Jeff Shockley Roche Diagnostics

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Jeff Shockley Roche Diagnostics"

Transcription

1 Understanding a Networked Laboratory Jeff Shockley Roche Diagnostics 17 May 2011 page Roche

2 Understanding a Networked Laboratory Objectives Understand the key functional benefits realized by a networked laboratory Understand the B2B Gateway implementation that allowed WAMC to achieve these benefits Understand how to implement the B2B Gateway in your laboratory 17 May 2011 page Roche

3 Understanding a Networked Laboratory History Roche sells the cobas product line with features that require remote connectivity to Roche, such as automatic download. Remote connectivity for previous installations of Roche Hitachi analyzers was more of a nice to have rather than a requirement for effective operation. In DoD network, medical devices are treated like any other IT system with requirements for patching, anti-virus protection and security hardening or appropriate risk mitigation. 17 May 2011 page Roche

4 Understanding a Networked Laboratory Benefits Remote Help Desk Session Screen sharing from Roche workstation to instrument Attended session usually in response to user s reported problems Allows Roche to remotely take control of instrument to perform troubleshooting, calibrations, diagnostic procedures, and performance monitoring resulting in the potential for quicker resolution of issues. Data download for e-library Download of instrument parameters, chemistry lot data of reagent / calibrators / controls Download of software patches / upgrades Download of Human Readable Data (electronic Package Insert) Data upload for monitoring On-line Monitoring of Instruments Performance Evaluation Data Delivery to Instruments (e.g. test application setups) 17 May 2011 page Roche

5 Understanding a Networked Laboratory B2B Gateway Overview Provides authorized MHS Business Partners secure access to DoD Network Connects MHS information systems on Defense Information System Network (DISN) infrastructure and MHS Business Partners on commercial infrastructure in support of DoD healthcare mission Complies with DISN policy Provides support for non-web based applications Supports secure e-commerce for client/server and system-to-system interfaces Enterprise solution Not intended to provide a Secure Remote Access solution for individuals 17 May 2011 page Roche

6 Understanding a Networked Laboratory B2B Gateway Overview MHS Business Partner DISA MCiS VPN Team.Mil Location Montgomery/Columbus ` Procurement of VPN and Internet Service Provider. Manages their LAN Manages VPNs at MHS Business Partner location, DISA DECC Montgomery and Columbus Manages MHS VPN domain. VPNs between DISA Columbus and the.mil location Manages their LAN 17 May 2011 page Roche

7 Understanding a Networked Laboratory B2B Gateway - Security Features Controlled access to the Non-classified Internet Protocol Router Network (NIPRNet) Encryption Triple Data Encryption Standard (3DES) Internet Protocol Security (IPSec) VPN Contractor site to gateway Gateway to DoD destination Traffic/transaction inspection Address translation simplifies DoD traffic filtering User authentication to the Gateway Audit capability 17 May 2011 page Roche

8 B2B Gateway Implementation Roche teams with Womack Army Medical Center to become first IVD manufacturer approved for remote network connectivity with DoD via B2B Gateway. The B2B approval process is quite rigorous because of our strict security protocols, but the benefits are well worth the effort. Having remote access to the analyzers will enable Roche to identify and resolve potential issues faster, and for us it will eliminate the need for a lot of our manual data entry, which can help us save time and reduce the potential for error. - LTC Linda Guthrie, Former WAMC laboratory manager 17 May 2011 page Roche

9 B2B Gateway Implementation Stakeholders - DoD TMA Falls Church Joint Medical Information Systems Program Office (JMIS) Defense Health Information Management System Defense Health Services Systems (DHSS) Military Health System Cyberinfrastructure Services (MCiS) -Formerly Tri-Service Infrastructure Management Program Office (TIMPO) Information Assurance (IA) Program Office Military Medical Departments/MTF Defense Information System Agency (DISA) Commercial Partners i.e. Roche 17 May 2011 page Roche

10 B2B Gateway Implementation Stakeholders Vendor perspective Strong Gov t Sponsor Commitment Strong Vendor Commitment Project Management Application Engineers Network Administration Security Management Legal Human Resources Instrumentation SMEs Call Center / Service 17 May 2011 page Roche

11 B2B Gateway Implementation High Level Requirements B2B Gateway Questionnaire Approved by DISA / MCiS 17 May 2011 page Roche

12 B2B Gateway Implementation Contract / SOW Fairly Straightforward Contractor responsible for their VPN Hardware & ISP access Background Checks for all resources accessing systems 17 May 2011 page Roche

