PC and how does it work with NETLAB+? This educational guide will introduce the concepts

More information

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects

More information

CyberNEXS Global Services

CyberNEXS Global Services CyberNEXS Global Services CYBERSECURITY A cyber training, exercising, competition and certification product for maximizing the cyber skills of your workforce The Cyber Network EXercise System CyberNEXS

More information

JOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI

JOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI JOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI Job oriented VMWARE training is offered by Peridot Systems in Chennai. Training in our institute gives you strong foundation on cloud computing by incrementing

More information

VMware vsphere: Install, Configure, Manage [V5.0]

VMware vsphere: Install, Configure, Manage [V5.0] VMware vsphere: Install, Configure, Manage [V5.0] Gain hands-on experience using VMware ESXi 5.0 and vcenter Server 5.0. In this hands-on, VMware -authorized course based on ESXi 5.0 and vcenter Server

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

Solutions as a Service N.Konstantinidis Technical Director - MNG

Solutions as a Service N.Konstantinidis Technical Director - MNG Med Nautilus Greece Connected World April 10, 2014 Solutions as a Service N.Konstantinidis Technical Director - MNG MedNautilus Greece Solutions as a Service 2014 SINCE 2002 Data Center Physical Colocation

More information

Vulnerability Management

Vulnerability Management Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other

More information

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««; Security N Environments '' J J H -. i ^ s j}! Dave Shackleford '**»* t i j i««; l:i in: John Wiley &. Sons, Inc. Contents Introduction.. : xix Chapter l Fundamentals of Virtualization Security Virtualization

More information

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION Table of Contents Executive Summary...3 Vulnerability Scanners Alone Are Not Enough...3 Real-Time Change Configuration Notification is the

More information

Implementing and Troubleshooting the Cisco Cloud Infrastructure **Part of CCNP Cloud Certification Track**

Implementing and Troubleshooting the Cisco Cloud Infrastructure **Part of CCNP Cloud Certification Track** Course: Duration: Price: $ 4,295.00 Learning Credits: 43 Certification: Implementing and Troubleshooting the Cisco Cloud Infrastructure Implementing and Troubleshooting the Cisco Cloud Infrastructure**Part

More information

Extreme Networks Security Analytics G2 Risk Manager

Extreme Networks Security Analytics G2 Risk Manager DATA SHEET Extreme Networks Security Analytics G2 Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance HIGHLIGHTS Visualize current and potential

More information

Cyber Security at NSU

Cyber Security at NSU Cyber Security at NSU Aurelia T. Williams, Ph.D. Chair, Department of Computer Science Associate Professor of Computer Science June 9, 2015 Background Undergraduate computer science degree program began

More information

IT Security and OT Security. Understanding the Challenges

IT Security and OT Security. Understanding the Challenges IT Security and OT Security Understanding the Challenges Security Maturity Evolution in Industrial Control 1950s 5/4/2012 # 2 Technology Sophistication Security Maturity Evolution in Industrial Control

More information

How to Create a Virtual Switch in VMware ESXi

How to Create a Virtual Switch in VMware ESXi How to Create a Virtual Switch in VMware ESXi I am not responsible for your actions or their outcomes, in any way, while reading and/or implementing this tutorial. I will not provide support for the information

More information

ICT Infrastructure & Network Management

ICT Infrastructure & Network Management Context ICT Infrastructure & Network Management Postgraduate Degree Programme Hogeschool-Universiteit Brussel 2014-2015 The HUB University College offers a wide range of postgraduate and other courses

More information

Networking Topology For Your System

Networking Topology For Your System This chapter describes the different networking topologies supported for this product, including the advantages and disadvantages of each. Select the one that best meets your needs and your network deployment.

More information

QUESTIONS & RESPONSES #2

QUESTIONS & RESPONSES #2 QUESTIONS & RESPONSES #2 RFP / TITLE 070076 IT Cybersecurity Assessment and Plan CONTACT Michael Keim, CPPB, Sr. Contract Adminstrator EMAIL procurement@portoftacoma.com PHONE NUMBER 253-428-8608 SUBMITTAL

More information

Information Security Attack Tree Modeling for Enhancing Student Learning

Information Security Attack Tree Modeling for Enhancing Student Learning Information Security Attack Tree Modeling for Enhancing Student Learning Jidé B. Odubiyi, Computer Science Department Bowie State University, Bowie, MD and Casey W. O Brien, Network Technology Department

More information

VMware vsphere-6.0 Administration Training

VMware vsphere-6.0 Administration Training VMware vsphere-6.0 Administration Training Course Course Duration : 20 Days Class Duration : 3 hours per day (Including LAB Practical) Classroom Fee = 20,000 INR Online / Fast-Track Fee = 25,000 INR Fast

More information

Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities

Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Sean Barnum sbarnum@mitre.org September 2011 Overview What is SCAP? Why SCAP?

