Designing an Enterprise GIS Security Strategy
|
|
- Roland Osborne
- 8 years ago
- Views:
Transcription
1 Esri International User Conference San Diego, California Technical Workshops July 26, 2012 Designing an Enterprise GIS Security Strategy Michael E Young
2 Agenda Introduction Strategy Trends Mechanisms ArcGIS Server Mobile Cloud Compliance
3 Introduction - Michael E Young - Esri Principal Security Architect - Certified Information Systems Security Professional (CISSP)
4 Introduction What is a secure GIS?
5 Introduction Sign in Japan Narita Airport - May 2011 Context is key for identifying the appropriate secure GIS solution for your organization
6 Introduction What is The Answer? Risk Impact
7 Introduction Where Are the Vulnerabilities? * SANS Relative Vulnerabilities
8 Strategy
9 Strategy Identify your Security Needs - Assess your environment - Datasets, Systems - Sensitivity, Categorization Understand Security Options - Enterprise GIS Resource Center - Enterprise-wide Security Mechanisms - Application Specific Options - Utilize patterns Implement Security as a Business Enabler - Improve appropriate availability of information
10 Strategy Enterprise GIS Security Strategy Security Risk Management Process Diagram - Microsoft
11 Strategy Esri s Security Strategy Evolution Enterprise Solution Product Isolated Systems 3 rd Party Security Integrated Systems Embedded Security Cloud Managed Security
12 Strategy Esri Products and Solutions Secure Products - Trusted geospatial services - Individual to organizations - Extending validation Secure Enterprise Guidance - Enterprise Resource Center - Patterns - Online Help Secure Solution Management - SaaS Functions & Controls - ArcGIS Online Security Overview
13 Strategy Expanded Security Online Help and Papers
14 Strategy Security Implementation Patterns Risk based 3 categories / NIST alignment Selection process - Formal NIST Informal To prioritize information security and privacy initiatives, organizations must assess their business needs and risks
15 Strategy Security Principles CIA Security Triad Defense in Depth
16 Strategy Defense in Depth Authentication Authorization Data and Assets Physical Controls Policy Controls Technical Controls Filters Encryption Logging
17 Trends
18 Trends Perception End-User Perception - I don t ever hear about Virus issues in our company anymore Reality - Modern attacks are not as much about being visible - Layers of exploits deployed - Goal is to obtain your company s most value information
19 Trends Modern Attack Websense 2012 Threat Report Don t rely on Anti-Virus and Firewalls Alone to Protect Your Organization
20 Trends Reverse Proxy s Need to Be Maintained CVE Apache Reverse Proxy Exploit Oct 2011 Allows unauthenticated access to information that should be confidential Commonly overlooked component for updates Update Your Reverse Proxy!
21 Trends End of Browser Plug-ins? Migration away from Flash and Silverlight Plug-ins Security experts ready to unload plug-ins HTML5 limitation inconsistencies across browsers slowing migration
22 Trends Mobile Security iphone Twitter PII compromised Mobile device data not secure by default Enterprise Mobile Security Solutions can help
23 Trends Cloud Data breeches of #1 Sony PlayStation Cloud mill - #2 Epsilon Cloud mill - #6 Nasdaq Dashboard Cloud - 10k+ Sr. Execs * An Enterprise Security Strategy can help through cloud data mitigation controls and cloud security policies
24 Trends Events over the last month US loses $250 billion annually in IP theft $338 billion annually in financial theft Result of cyber espionage is the "greatest transfer of wealth in history."