13 B2B Gateway Implementation CON / DIACAP Sub-requirement for B2B Gateway Requirement may be different per site or branch CON vs DIACAP Proposed Mitigations SME Analysis (ports, protocols, restrictions) 17 May 2011 page Roche

14 B2B Gateway Implementation Vendor Personnel Security Process Establish POC in Security Office Business Partner (BP) employee completes DD85P (Works directly with security office) BP employee provides finger prints to security officer on DoD supplied cards / IA Training Certificate Security officer submits package to OPM BP employee completes DD2875 System Authorization Access Request (SAAR) Annual Information Assurance Training (Recurring) 17 May 2011 page Roche

15 B2B Gateway Implementation Vendor Personnel Security - Considerations Phased / Batch Approach US Citizens vs. non-us Citizens Annual Security Awareness Training 17 May 2011 page Roche

16 B2B Gateway Implementation Overall Process 1. B2B Kickoff 2. Vendor completes B2B Questionnaire Submitted to WAMC System Performance Requirements VPN Implementation form Network Infrastructure diagrams Vendor IP adresses / port usage CON/DIACAP & Vendor Security (in parallel) 3. WAMC reviews/updates B2B Questionnaire Submitted to MCiS POC Information Local IP Addresses 4. VPN Device Procured & Shipped to DISA for configuration 5. VPN Device Returned & Installed 6. Front-end Connectivity Testing (Between DISA and Roche) 7. End-to-End Testing (brings MTF into testing) 8. Site Live 12/15/ May 2011 page Roche

17 B2B Gateway Implementation Going Forward Setting the Foundation Contract modification (may be required at each site) CON / DIACAP (may be required at each site) Vendor Personnel Security (typically no changes/ possible adds) B2B Gateway Documentation (minor modifications) IP addresses change to new site.mil POC information updated Government sponsor name update 17 May 2011 page Roche

18 MCiS Point of Contact Christopher McDonald KSJ & Associates, Contractor Program Management Support Military Health System Cyberinfrastructure Services (MCiS) 5205 Leesburg Pike, Suite 1301 Falls Church, VA Fax: x May 2011 page Roche

19 Questions?

20 Thank you for your attention. Roche Diagnostics 9115 Hague Rd Indianapolis, IN USA COBAS and LIFE NEEDS ANSWERS are trademarks of Roche This presentation is our intellectual property. Without our written consent, it shall neither be copied in any manner, nor used for manufacturing, nor communicated to third parties. 17 May 2011 page Roche

Network Services Internet VPN

Network Services Internet VPN Contents 1. 2. Network Services Customer Responsibilities 3. Network Services General 4. Service Management Boundary 5. Defined Terms Network Services Where the Customer selects as detailed in the Order

More information

SAN MATEO COUNTY OFFICE OF EDUCATION

SAN MATEO COUNTY OFFICE OF EDUCATION SAN MATEO COUNTY OFFICE OF EDUCATION CLASS TITLE: NETWORK ENGINEER BASIC FUNCTION: Under the direction of the Manager, Network Services, perform a variety of highly complex and specialized activities involved

More information

Ports, Protocols, and Services Management (PPSM)

Ports, Protocols, and Services Management (PPSM) Defense Information Systems Agency A Combat Support Agency Ports, Protocols, and Services Management (PPSM) PPSM, Project Manager 29 July 2010 NSC Org Chart DSAWG Dennis Ruth, Chair NSCA Connection Approval

More information

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions Find your network example: 1. Basic network with and 2 WAN lines - click here 2. Add a web server to the LAN - click here 3. Add a web,

More information

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview Configuration Guide How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall Overview This document describes how to implement IPSec with pre-shared secrets establishing

More information

Linking 2 Sites Together Using VPN How To

Linking 2 Sites Together Using VPN How To ewon Application User Guide AUG 015 / Rev 1.0 You Select, We Connect Linking 2 Sites Together Using VPN How To Content The purpose of this document is to explain you how to connect 2 remote equipments

More information

Secure Network Design: Designing a DMZ & VPN

Secure Network Design: Designing a DMZ & VPN Secure Network Design: Designing a DMZ & VPN DMZ : VPN : pet.ece.iisc.ernet.in/chetan/.../vpn- PPTfinal.PPT 1 IT352 Network Security Najwa AlGhamdi Introduction DMZ stands for DeMilitarized Zone. A network

More information

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams

More information

WAN Failover Scenarios Using Digi Wireless WAN Routers

WAN Failover Scenarios Using Digi Wireless WAN Routers WAN Failover Scenarios Using Digi Wireless WAN Routers This document discusses several methods for using a Digi wireless WAN gateway to provide WAN failover for IP connections in conjunction with another