More information

Cyber Security RFP Template

Cyber Security RFP Template About this document This RFP template was created to help IT security personnel make an informed decision when choosing a cyber security solution. In this template you will find categories for initial

More information

VMware vsphere: [V5.5] Admin Training

VMware vsphere: [V5.5] Admin Training VMware vsphere: [V5.5] Admin Training (Online Remote Live TRAINING) Summary Length Timings : Formats: Lab, Live Online : 5 Weeks, : Sat, Sun 10.00am PST, Wed 6pm PST Overview: This intensive, extended-hours

More information

Computer Network Engineering

Computer Network Engineering 226 Computer Network Engineering Computer Network Engineering Degrees, Certificates and Awards Associate in Science: Computer Network Engineering Certificate of Achievement: Computer Network Engineering

More information

IBM Security QRadar Risk Manager

IBM Security QRadar Risk Manager IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Collect network security device configuration data to

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

PHILADELPHIA GAS WORKS Information Security Assessment and Testing Services RFP#30198 Questions & Answers December 4, 2015

PHILADELPHIA GAS WORKS Information Security Assessment and Testing Services RFP#30198 Questions & Answers December 4, 2015 QUESTIONS ANSWERS Q1 What is the goal of testing? A1 We engage in this type of testing to promote our own best practices and ensure our security posture is as it should be. Q2 No of active IP s (internal):

More information

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs As a head of the campus network department in the Deanship of Information Technology at King Abdulaziz University for more

More information

vsphere Private Cloud RAZR s Edge Virtualization and Private Cloud Administration

vsphere Private Cloud RAZR s Edge Virtualization and Private Cloud Administration Course Details Level: 1 Course: V6PCRE Duration: 5 Days Language: English Delivery Methods Instructor Led Training Instructor Led Online Training Participants: Virtualization and Cloud Administrators,

More information

Lecture 02b Cloud Computing II

Lecture 02b Cloud Computing II Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,

More information

BlackRidge Technology Transport Access Control: Overview

BlackRidge Technology Transport Access Control: Overview 2011 BlackRidge Technology Transport Access Control: Overview 1 Introduction Enterprises and government agencies are under repeated cyber attack. Attacks range in scope from distributed denial of service

More information

End Your Data Center Logging Chaos with VMware vcenter Log Insight

End Your Data Center Logging Chaos with VMware vcenter Log Insight End Your Data Center Logging Chaos with VMware vcenter Log Insight By David Davis, vexpert WHITE PAPER Table of Contents Deploying vcenter Log Insight... 4 vcenter Log Insight Usage Model.... 5 How vcenter

More information

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)

More information

Vmware VSphere 6.0 Private Cloud Administration

Vmware VSphere 6.0 Private Cloud Administration To register or for more information call our office (208) 898-9036 or email register@leapfoxlearning.com Vmware VSphere 6.0 Private Cloud Administration Class Duration 5 Days Introduction This fast paced,

More information

Automating Network Security Assessment NW2011 BRKSEC-1065

Automating Network Security Assessment NW2011 BRKSEC-1065 Automating Network Security Assessment NW2011 BRKSEC-1065 What we will cover Traditional approach What s new: Automation Case study: Network modeling - Cisco s global infrastructure Case study: Defending

More information

CCNA DATA CENTER BOOT CAMP: DCICN + DCICT

CCNA DATA CENTER BOOT CAMP: DCICN + DCICT CCNA DATA CENTER BOOT CAMP: DCICN + DCICT COURSE OVERVIEW: In this accelerated course you will be introduced to the three primary technologies that are used in the Cisco data center. You will become familiar

More information

Intel Security Certified Product Specialist Security Information Event Management (SIEM)

Intel Security Certified Product Specialist Security Information Event Management (SIEM) Intel Security Certified Product Specialist Security Information Event Management (SIEM) Why Get Intel Security Certified? As technology and security threats continue to evolve, organizations are looking