25 Mechanisms
26 Mechanisms
27 Mechanisms Authentication Pre-10.1 Options - Web Traffic via HTTP 1. Web Services 2. Web Applications - Intranet Traffic via DCOM 3. Local Connections
28 Mechanisms Authentication Access Restricted Authentication Method Description Encryption None Default Internet Connections N/A Web Service or Web Application Basic Digest Windows Integrated Java EE Container Browser built-in pop-up logon Web container challenge Basic None, unless using SSL Container Managed PKI / Smartcards Public key certificate* PKI Managed Web Application Only.NET Form-based Java ArcGIS Managed Custom login and error pages. ArcGIS Server provides login None, unless using SSL None, unless using SSL Web Service Only Esri Token Cross Platform, Cross API AES-128bit Local DCOM (Gone in 10.1) Windows Integrated OS Groups AGSUser. AGSAdmin OS Managed *PKI / Smartcard Validation Environment Recently Stood up
29 Mechanisms Authorization Role Based Access Control Esri COTS - Assign access with ArcGIS Manager - Service Level Authorization across web interfaces - Services grouped in folders utilizing inheritance 3 rd Party - RDBMS Row Level or Feature Class Level - Versioning with Row Level degrades RDBM performance - Alternative - SDE Views Custom - Limit GUI - Rich Clients via ArcObjects - Web Applications - Sample code Links in ERC - Microsoft s AzMan tool
30 Mechanisms Filters 3 rd Party Options Firewalls Reverse Proxy Web Application Firewall - Open Source option ModSecurity Anti-Virus Software Intrusion Detection / Prevention Systems Limit applications able to access geodatabase
31 Mechanisms Filters Firewall Friendly Scenario Web Application Firewall in DMZ File Geodatabase (FGDB) in DMZ One-way replication via HTTP(s) Deployed to each web server for performance Internet users access to subset of Geodatabase Internet Same replication model could be used to push data to cloud DMZ Intranet WAF Web Web HTTP HTTP GIS GIS DCOM Use FGDB HTTP Database SQL Author & Publish
32 Mechanisms Filters Why no Reverse Proxy in DMZ? - One-off component / no management, minimal filtering Multi-Function Web Service Gateways - Store SSL Certificates / SSL Acceleration - URL Rewrite - Web Application Firewall External Internal DMZ
33 Mechanisms Encryption 3 rd Party Options Network - IPSec (VPN, Internal Systems) - SSL (Internal and External System) - Cloud Encryption Gateways - Only encrypted datasets sent to cloud File Based - Operating System BitLocker - GeoSpatially enabled PDF s combined with Certificates - Hardware (Disk) RDBMS - Transparent Data Encryption - Low Cost Portable Solution - SQL Express 2008 w/tde
34 Mechanisms Logging/Auditing Esri COTS - Geodatabase history - May be utilized for tracking changes - ArcGIS Workflow Manager - Track Feature based activities - ArcGIS Server 10+ Logging - User tag tracks user requests 3 rd Party - Web Server, RDBMS, OS, Firewall - Consolidate with a SIEM
35 ArcGIS Server
36 DCOM HTTP(s) SQL HTTP(s) HTTP(s) SQL HTTP(s) ArcGIS Server Public Facing Architecture Public WEB Reverse Proxy DMZ WAF Web Adaptor WEB Private SOM SOC DBclient GIS Server DBclient SvrDir DBMS SvrDir DBMS
37 ArcGIS Server 10.1 Changes Goodbye DCOM issues! Token Security enabled by default Added Publisher Role AGSAdmin / AGSUser OS Roles dropped All tier capabilities installed by default - Web, application, data - Ready to run developer platform Deploy Web Adapter to web server for production Editor feature service tracking - Owner based control Integrated Security Model still available Administrator API IIS or Apache Web Adaptor Primary Site Admin Acct Config Store Server Directories GIS Server OS Service Acct ArcGIS Server Site
38 ArcGIS Server 10.1 Deployment Want to know more about ArcGIS Server 10.1 Security? Checkout: 3:15-4:30pm - Building Secure Applications Room 32B
39 Mobile
40 Mobile Just Secure the Web Service Endpoints, Right?
41 Mobile OWASP Top 10 Mobile Issues Issue Solution Question Physical Loss Device Security Options? Malicious App What app stores allowed? Rooted Device Encryption/Strength? Patches How enforced? Insecurely Written App How is code tested? Compromised Password How secured/encrypted? Unprotected Transport TLS/SSL Utilized? Weak Session Management Tokens always passed? Unprotected Services Hardening Guidance? Internal Resource Access VPN Options?