More information

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall? What is a Firewall? Computer Security Firewalls fire wall 1 : a wall constructed to prevent the spread of fire 2 usually firewall : a computer or computer software that prevents unauthorized access to

More information

Virtual Private Cloud-as-a-Service: Extend Enterprise Security Policies to Public Clouds

Virtual Private Cloud-as-a-Service: Extend Enterprise Security Policies to Public Clouds What You Will Learn Public sector organizations without the budget to build a private cloud can consider public cloud services. The drawback until now has been tenants limited ability to implement their

More information

VPN Quick Configuration Guide. Astaro Security Gateway V8

VPN Quick Configuration Guide. Astaro Security Gateway V8 VPN Quick Configuration Guide Astaro Security Gateway V8 2010 equinux AG and equinux USA, Inc. All rights reserved. Under copyright law, this configuration guide may not be copied, in whole or in part,

More information

Virtual Private Networks (VPN) Connectivity and Management Policy

Virtual Private Networks (VPN) Connectivity and Management Policy Connectivity and Management Policy VPN Policy for Connectivity into the State of Idaho s Wide Area Network (WAN) 02 September 2005, v1.9 (Previous revision: 14 December, v1.8) Applicability: All VPN connections

More information

Based on the VoIP Example 1(Basic Configuration and Registration), we will introduce how to dial the VoIP call through an encrypted VPN tunnel.

Based on the VoIP Example 1(Basic Configuration and Registration), we will introduce how to dial the VoIP call through an encrypted VPN tunnel. 30. VoIP Example 3 (VoIP over VPN) Based on the VoIP Example 1(Basic Configuration and Registration), we will introduce how to dial the VoIP call through an encrypted VPN tunnel. In this example 3300V

More information

Small Business Server Part 2

Small Business Server Part 2 Small Business Server Part 2 Presented by : Robert Crane BE MBA MCP director@ciaops.com Computer Information Agency http://www.ciaops.com Agenda Week 1 What is SBS / Setup Week 2 Using & configuring SBS

More information

LAB FORWARD. WITH PROService RMS TECHNOLOGY, ARCHITECTURE AND SECURITY INFORMATION FOR IT PROFESSIONALS

LAB FORWARD. WITH PROService RMS TECHNOLOGY, ARCHITECTURE AND SECURITY INFORMATION FOR IT PROFESSIONALS LAB FORWARD WITH PROService RMS TECHNOLOGY, ARCHITECTURE AND SECURITY INFORMATION FOR IT PROFESSIONALS Medical diagnostics are a vital part of the modern healthcare system, and instrument uptime is critical

More information

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS

More information

WATCHGUARD FIREBOX SOHO 6TC AND SOHO 6

WATCHGUARD FIREBOX SOHO 6TC AND SOHO 6 WATCHGUARD FIREBOX SOHO 6TC AND SOHO 6 FIREWALL AND VPN APPLIANCES FOR SMALL BUSINESSES AND BRANCH OFFICES Today, complete Internet security goes beyond a firewall. Firebox SOHO 6tc and SOHO 6 are dedicated

More information

Howto: How to configure static port mapping in the corporate router/firewall for Panda GateDefender Integra VPN networks

Howto: How to configure static port mapping in the corporate router/firewall for Panda GateDefender Integra VPN networks Howto: How to configure static port mapping in the corporate router/firewall for Panda GateDefender Integra VPN networks How-to guides for configuring VPNs with GateDefender Integra Panda Security wants

More information

Configuring a VPN for Dynamic IP Address Connections

Configuring a VPN for Dynamic IP Address Connections Configuring a VPN for Dynamic IP Address Connections Summary A Virtual Private Network (VPN) is a virtual private network that interconnects remote (and often geographically separate) networks through

More information

LAB FORWARD. WITH PROService REMOTE SERVICE APPLICATION. Frequently Asked Questions

LAB FORWARD. WITH PROService REMOTE SERVICE APPLICATION. Frequently Asked Questions LAB FORWARD WITH PROService REMOTE SERVICE APPLICATION Frequently Asked Questions MORE WAYS TO INCREASE UPTIME AND IMPROVE PRODUCTIVITY. GENERAL INFORMATION Q: What is PROService? A: PROService is Beckman

More information

Fireware Essentials Exam Study Guide

Fireware Essentials Exam Study Guide Fireware Essentials Exam Study Guide The Fireware Essentials exam tests your knowledge of how to configure, manage, and monitor a WatchGuard Firebox that runs Fireware OS. This exam is appropriate for