More information

IBM. Vulnerability scanning and best practices

IBM. Vulnerability scanning and best practices IBM Vulnerability scanning and best practices ii Vulnerability scanning and best practices Contents Vulnerability scanning strategy and best practices.............. 1 Scan types............... 2 Scan duration

More information

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1 Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3

More information

IT Convergence Solutions from Dell More choice, better outcomes. Mathias Ohlsén

IT Convergence Solutions from Dell More choice, better outcomes. Mathias Ohlsén IT Convergence Solutions from Dell More choice, better outcomes Mathias Ohlsén What is really converge all about? Converge From Latin convergere, from con-, "together", + vergere, "to bend". Verb (third-person

More information

Lab Testing Summary Report

Lab Testing Summary Report Lab Testing Summary Report February 2007 Report 070228 Product Category: SMB IP-PBX Vendor Tested: Cisco Systems Product Tested: Cisco Unified Communications 500 Series Key findings and conclusions: Complete

More information

IBM Security QRadar Risk Manager

IBM Security QRadar Risk Manager IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Visualize current and potential network traffic patterns

More information

The Risks that Pen Tests don t Find. OWASP 13 April 2012. The OWASP Foundation http://www.owasp.org

The Risks that Pen Tests don t Find. OWASP 13 April 2012. The OWASP Foundation http://www.owasp.org The Risks that Pen Tests don t Find 13 April 2012 Gary Gaskell Infosec Services gaskell@infosecservices.com 0438 603 307 Copyright The Foundation Permission is granted to copy, distribute and/or modify

More information

IP Telephony Management

IP Telephony Management IP Telephony Management How Cisco IT Manages Global IP Telephony A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge Design, implement, and maintain a highly available, reliable, and resilient

More information

VMware vsphere Design. 2nd Edition

VMware vsphere Design. 2nd Edition Brochure More information from http://www.researchandmarkets.com/reports/2330623/ VMware vsphere Design. 2nd Edition Description: Achieve the performance, scalability, and ROI your business needs What

More information

Dell Wyse Datacenter for Virtual Labs with Citrix XenDesktop

Dell Wyse Datacenter for Virtual Labs with Citrix XenDesktop Dell Wyse Datacenter for Virtual Labs with Citrix XenDesktop A secure, robust, and cost-effective way for higher education institutions to stay on the technological cutting edge. Higher education institutions

More information

VMware vshield App Design Guide TECHNICAL WHITE PAPER

VMware vshield App Design Guide TECHNICAL WHITE PAPER ware vshield App Design Guide TECHNICAL WHITE PAPER ware vshield App Design Guide Overview ware vshield App is one of the security products in the ware vshield family that provides protection to applications

More information

Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro)

Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro) Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro) NICE Conference 2014 CYBERSECURITY RESILIENCE A THREE TIERED SOLUTION NIST Framework for Improving Critical Infrastructure Cybersecurity

More information

Metrics Suite for Enterprise-Level Attack Graph Analysis

Metrics Suite for Enterprise-Level Attack Graph Analysis Metrics Suite for Enterprise-Level Attack Graph Analysis Cyber Security Division 2012 Principal Investigators Meeting October 11, 2012 Sushil Jajodia (PI), Steven Noel (co-pi) Metrics Suite for Enterprise-Level

More information

WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK

WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK DATE OF RELEASE: 27 th July 2012 Table of Contents 1. Introduction... 2 2. Need for securing Telecom Networks... 3 3. Security Assessment Techniques...

More information

Virtualization with VMware ESX and VirtualCenter SMB to Enterprise

Virtualization with VMware ESX and VirtualCenter SMB to Enterprise Virtualization with VMware ESX and VirtualCenter SMB to Enterprise Course VM-03 5 Days Instructor-led, Hands-on Course Description This is a 5-day intense introduction to virtualization using VMware s

More information

Critical Controls for Cyber Security. www.infogistic.com

Critical Controls for Cyber Security. www.infogistic.com Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability

More information

State of Texas. TEX-AN Next Generation. NNI Plan

State of Texas. TEX-AN Next Generation. NNI Plan State of Texas TEX-AN Next Generation NNI Plan Table of Contents 1. INTRODUCTION... 1 1.1. Purpose... 1 2. NNI APPROACH... 2 2.1. Proposed Interconnection Capacity... 2 2.2. Collocation Equipment Requirements...