42 Mobile Phone Security ArcGIS Mobile Security Touch Points SDE permissions Server authentication Communication Device access Storage Service authorization Project access Data access
43 Mobile Enterprise Mobile Security Built-in device capabilities - Can store features ios5 encrypted with Flex 3.0 API Enterprise device solutions (InTune, AirWatch, Good, MaaS360) - Benefits: Secure , browser, remote wipe, app distribution Application specific solutions - Benefits: Secure connections and offline device data - Esri ios SDK + Security SDK
44 Cloud
45 Cloud Is cloud right for you? Common deployment delays - Analysis paralysis - Complex Proof-of-Concepts (POC) - Technical details primary focus - Security & performance - Cost predictability concerns What type of cloud - Deployment model (where it s located) - Service model (How much it does)
46 Cloud Responsibility across cloud service models IaaS - ArcGIS Server for Amazon - CSP -> Infrastructure - Cust -> CSP Config, OS, Apps SaaS - ArcGIS Online - CSP -> Infrastructure - Esri -> CSP Config, OS, Apps - Cust -> App Config
47 Cloud Deployment models
48 Cloud SaaS Deployment options Three ArcGIS Online patterns 1. Store data and publish service to cloud 2. Only publish service metadata to cloud 3. Deploy solution on-premises
49 Cloud Amazon
50 Cloud Going Beyond 1 Tier in Amazon
51 Cloud IaaS - ArcGIS Server in Amazon Deployment Options Ease deployment - New Cloud Builder 10.1 Tool - Default not hardened Offload management (Cloud Broker Role) - Esri Managed Services Hardened instances - GeoCloud GSA / FGDC Initiative - Security hardened AMI - Shared security certification focus this year
52 Cloud IaaS Common security issues 1. Access to ports not limited - If you utilize the default image and open RDP to all IP addresses, expect to be compromised in as little as a day 2. System patches not applied - There have been a number of significant RDP vulnerabilities 3. Authentication weak - Multi-factor authentication recommended - Check out AWS Virtual MFA for a free option 4. System not hardened - Turn off/uninstall components you don t use - Utilize built-in capabilities such as NLA for RDP
53 Cloud SaaS - ArcGIS online for Organizations Organization administrator options - Require SSL encryption - Allow anonymous access to org site Consume Token secured ArcGIS Server services - 10 SP1 and later - User name and password prompts upon adding the service to a map, and viewing Transparency - Status.ArcGIS.com Upcoming - Federated Identities (SAML/ADFS)
54 Compliance and Standards
55 Compliance FDCC - Desktop products USGCB - Desktop products 10.1 Almost completed SSAE 16 Type 1 Previously SAS 70 - Esri data center operations - Expanding to Managed Services for 2012 FISMA - ArcGIS Online In progress
56 Summary & Next Steps
57 Summary Security is NOT about just a technology - Understand your organizations GIS risk level - Utilize Defense-In-Depth Secure best practice guidance is available - Check out the Enterprise GIS Resource Center! - Drill into details by mechanism or application type
58 Summary & Next Steps Your feedback and insight today is essential - Current security issues - Upcoming security requirements - Areas of concern not addressed today Contact Us At: Enterprise Security esinfo@esri.com
59 Steps to evaluate UC sessions My UC Homepage > Evaluate Sessions Choose session from planner OR Search for session
60 Thank you for attending Have fun at UC2012 Open for questions Please fill out the evaluation: Offering ID: 986 Contact Us At: Enterprise Security
61
Designing an Enterprise GIS Security Strategy 2014. Michael E. Young Matt Lorrain
Designing an Enterprise GIS Security Strategy 2014 Michael E. Young Matt Lorrain Agenda Introduction Trends Strategy Mechanisms Server Mobile Cloud Compliance Summary Introduction What is a secure GIS?