More information

GPRS and 3G Services: Connectivity Options

GPRS and 3G Services: Connectivity Options GPRS and 3G Services: Connectivity Options An O2 White Paper Contents Page No. 3-4 5-7 5 6 7 7 8-10 8 10 11-12 11 12 13 14 15 15 15 16 17 Chapter No. 1. Executive Summary 2. Bearer Service 2.1. Overview

More information

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? SaaS vs. COTS Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? Unlike COTS solutions, SIMCO s CERDAAC is software that is offered as a service (SaaS). This offers several

More information

L2F Case Study Overview

L2F Case Study Overview LF Case Study Overview Introduction This case study describes how one Internet service provider (ISP) plans, designs, and implements an access virtual private network (VPN) by using Layer Forwarding (LF)

More information

IBM Implementation Services for Power Systems IBM Systems Director

IBM Implementation Services for Power Systems IBM Systems Director Sample Statement of Work for Services This an example and your Statement of Work may vary given your specific requirements and the related IBM engagement. IBM Implementation Services for Power Systems

More information

Remote Connectivity for mysap.com Solutions over the Internet Technical Specification

Remote Connectivity for mysap.com Solutions over the Internet Technical Specification Remote Connectivity for mysap.com Solutions over the Technical Specification June 2009 Remote Connectivity for mysap.com Solutions over the page 2 1 Introduction SAP has embarked on a project to enable

More information

WINXP VPN to ZyWALL Tunneling

WINXP VPN to ZyWALL Tunneling WINXP VPN to ZyWALL Tunneling 1. Setup WINXP VPN 2. Setup ZyWALL VPN This page guides us to setup a VPN connection between the WINXP VPN software and ZyWALL router. There will be several devices we need

More information

REQUEST FOR PROPOSAL

REQUEST FOR PROPOSAL REQUEST FOR PROPOSAL Internet Service Provider For Montgomery County Library & Information Network Consortium (MCLINC) 301 Fayette Street, 2 nd floor Conshohocken, PA 19428 610-238-0580 Issued: November

More information

ADDENDUM 9 TO APPENDIX 8 TO SCHEDULE 3.3 TO THE

ADDENDUM 9 TO APPENDIX 8 TO SCHEDULE 3.3 TO THE ADDENDUM 9 TO APPENDIX 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT 1 1 OVERVIEW Managed Network Services may be provided for customers requiring WAN bandwidth with Managed Router or

More information

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc. Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim

More information

Recommended IP Telephony Architecture

Recommended IP Telephony Architecture Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings

More information

Direct VPN Connection Using the 2nd Ethernet Port

Direct VPN Connection Using the 2nd Ethernet Port ewon Application User Guide AUG 020 / Rev 1.1 Content Direct VPN Connection Using the 2nd Ethernet Port This guide explains how to configure the ewon to act as a VPN-server on its second Ethernet interface

More information

ICTTEN5204A Produce technical solutions from business specifications

ICTTEN5204A Produce technical solutions from business specifications ICTTEN5204A Produce technical solutions from business specifications Release: 1 ICTTEN5204A Produce technical solutions from business specifications Modification History Not Applicable Unit Descriptor

More information

Remote Access Procedure. e-governance

Remote Access Procedure. e-governance for e-governance Draft DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S/L Type of Information Document

More information

Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300

Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300 Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300 This example explains how to configure pre-shared key based simple IPSec tunnel between NetScreen Remote Client and RN300 VPN Gateway.

More information

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure Question Number (ID) : 1 (jaamsp_mngnwi-025) Lisa would like to configure five of her 15 Web servers, which are running Microsoft Windows Server 2003, Web Edition, to always receive specific IP addresses

More information

State of Wisconsin. Virtual Private Network (VPN) Service Offering Definition (SOD)

State of Wisconsin. Virtual Private Network (VPN) Service Offering Definition (SOD) State of Wisconsin Virtual Private Network (VPN) Service Offering Definition (SOD) Document Revision History Date Version Creator Notes 9/15/11 1.5 Amy Dustin Annual review minor edits Table of Contents

More information

APPENDIX 8 TO SCHEDULE 3.3

APPENDIX 8 TO SCHEDULE 3.3 EHIBIT Q to Amendment No. 60 - APPENDI 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT APPENDI 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT EHIBIT Q to Amendment No.