More information

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur Demystifying Penetration Testing for the Enterprise Presented by Pravesh Gaonjur Pravesh Gaonjur Founder and Executive Director of TYLERS Information Security Consultant Certified Ethical Hacker (CEHv8Beta)

More information

Overview. Firewall Security. Perimeter Security Devices. Routers

Overview. Firewall Security. Perimeter Security Devices. Routers Overview Firewall Security Chapter 8 Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security

More information

365 Evans Suite 300 Toronto, Ontario M8Z 1K2 Phone: Fax:

365 Evans Suite 300 Toronto, Ontario M8Z 1K2 Phone: Fax: Course: Virtualization with VMware ESX and VirtualCenter Description: Price: $2,895.00 Category: VMware Duration: 5 days Schedule: Request Dates Outline: This class is a 5-day (optional 4-day) intense

More information

- Brazoria County on coast the north west edge gulf, population of 330,242

- Brazoria County on coast the north west edge gulf, population of 330,242 TAGITM Presentation April 30 th 2:00 3:00 slot 50 minutes lecture 10 minutes Q&A responses History/Network core upgrade Session Outline of how Brazoria County implemented a virtualized platform with a

More information

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) CONTENT Introduction 2 Overview of Continuous Diagnostics & Mitigation (CDM) 2 CDM Requirements 2 1. Hardware Asset Management 3 2. Software

More information

Things I can do to protect my network from getting Hacked!!!!!! Jazib Frahim, Technical Leader

Things I can do to protect my network from getting Hacked!!!!!! Jazib Frahim, Technical Leader Things I can do to protect my network from getting Hacked!!!!!! Jazib Frahim, Technical Leader Cisco Support Community Expert Series Webcast Today s featured expert is Cisco Technical Leader Ask him questions

More information

CompTIA Cloud+ Course Content. Length: 5 Days. Who Should Attend:

CompTIA Cloud+ Course Content. Length: 5 Days. Who Should Attend: CompTIA Cloud+ Length: 5 Days Who Should Attend: Project manager, cloud computing services Cloud engineer Manager, data center SAN Business analyst, cloud computing Summary: The CompTIA Cloud+ certification

More information

Palo Alto Networks AAC Lab Creation Guidelines v1.0

Palo Alto Networks AAC Lab Creation Guidelines v1.0 Palo Alto Networks AAC Lab Creation Guidelines v1.0 Contact Information Corporate Headquarters: Palo Alto Networks 3300 Olcott Street Santa Clara, CA 95054 http://www.paloaltonetworks.com/ About this Guide

More information

IBM Endpoint Manager Product Introduction and Overview

IBM Endpoint Manager Product Introduction and Overview IBM Endpoint Manager Product Introduction and Overview David Harsent Technical Specialist Unified Endpoint IBM Endpoint Manager and IBM MobileFirst Protect (MaaS360) Any device. Identify and respond to

More information

Understanding Cisco Cloud Fundamentals CLDFND v1.0; 5 Days; Instructor-led

Understanding Cisco Cloud Fundamentals CLDFND v1.0; 5 Days; Instructor-led Understanding Cisco Cloud Fundamentals CLDFND v1.0; 5 Days; Instructor-led Course Description Understanding Cisco Cloud Fundamentals (CLDFND) v1.0 is a five-day instructor-led training course that is designed

More information

Pivot3 Reference Architecture for VMware View Version 1.03

Pivot3 Reference Architecture for VMware View Version 1.03 Pivot3 Reference Architecture for VMware View Version 1.03 January 2012 Table of Contents Test and Document History... 2 Test Goals... 3 Reference Architecture Design... 4 Design Overview... 4 The Pivot3

More information

Performance characterization report for Microsoft Hyper-V R2 on HP StorageWorks P4500 SAN storage

Performance characterization report for Microsoft Hyper-V R2 on HP StorageWorks P4500 SAN storage Performance characterization report for Microsoft Hyper-V R2 on HP StorageWorks P4500 SAN storage Technical white paper Table of contents Executive summary... 2 Introduction... 2 Test methodology... 3

More information

ACME Enterprises IT Infrastructure Assessment

ACME Enterprises IT Infrastructure Assessment Prepared for ACME Enterprises March 25, 2014 Table of Contents Executive Summary...2 Introduction...2 Background...2 Scope of IT Assessment...2 Findings...2 Detailed Findings for Key Areas Reviewed...3

More information

Secure Cloud-Ready Data Centers Juniper Networks

Secure Cloud-Ready Data Centers Juniper Networks Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security