More informationArcGIS and Enterprise Security
ArcGIS and Enterprise Security Leveraging ArcGIS in Cybersecurity Ken Stoni Secure Enterprise ArcGIS Best Practices Michael Young Visualizing the Virtual: A geospatial approach to cyber operations and
More informationArcGIS Cloud Security Roadmap & Best Practices for Federal Agencies. Michael E. Young
ArcGIS Cloud Security Roadmap & Best Practices for Federal Agencies Michael E. Young Agenda Introduction ArcGIS Cloud Capabilities ArcGIS Online (SaaS) Security ArcGIS Cloud Providers ArcGIS IaaS Security
More informationSecuring ArcGIS Server Services: First Steps
Federal GIS Conference February 9 10, 2015 Washington, DC Securing ArcGIS Server Services: First Steps Michael Sarhan Esri msarhan@esri.com Agenda Review Basic Security Workflow ArcGIS Server Roles and
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationArcGIS Viewer for Silverlight An Introduction
Esri International User Conference San Diego, California Technical Workshops July 26, 2012 ArcGIS Viewer for Silverlight An Introduction Rich Zwaap Agenda Background Product overview Getting started and
More informationIntroduction to the Mobile Access Gateway
Introduction to the Mobile Access Gateway This document provides an overview of the AirWatch Mobile Access Gateway (MAG) architecture and security and explains how to enable MAG functionality in the AirWatch
More informationIntroduction to the EIS Guide
Introduction to the EIS Guide The AirWatch Enterprise Integration Service (EIS) provides organizations the ability to securely integrate with back-end enterprise systems from either the AirWatch SaaS environment
More informationHow To Use Arcgis For Free On A Gdb 2.2.2 (For A Gis Server) For A Small Business
Esri Middle East and Africa User Conference December 10 12 Abu Dhabi, UAE Understanding ArcGIS in Virtualization and Cloud Environments Marwa Mabrouk Powerful GIS capabilities Delivered as Web services
More informationPortal for ArcGIS. Satish Sankaran Robert Kircher
Portal for ArcGIS Satish Sankaran Robert Kircher ArcGIS A Complete GIS Data Management Planning & Analysis Field Mobility Operational Awareness Constituent Engagement End to End Integration Collect, Organize,
More informationSecurity Best Practices for Microsoft Azure Applications
Security Best Practices for Microsoft Azure Applications Varun Sharma Principal Security Engineer, Information Security & Risk Management (ISRM), Microsoft IT Service Lines Application Security Infrastructure
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility
More informationCloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive
Cloud Security Through Threat Modeling Robert M. Zigweid Director of Services for IOActive 1 Key Points Introduction Threat Model Primer Assessing Threats Mitigating Threats Sample Threat Model Exercise
More informationEnterprise GIS Architecture Deployment Options. Andrew Sakowicz
Enterprise GIS Architecture Deployment Options Andrew Sakowicz Audience Audience - Architects - Developers - Administrators - Project Managers Level: - Beginner / Intermediate Introduction Andrew Sakowicz
More informationWHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS
WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user
More informationArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young
ArcGIS Server Security Threats & Best Practices 2014 David Cordes Michael Young Agenda Introduction Threats Best practice - ArcGIS Server settings - Infrastructure settings - Processes Summary Introduction
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationThe Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency
logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011
More informationIntroduction to Mobile Access Gateway Installation
Introduction to Mobile Access Gateway Installation This document describes the installation process for the Mobile Access Gateway (MAG), which is an enterprise integration component that provides a secure
More informationEsri Managed Cloud Services and FedRAMP
Federal GIS Conference February 9 10, 2015 Washington, DC Esri Managed Cloud Services and FedRAMP Erin Ross & Michael Young Agenda Esri Managed Services Program Overview Example Deployments New FedRAMP
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
SOLUTION BRIEF PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP The benefits of cloud computing are clear and compelling: no upfront investment, low ongoing costs, flexible capacity and fast application
More informationTable of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.
FME Cloud Security Table of Contents FME Cloud Architecture Overview Secure Operations I. Backup II. Data Governance and Privacy III. Destruction of Data IV. Incident Reporting V. Development VI. Customer
More informationSecurely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.
Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationSolving the Desktop Dilemma
Solving the Desktop Dilemma Enterprise Desktop Solutions Raymond Sleiman DL Groupe GMG rsleiman@dlge.ch Mobile :079 200 81 03 Agenda What is VMware View 3 What s new with VMware View 3 Architecture RTO
More informationOnline Data Services. Security Guidelines. Online Data Services by Esri UK. Security Best Practice
Online Data Services Security Guidelines Online Data Services by Esri UK Security Best Practice 28 November 2014 Contents Contents... 1 1. Introduction... 2 2. Data Service Accounts, Security and Fair
More informationBest Practices for Security and Compliance with Amazon Web Services. A Trend Micro White Paper I April 2013
Best Practices for Security and Compliance with Amazon Web Services A Trend Micro White Paper I April 2013 Contents Executive Summary...2 Defining Cloud Computing...2 SERVICE MODELS...3 DEPLOYMENT MODELS...5
More informationA POLYCOM WHITEPAPER Polycom. Recommended Best Security Practices for Unified Communications
Polycom Recommended Best Security Practices for Unified Communications March 2012 Unified Communications (UC) can be viewed as another set of data and protocols utilizing IP networks. From a security perspective,
More informationOut of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet
Out of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet March 8, 2012 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development
More informationUsing ArcGIS for Server in the Amazon Cloud
Using ArcGIS for Server in the Amazon Cloud Randall Williams, Esri Subrat Bora, Esri Esri UC 2014 Technical Workshop Agenda What is ArcGIS for Server on Amazon Web Services Sounds good! How much does it
More informationCyber Exploits: Improving Defenses Against Penetration Attempts
Cyber Exploits: Improving Defenses Against Penetration Attempts Mark Burnette, CPA, CISA, CISSP, CISM, CGEIT, CRISC, QSA LBMC Security & Risk Services Today s Agenda Planning a Cyber Defense Strategy How
More informationApplication Security Best Practices. Matt Tavis Principal Solutions Architect
Application Security Best Practices Matt Tavis Principal Solutions Architect Application Security Best Practices is a Complex topic! Design scalable and fault tolerant applications See Architecting for
More informationFrom the Bottom to the Top: The Evolution of Application Monitoring
From the Bottom to the Top: The Evolution of Application Monitoring Narayan Makaram, CISSP Director, Security Solutions HP/Enterprise Security Business Unit Session ID: SP01-202 Session 2012 Classification:
More informationWhite Paper How Noah Mobile uses Microsoft Azure Core Services
NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah
More informationArchitecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud
Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationWEB APPLICATION FIREWALLS: DO WE NEED THEM?
DISTRIBUTING EMERGING TECHNOLOGIES, REGION-WIDE WEB APPLICATION FIREWALLS: DO WE NEED THEM? SHAIKH SURMED Sr. Solutions Engineer info@fvc.com www.fvc.com HAVE YOU BEEN HACKED????? WHAT IS THE PROBLEM?
More informationBuilding Secure Applications. James Tedrick
Building Secure Applications James Tedrick What We re Covering Today: Accessing ArcGIS Resources ArcGIS Web App Topics covered: Using Token endpoints Using OAuth/SAML User login App login Portal ArcGIS
More informationPolycom Recommended Best Security Practices for Unified Communications
Polycom Recommended Best Security Practices for Unified Communications October 2015 Unified Communications (UC) can be viewed as another set of data and protocols utilizing IP networks. From a security
More informationUsing ArcGIS for Server in the Amazon Cloud
Federal GIS Conference February 9 10, 2015 Washington, DC Using ArcGIS for Server in the Amazon Cloud Bonnie Stayer, Esri Amy Ramsdell, Blue Raster Session Outline AWS Overview ArcGIS in AWS Cloud Builder
More informationChapter 1: Introduction to ArcGIS Server
Chapter 1: Introduction to ArcGIS Server At a high level you can think of ArcGIS Server as software that helps you take your geographic information and make it available to others. This data can be distributed
More informationCloud Security:Threats & Mitgations