More information

Service Descriptions

Service Descriptions Mainframe Application Hosting/Central Processing Unit (CPU) Rate: $1,044.00 per hour (Based on normalization to an IBM 2064-116 model rated at 8,117.7067 SUs per second) The DTS provides software application

More information

March 2012 www.tufin.com

March 2012 www.tufin.com SecureTrack Supporting Compliance with PCI DSS 2.0 March 2012 www.tufin.com Table of Contents Introduction... 3 The Importance of Network Security Operations... 3 Supporting PCI DSS with Automated Solutions...

More information

Ancero Backup & Disaster Recovery (BDR) Service Guide

Ancero Backup & Disaster Recovery (BDR) Service Guide Ancero Backup & Disaster Recovery (BDR) Service Guide Contents Service Overview... 3 Ancero Backup and Disaster Recovery... 3 Hardware Warranty... 3 Warranty Exclusions and Limitations... 3 Extended Hardware

More information

REMOTE ACCESS VPN NETWORK DIAGRAM

REMOTE ACCESS VPN NETWORK DIAGRAM REMOTE ACCESS VPN NETWORK DIAGRAM HQ ASA Firewall As Remote Access VPN Server Workgroup Switch HQ-ASA Fa0/1 111.111.111.111 Fa0/0 172.16.50.1 172.16.50.10 IPSEC Tunnel Unsecured Network ADSL Router Dynamic

More information

Implementing, Managing and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services Course No.

Implementing, Managing and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services Course No. COURSE OVERVIEW This five-day instructor-led course provides students with the knowledge and skills to implement and manage a Microsoft Windows Server 2003 network The course is intended for systems administrator

More information

What is Firewall? A system designed to prevent unauthorized access to or from a private network.

What is Firewall? A system designed to prevent unauthorized access to or from a private network. What is Firewall? A system designed to prevent unauthorized access to or from a private network. What is Firewall? (cont d) Firewall is a set of related programs, located at a network gateway server. Firewalls

More information

A Combat Support Agency

A Combat Support Agency Department t of Defense (DoD DoD) Enterprise Email May 9, 2012 v2 Agenda Purpose: Create awareness of Department of Defense (DoD) Enterprise Email and increase AGENDA understanding of the service ss benefits

More information

VPN Configuration Guide. Cisco Small Business (Linksys) WRVS4400N / RVS4000

VPN Configuration Guide. Cisco Small Business (Linksys) WRVS4400N / RVS4000 VPN Configuration Guide Cisco Small Business (Linksys) WRVS4400N / RVS4000 2010 equinux AG and equinux USA, Inc. All rights reserved. Under copyright law, this configuration guide may not be copied, in

More information

Netopia 3346. TheGreenBow IPSec VPN Client. Configuration Guide. http://www.thegreenbow.com. support@thegreenbow.com

Netopia 3346. TheGreenBow IPSec VPN Client. Configuration Guide. http://www.thegreenbow.com. support@thegreenbow.com TheGreenBow IPSec VPN Client Configuration Guide Netopia 3346 WebSite: Contact: http://www.thegreenbow.com support@thegreenbow.com IPSec VPN Router Configuration Property of TheGreenBow Sistech SA - Sistech

More information

Local Session Controller: Cisco s Solution for the U.S. Department of Defense Network of the Future

Local Session Controller: Cisco s Solution for the U.S. Department of Defense Network of the Future White Paper Local Session Controller: Cisco s Solution for the U.S. Department of Defense Network of the Future What You Will Learn The future of the Department of Defense s (DoD) networks focuses on the

More information

How to access peers with different VPN through IPSec. Tunnel

How to access peers with different VPN through IPSec. Tunnel How to access peers with different VPN through IPSec Tunnel Scenario: Taipei branch and Kaohsiung branch dial to Hsinchu headquarter via IPSec VPN Tunnel respectively. Both Taipei branch and Kaohsiung

More information

Developing Network Security Strategies

Developing Network Security Strategies NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network

More information

H.I.P.A.A. Compliance Made Easy Products and Services

H.I.P.A.A. Compliance Made Easy Products and Services H.I.P.A.A Compliance Made Easy Products and Services Provided by: Prevare IT Solutions 100 Cummings Center Suite 225D Beverly, MA 01915 Info-HIPAA@prevare.com 877-232-9191 Dear Health Care Professional,

More information

Preliminary Course Syllabus

Preliminary Course Syllabus Preliminary Course Syllabus Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services Elements of this syllabus are subject to change. Key Data Course

More information

Firewall Architecture

Firewall Architecture NEXTEP Broadband White Paper Firewall Architecture Understanding the purpose of a firewall when connecting to ADSL network services. A Nextep Broadband White Paper June 2001 Firewall Architecture WHAT