More information

VM-Series Firewall Deployment Tech Note PAN-OS 5.0

VM-Series Firewall Deployment Tech Note PAN-OS 5.0 VM-Series Firewall Deployment Tech Note PAN-OS 5.0 Revision A 2012, Palo Alto Networks, Inc. www.paloaltonetworks.com Contents Overview... 3 Supported Topologies... 3 Prerequisites... 4 Licensing... 5

More information

New Era in Cyber Security. Technology Development

New Era in Cyber Security. Technology Development New Era in Cyber New Era in Cyber Security Security Technology Technology Development Development Combining the Power of the Oil and Gas Industry, DHS, and the Vendor Community to Combat Cyber Security

More information

iscsi Top Ten Top Ten reasons to use Emulex OneConnect iscsi adapters

iscsi Top Ten Top Ten reasons to use Emulex OneConnect iscsi adapters W h i t e p a p e r Top Ten reasons to use Emulex OneConnect iscsi adapters Internet Small Computer System Interface (iscsi) storage has typically been viewed as a good option for small and medium sized

More information

ESXi Configuration Guide

ESXi Configuration Guide ESXi 4.1 vcenter Server 4.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions

More information

PND at a glance: The World s Premier Online Practical Network Defense course. Self-paced, online, flexible access

PND at a glance: The World s Premier Online Practical Network Defense course. Self-paced, online, flexible access The World s Premier Online Practical Network Defense course PND at a glance: Self-paced, online, flexible access 1500+ interactive slides (PDF, HTML5 and Flash) 7+ hours of video material 10 virtual labs

More information

The Protection Mission a constant endeavor

The Protection Mission a constant endeavor a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring

More information

How To Understand and Configure Your Network for IntraVUE

How To Understand and Configure Your Network for IntraVUE How To Understand and Configure Your Network for IntraVUE Summary This document attempts to standardize the methods used to configure Intrauve in situations where there is little or no understanding of

More information

Looking at the SANS 20 Critical Security Controls

Looking at the SANS 20 Critical Security Controls Looking at the SANS 20 Critical Security Controls Mapping the SANS 20 to NIST 800-53 to ISO 27002 by Brad C. Johnson The SANS 20 Overview SANS has created the 20 Critical Security Controls as a way of

More information

VMware vcloud Air Security TECHNICAL WHITE PAPER

VMware vcloud Air Security TECHNICAL WHITE PAPER TECHNICAL WHITE PAPER The Shared Security Model for vcloud Air The end-to-end security of VMware vcloud Air (the Service ) is shared between VMware and the customer. VMware provides security for the aspects

More information

VMware vsphere: Fast Track [V5.0]

VMware vsphere: Fast Track [V5.0] VMware vsphere: Fast Track [V5.0] Experience the ultimate in vsphere 5 skills-building and VCP exam-preparation training. In this intensive, extended-hours course, you will focus on installing, configuring,

More information

The Open Cyber Challenge Platform *

The Open Cyber Challenge Platform * The Open Cyber Challenge Platform * Jacob Fonseca, Kevin Bryan, Lisa DiPippo, Victor Fay-Wolfe * Supported By The U.S. National Science Foundation grants: Federal Cyber Service Scholarship For Service

More information

ANZA Formación en Tecnologías Avanzadas

ANZA Formación en Tecnologías Avanzadas Temario INTRODUCING CISCO DATA CENTER TECHNOLOGIES (DCICT) DCICT is the 2nd of the introductory courses required for students looking to achieve the Cisco Certified Network Associate certification. This

More information

Cisco Network Switches Juniper Firewall Clusters

Cisco Network Switches Juniper Firewall Clusters Cisco Network Switches Juniper Firewall Clusters Cisco Network Infrastructure Cisco Network Infrastructure Core Network Consists of 4 Cisco 4506 switches 10 Gig E Fiber Optic Connections between switches

More information

Overview Commitment to Energy and Utilities Robert Held Sr. Systems Engineer Strategic Energy August 2015

Overview Commitment to Energy and Utilities Robert Held Sr. Systems Engineer Strategic Energy August 2015 Overview Commitment to Energy and Utilities Robert Held Sr. Systems Engineer Strategic Energy August 2015 Tripwire Evolution 18+ Years of Innovation 1997 Tripwire File System Monitoring from open source

More information

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT ADDING NETWORK INTELLIGENCE INTRODUCTION Vulnerability management is crucial to network security. Not only are known vulnerabilities propagating dramatically, but so is their severity and complexity. Organizations