Cloud Security:Threats & Mitgations Vineet Mago Naresh Khalasi Vayana 1 What are we gonna talk about? What we need to know to get started Its your responsibility Threats and Remediations: Hacker v/s Developer
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationBuilding Your Complete Remote Access Infrastructure on Windows Server 2012
Building Your Complete Remote Access nappliance White Paper August 2012 Introduction Remote access is a complex challenge for IT administrators. Providing system access to remote users involves a broad
More informationAchieving PCI Compliance Using F5 Products
Achieving PCI Compliance Using F5 Products Overview In April 2000, Visa launched its Cardholder Information Security Program (CISP) -- a set of mandates designed to protect its cardholders from identity
More informationMedia Shuttle s Defense-in- Depth Security Strategy
Media Shuttle s Defense-in- Depth Security Strategy Introduction When you are in the midst of the creative flow and tedious editorial process of a big project, the security of your files as they pass among
More informationReplacing Microsoft Forefront Threat Management Gateway with F5 BIG-IP. Dennis de Leest Sr. Systems Engineer Netherlands
Replacing Microsoft Forefront Threat Management Gateway with F5 BIG-IP Dennis de Leest Sr. Systems Engineer Netherlands Microsoft Forefront Threat Management Gateway (TMG) Microsoft Forefront Threat Management
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationSecurity Considerations for DirectAccess Deployments. Whitepaper
Security Considerations for DirectAccess Deployments Whitepaper February 2015 This white paper discusses security planning for DirectAccess deployment. Introduction DirectAccess represents a paradigm shift
More informationMove over, TMG! Replacing TMG with Sophos UTM
Move over, TMG! Replacing TMG with Sophos UTM Christoph Litzbach, Pre-Sales Engineer NSG 39 Key Features of TMG HTTP Antivirus/spyware URL Filtering HTTPS forward inspection Web Caching Role based access
More informationArcGIS 10.3 Server on Amazon Web Services
ArcGIS 10.3 Server on Amazon Web Services Copyright 1995-2015 Esri. All rights reserved. Table of Contents Introduction What is ArcGIS Server on Amazon Web Services?............................... 5 Quick
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationDeploy Remote Desktop Gateway on the AWS Cloud
Deploy Remote Desktop Gateway on the AWS Cloud Mike Pfeiffer April 2014 Last updated: May 2015 (revisions) Table of Contents Abstract... 3 Before You Get Started... 3 Three Ways to Use this Guide... 4
More informationDUBEX CUSTOMER MEETING
DUBEX CUSTOMER MEETING JOHN YUN Director, Product Marketing Feb 4, 2014 1 AGENDA WebPulse Blue Coat Cloud Service Overview Mobile Device Security 2 WEBPULSE 3 GLOBAL THREAT PROTECTION NEGATIVE DAY DEFENSE
More informationExternal authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy
External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationPCI Requirements Coverage Summary Table
StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2
More informationVisibility and Control for Sanctioned & Unsanctioned Cloud Apps
Visibility and Control for Sanctioned & Unsanctioned Cloud Apps Walter Doria Technical Director Exclusive Networks Gabriele Buratti Principal SE Imperva Today s Agenda Introductions & Discussion Market
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationApps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.
Users Devices Apps Data Users expect to be able to work in any location and have access to all their work resources. The explosion of devices is eroding the standards-based approach to corporate IT. Deploying
More informationCNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions
CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions The objective of Implementing Citrix NetScaler 10.5 for App and Desktop Solutions is to provide the foundational concepts and skills
More informationService Manager and the Heartbleed Vulnerability (CVE-2014-0160)
Service Manager and the Heartbleed Vulnerability (CVE-2014-0160) Revision 1.0 As of: April 15, 2014 Table of Contents Situation Overview 2 Clarification on the vulnerability applicability 2 Recommended
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationEnsuring Enterprise Data Security with Secure Mobile File Sharing.