More information

Chapter 4 Virtual Private Networking

Chapter 4 Virtual Private Networking Chapter 4 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the FVL328 Firewall. VPN tunnels provide secure, encrypted communications between

More information

White Paper. BD Assurity Linc Software Security. Overview

White Paper. BD Assurity Linc Software Security. Overview Contents 1 Overview 2 System Architecture 3 Network Settings 4 Security Configurations 5 Data Privacy and Security Measures 6 Security Recommendations Overview This white paper provides information about

More information

INTRUSION DETECTION SYSTEMS and Network Security

INTRUSION DETECTION SYSTEMS and Network Security INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Network Configuration Settings

Network Configuration Settings Network Configuration Settings Many small businesses already have an existing firewall device for their local network when they purchase Microsoft Windows Small Business Server 2003. Often, these devices

More information

ADMINISTRATIVE POLICY # 32 8 117 (2014) Remote Access. Policy Number: ADMINISTRATIVE POLICY # 32 8 117 (2014) Remote Access

ADMINISTRATIVE POLICY # 32 8 117 (2014) Remote Access. Policy Number: ADMINISTRATIVE POLICY # 32 8 117 (2014) Remote Access Policy Title: Remote Access Policy Type: Administrative Policy Number: ADMINISTRATIVE POLICY # 32 8 117 (2014) Remote Access Approval Date: 05/20/2014 Revised Responsible Office: Office of Information

More information

Next Generation Network Firewall

Next Generation Network Firewall Next Generation Network Firewall Overview Next Generation Network Firewalls are an important part of protecting any organisation from Internet traffic. Next Generation Firewalls provide a central point

More information

SECUR IN MIRTH CONNECT. Best Practices and Vulnerabilities of Mirth Connect. Author: Jeff Campbell Technical Consultant, Galen Healthcare Solutions

SECUR IN MIRTH CONNECT. Best Practices and Vulnerabilities of Mirth Connect. Author: Jeff Campbell Technical Consultant, Galen Healthcare Solutions SECUR Y IN MIRTH CONNECT Best Practices and Vulnerabilities of Mirth Connect Author: Jeff Campbell Technical Consultant, Galen Healthcare Solutions Date: May 15, 2015 galenhealthcare.com 2015. All rights

More information

A Systems Approach to HVAC Contractor Security

A Systems Approach to HVAC Contractor Security LLNL-JRNL-653695 A Systems Approach to HVAC Contractor Security K. M. Masica April 24, 2014 A Systems Approach to HVAC Contractor Security Disclaimer This document was prepared as an account of work sponsored

More information

Introduction. Technology background

Introduction. Technology background White paper: Redundant IP-VPN networks Introduction IP VPN solutions based on the IPsec protocol are already available since a number of years. The main driver for these kinds of solutions is of course

More information

HOWTO: How to configure IPSEC gateway (office) to gateway

HOWTO: How to configure IPSEC gateway (office) to gateway HOWTO: How to configure IPSEC gateway (office) to gateway How-to guides for configuring VPNs with GateDefender Integra Panda Security wants to ensure you get the most out of GateDefender Integra. For this

More information

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for

More information

Chapter 5. Data Communication And Internet Technology

Chapter 5. Data Communication And Internet Technology Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN

More information

SpiderCloud E-RAN Security Overview

SpiderCloud E-RAN Security Overview SpiderCloud E-RAN Security Overview Excerpt for SpiderCloud Wireless, Inc. 408 East Plumeria Drive San Jose, CA 95134 USA -hereafter called SpiderCloud- Page 1 of 7 Table of Contents 1 Executive Summary...5

More information

TheGreenBow IPsec VPN Client. Configuration Guide Cisco RV325 v1. Website: www.thegreenbow.com Contact: support@thegreenbow.com

TheGreenBow IPsec VPN Client. Configuration Guide Cisco RV325 v1. Website: www.thegreenbow.com Contact: support@thegreenbow.com TheGreenBow IPsec VPN Client Configuration Guide Cisco RV325 v1 Website: www.thegreenbow.com Contact: support@thegreenbow.com Table of Contents 1 Introduction... 3 1.1 Goal of this document... 3 1.2 VPN

More information

IOS NAT Load Balancing for Two ISP Connections

IOS NAT Load Balancing for Two ISP Connections IOS NAT Load Balancing for Two ISP Connections Document ID: 100658 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Configurations Verify Troubleshoot