More information

CON9488 The Enterprise Cloud Simplified with Oracle VM

CON9488 The Enterprise Cloud Simplified with Oracle VM CON9488 The Enterprise Cloud Simplified with Oracle VM Andy Herm, Senior Architect, Cloud Infrastructure, Oracle Conor Wentz, Senior Architect, Cloud Infrastructure, Oracle Honglin Su, Sr. Director of

More information

Huawei Terminal Security Management Solution Create Enterprise Intranet Security

Huawei Terminal Security Management Solution Create Enterprise Intranet Security Huawei Terminal Security Management Solution Create Enterprise Intranet Security Terminal Security Management Solution 01 Introduction According to the third-party agencies such as the Computer Security

More information

PCI-DSS Penetration Testing

PCI-DSS Penetration Testing PCI-DSS Penetration Testing Adam Goslin, Co-Founder High Bit Security May 10, 2011 About High Bit Security High Bit helps companies obtain or maintain their PCI compliance (Level 1 through Level 4 compliance)

More information

CompTIA Cloud+ 9318; 5 Days, Instructor-led

CompTIA Cloud+ 9318; 5 Days, Instructor-led CompTIA Cloud+ 9318; 5 Days, Instructor-led Course Description The CompTIA Cloud+ certification validates the knowledge and best practices required of IT practitioners working in cloud computing environments,

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

Virtualization and Cloud: Orchestration, Automation, and Security Gaps

Virtualization and Cloud: Orchestration, Automation, and Security Gaps Virtualization and Cloud: Orchestration, Automation, and Security Gaps SESSION ID: CSV-R02 Dave Shackleford Founder & Principal Consultant Voodoo Security @daveshackleford Introduction Private cloud implementations

More information

Fundamentals of a Windows Server Infrastructure Course 10967A; 5 Days, Instructor-led

Fundamentals of a Windows Server Infrastructure Course 10967A; 5 Days, Instructor-led Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc Fundamentals of a Windows Server Infrastructure Course 10967A; 5 Days, Instructor-led

More information

Virtual Desktop Infrastructure (VDI) made Easy

Virtual Desktop Infrastructure (VDI) made Easy Virtual Desktop Infrastructure (VDI) made Easy HOW-TO Preface: Desktop virtualization can increase the effectiveness of information technology (IT) teams by simplifying how they configure and deploy endpoint

More information

Table of Contents...2 Introduction...3 Mission of IT...3 Primary Service Delivery Objectives...3 Availability of Systems... 3. Improve Processes...

Table of Contents...2 Introduction...3 Mission of IT...3 Primary Service Delivery Objectives...3 Availability of Systems... 3. Improve Processes... Table of Contents Table of Contents...2 Introduction...3 Mission of IT...3 Primary Service Delivery Objectives...3 Availability of Systems... 3 Improve Processes... 3 Innovation... 4 IT Planning & Alignment

More information

vsphere Networking ESXi 5.0 vcenter Server 5.0 EN-000599-01

vsphere Networking ESXi 5.0 vcenter Server 5.0 EN-000599-01 ESXi 5.0 vcenter Server 5.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions

More information

vshield Quick Start Guide vshield Manager 4.1 vshield Edge 1.0 vshield App 1.0 vshield Endpoint 1.0

vshield Quick Start Guide vshield Manager 4.1 vshield Edge 1.0 vshield App 1.0 vshield Endpoint 1.0 vshield Manager 4.1 vshield Edge 1.0 vshield App 1.0 vshield Endpoint 1.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

Server virtualization overview

Server virtualization overview overview Virtualization within the IT environment helps you make more efficient use of existing software and hardware resources. You can use popular virtualization software to create VMs (virtual machines)

More information

Learn the Essentials of Virtualization Security

Learn the Essentials of Virtualization Security Learn the Essentials of Virtualization Security by Dave Shackleford by Dave Shackleford This paper is the first in a series about the essential security issues arising from virtualization and the adoption

More information

Lab 8.4.2 Configuring Access Policies and DMZ Settings

Lab 8.4.2 Configuring Access Policies and DMZ Settings Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set

More information

David.Balka@chi.frb.org 2009 STREAM FRBC

David.Balka@chi.frb.org 2009 STREAM FRBC Virtualization ti Dave Balka David.Balka@chi.frb.org Examination Elements Architecture Management Processes Integrity Availability Security 2 Datacenter Consolidation 3 What is Virtualization A framework

More information