More information

SonicWALL Check Point Firewall-1 VPN Interoperability

SonicWALL Check Point Firewall-1 VPN Interoperability SonicWALL Check Point Firewall-1 VPN Interoperability A Tech Note prepared by SonicWALL, Inc. SonicWALL, Inc. 1160 Bordeaux Drive Sunnyvale, CA 94089-1209 1-888-557-6642 http://www.sonicwall.com Introduction

More information

Blocking Spam with Sender Validation

Blocking Spam with Sender Validation The Administrator Shortcut Guide tm To Blocking Spam with Sender Validation SpamLionTM Anti Spam Gateway Alan Sugano Chapter 3: Implementing a sender validation Solution in Your Company...36 Cost Justification

More information

Table of Contents. Introduction

Table of Contents. Introduction viii Table of Contents Introduction xvii Chapter 1 All About the Cisco Certified Security Professional 3 How This Book Can Help You Pass the CCSP Cisco Secure VPN Exam 5 Overview of CCSP Certification

More information

המרכז ללימודי חוץ המכללה האקדמית ספיר. ד.נ חוף אשקלון 79165 טל'- 08-6801535 פקס- 08-6801543 בשיתוף עם מכללת הנגב ע"ש ספיר

המרכז ללימודי חוץ המכללה האקדמית ספיר. ד.נ חוף אשקלון 79165 טל'- 08-6801535 פקס- 08-6801543 בשיתוף עם מכללת הנגב עש ספיר מודולות הלימוד של מייקרוסופט הקורס מחולק ל 4 מודולות כמפורט:.1Configuring Microsoft Windows Vista Client 70-620 Installing and upgrading Windows Vista Identify hardware requirements. Perform a clean installation.

More information

Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1

Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1 Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1 This document describes how to configure an IPSec tunnel with a WatchGuard Firebox II or Firebox III (software version 4.5 or later)

More information

Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured!

Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured! Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured! Presented by: Kristen Zarcadoolas, Jim Soenksen, and Ed Sale PART 2: plan, act, repeat (from the look, plan,

More information

Customer Service Description Next Generation Network Firewall

Customer Service Description Next Generation Network Firewall Customer Service Description Next Generation Network Firewall Interoute, Walbrook Building, 195 Marsh Wall, London, E14 9SG, UK Tel: +800 4683 7681 Email: info@interoute.com Interoute Communications Limited

More information

APPENDIX 8 TO SCHEDULE 3.3

APPENDIX 8 TO SCHEDULE 3.3 APPENDI 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT APPENDI 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT APPENDI 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE

More information

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering Introduction Digi Connect Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering The Digi Connect supports five features which provide security and IP traffic forwarding when using incoming

More information

Colt VoIP Access. 2010 Colt Technology Services Group Limited. All rights reserved.

Colt VoIP Access. 2010 Colt Technology Services Group Limited. All rights reserved. Colt VoIP Access 2010 Colt Technology Services Group Limited. All rights reserved. Business requirements Are you looking for ways to simplify management of national or even international voice services

More information

Firewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls

Firewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls CEN 448 Security and Internet Protocols Chapter 20 Firewalls Dr. Mostafa Hassan Dahshan Computer Engineering Department College of Computer and Information Sciences King Saud University mdahshan@ccis.ksu.edu.sa

More information

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute

More information

CradleCare Support Agreement The Peace of Mind Plan

CradleCare Support Agreement The Peace of Mind Plan CRADLEPOINT // CRADLEPOINT SUPPORT AGREEMENT CradleCare Support Agreement The Peace of Mind Plan From initial device deployment to long-term maintenance and repair, the CradleCare Support Agreement offers

More information

Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation

Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Rev 5058-CO900C Agenda Control System Network Security Defence in Depth Secure Remote Access Examples

More information

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc. Securing Modern Substations With an Open Standard Network Security Solution Kevin Leech Schweitzer Engineering Laboratories, Inc. Copyright SEL 2009 What Makes a Cyberattack Unique? While the resources

More information

Configuring a Vyatta 4.0 release as a DSL internet connection router/gateway with basic port forwarding to an internal web server

Configuring a Vyatta 4.0 release as a DSL internet connection router/gateway with basic port forwarding to an internal web server Open Informatics a An Information Technology Company Visit us on the web at www.openinformatics.net Tutorial Author: Zlatan Klebic Send Feedback: zklebic@openinformatics.net Configuring a Vyatta 4.0 release

More information

HughesNet Broadband VPN End-to-End Security Enabled by the HN7700S-R

HughesNet Broadband VPN End-to-End Security Enabled by the HN7700S-R HughesNet Broadband VPN End-to-End Security Enabled by the HN7700S-R HughesNet Managed Broadband Network Services include a high level of end-toend security utilizing a robust architecture designed by

More information

PCI Security Scan Procedures. Version 1.0 December 2004

PCI Security Scan Procedures. Version 1.0 December 2004 PCI Security Scan Procedures Version 1.0 December 2004 Disclaimer The Payment Card Industry (PCI) is to be used as a guideline for all entities that store, process, or transmit Visa cardholder data conducting

More information

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) A RSACCESS WHITE PAPER 1 Microsoft Forefront Unified Access Gateway Overview 2 Safe-T RSAccess Secure Front-end Overview

More information

Unified Threat Management, Managed Security, and the Cloud Services Model

Unified Threat Management, Managed Security, and the Cloud Services Model Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical

More information

VERIFONE ENHANCED ZONE ROUTER

VERIFONE ENHANCED ZONE ROUTER VERIFONE ENHANCED ZONE ROUTER Security, remote management, and network connectivity offering more solutions for your c-store. SUMMARY The Verifone Enhanced Router is designed for customers to implement

More information

RAP Installation - Updated

RAP Installation - Updated RAP Installation - Updated August 01, 2012 Aruba Controller Release 6.1.3.2 The Controller has several wizards that can guide you through a variety of configuration processes. On the Configuration tab

More information

Total solution for your network security. Provide policy-based firewall on scheduled time. Prevent many known DoS and DDoS attack

Total solution for your network security. Provide policy-based firewall on scheduled time. Prevent many known DoS and DDoS attack Network Security Total solution for your network security With the growth of the Internet, malicious attacks are happening every minute, and intruders are trying to access your network, using expensive

More information

Workflow Guide. Establish Site-to-Site VPN Connection using Digital Certificates. For Customers with Sophos Firewall Document Date: November 2015

Workflow Guide. Establish Site-to-Site VPN Connection using Digital Certificates. For Customers with Sophos Firewall Document Date: November 2015 Workflow Guide Establish Site-to-Site VPN Connection using Digital Certificates For Customers with Sophos Firewall Document Date: November 2015 November 2015 Page 1 of 14 Establish Site-to-Site VPN Connection

More information

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Sonicwall Firewall.

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Sonicwall Firewall. Configuration Guide How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Sonicwall Firewall Overview This document describes how to implement IPSec with pre-shared secrets

More information

VPN Configuration Guide. Cisco Small Business (Linksys) WRV210

VPN Configuration Guide. Cisco Small Business (Linksys) WRV210 VPN Configuration Guide Cisco Small Business (Linksys) WRV210 2010 equinux AG and equinux USA, Inc. All rights reserved. Under copyright law, this configuration guide may not be copied, in whole or in

More information

Tech-Note Bridges Vs Routers Version 1.0-02/06/2009. Bridges Vs Routers

Tech-Note Bridges Vs Routers Version 1.0-02/06/2009. Bridges Vs Routers Tech-Note Bridges Vs Routers - 02/06/2009 1 2 Index 1. About this tech-note... 3 2. Recommended configurations... 4 3. Issues that may arise with other types of connections... 5 3.1. Connected to a router

More information

MINNEAPOLIS PARK AND RECREATION BOARD JOB DESCRIPTION JOB TITLE: Network & Operations Coordinator

MINNEAPOLIS PARK AND RECREATION BOARD JOB DESCRIPTION JOB TITLE: Network & Operations Coordinator MINNEAPOLIS PARK AND RECREATION BOARD JOB DESCRIPTION JOB TITLE: Network & Operations Coordinator Job Number: 07229P Date Finalized: 7/14/11 Service Department: Information Accountable To: Director, Information

More information

Workflow Guide. Establish Site-to-Site VPN Connection using RSA Keys. For Customers with Sophos Firewall Document Date: November 2015

Workflow Guide. Establish Site-to-Site VPN Connection using RSA Keys. For Customers with Sophos Firewall Document Date: November 2015 Workflow Guide Establish Site-to-Site VPN Connection using RSA Keys For Customers with Sophos Firewall Document Date: November 2015 November 2015 Page 1 of 10 Establish Site-to-Site VPN Connection using

More information

Pre-lab and In-class Laboratory Exercise 10 (L10)

Pre-lab and In-class Laboratory Exercise 10 (L10) ECE/CS 4984: Wireless Networks and Mobile Systems Pre-lab and In-class Laboratory Exercise 10 (L10) Part I Objectives and Lab Materials Objective The objectives of this lab are to: Familiarize students

More information