A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite
More informationSecure Cloud Computing
Secure Cloud Computing Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for
More informationInformation Security Policy
Information Security Policy Steve R. Hutchens, CISSP EDS, Global Leader, Homeland Security Agenda Security Architecture Threats and Vulnerabilities Design Considerations Information Security Policy Current
More informationBAE Systems PCI Essentail. PCI Requirements Coverage Summary Table
BAE Systems PCI Essentail PCI Requirements Coverage Summary Table Introduction BAE Systems PCI Essential solution can help your company significantly reduce the costs and complexity of meeting PCI compliance
More informationScalable Secure Remote Access Solutions
Scalable Secure Remote Access Solutions Jason Dely, CISSP Principal Security Consultant jdely@ra.rockwell.com Scott Friberg Solutions Architect Cisco Systems, Inc. sfriberg@cisco.com Jeffrey A. Shearer,
More informationCloud Security Framework (CSF): Gap Analysis & Roadmap
Cloud Security Framework (CSF): Gap Analysis & Roadmap Contributors: Suren Karavettil, Bhumip Khasnabish Ning So, Gene Golovinsky, Meng Yu & Wei Yinxing Please send comments & suggestions to Suren Karavettil
More informationSecure Compute Research Environment Data Security Plan (DSP)
Secure Compute Research Environment (DSP) Overview The Secure Compute Research Environment (SCRE) is a private, secured virtual environment designed for researchers to securely store, access and analyze
More informationDetecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008
Detecting Web Application Vulnerabilities Using Open Source Means OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008 Kostas Papapanagiotou Committee Member OWASP Greek Chapter conpap@owasp.gr
More informationLive Guide System Architecture and Security TECHNICAL ARTICLE
Live Guide System Architecture and Security TECHNICAL ARTICLE Contents 1. Introduction... 2 2. Hosting Environment... 2 2.1. Standards - Compliancy... 3 2.2. Business Continuity Management... 3 2.3. Network
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationArcGIS for Server Deployment Scenarios An ArcGIS Server s architecture tour
ArcGIS for Server Deployment Scenarios An Arc s architecture tour Ismael Chivite Product Manager at Esri Concepts Single Machine Configurations Basic Basic with Proxy Fail-Over Load Balanced or Siloed
More informationSecure Your Mobile Device Access with Cisco BYOD Solutions
Solution Overview Secure Your Mobile Device Access with Cisco BYOD Solutions BENEFITS The Cisco Meraki solution (cloud managed) and Cisco BYOD Solution (on-premises management) help you secure multiple
More informationBlending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access
Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access Vikas Jain Director, Product Management Intel Corporation Jesper Tohmo CTO, Nordic Edge (an Intel company) Session ID:
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationMEGA Web Application Architecture Overview MEGA 2009 SP4
Revised: September 2, 2010 Created: March 31, 2010 Author: Jérôme Horber CONTENTS Summary This document describes the system requirements and possible deployment architectures for MEGA Web Application.
More informationAdobe Systems Incorporated
Adobe Connect 9.2 Page 1 of 8 Adobe Systems Incorporated Adobe Connect 9.2 Hosted Solution June 20 th 2014 Adobe Connect 9.2 Page 2 of 8 Table of Contents Engagement Overview... 3 About Connect 9.2...
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationCodeproof Mobile Security & SaaS MDM Platform
Codeproof Mobile Security & SaaS MDM Platform info@codeproof.com https://codeproof.com Mobile devices have been transformed into multi-faceted, multi-tasking, multimedia tools for personal expression,
More informationArcGIS for Server in the Amazon Cloud. Michele Lundeen Esri
ArcGIS for Server in the Amazon Cloud Michele Lundeen Esri What we will cover ArcGIS for Server in the Amazon Cloud Why How Extras Why do you need ArcGIS Server? Some examples Publish - Dynamic Map Services
More informationWorkday Mobile Security FAQ
Workday Mobile Security FAQ Workday Mobile Security FAQ Contents The Workday Approach 2 Authentication 3 Session 3 Mobile Device Management (MDM) 3 Workday Applications 4 Web 4 Transport Security 5 Privacy
More informationSAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)
SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) A RSACCESS WHITE PAPER 1 Microsoft Forefront Unified Access Gateway Overview 2 Safe-T RSAccess Secure Front-end Overview
More informationMaaS360 Mobile Enterprise Gateway
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2013 Fiberlink Communications Corporation. All rights reserved. Information in this document is subject to change without notice. The software
More informationA Practical Approach to Network Vulnerability Assessment AN AUDITOR S PERSPECTIVE BRYAN MILLER, IT DIRECTOR JOHN KEILLOR, CPA, AUDIT PARTNER
A Practical Approach to Network Vulnerability Assessment AN AUDITOR S PERSPECTIVE BRYAN MILLER, IT DIRECTOR JOHN KEILLOR, CPA, AUDIT PARTNER 1 Agenda Audits Articles/Examples Classify Your Data IT Control
More informationEnd User Devices Security Guidance: Apple OS X 10.10
GOV.UK Guidance End User Devices Security Guidance: Apple OS X 10.10 Published Contents 1. Changes since previous guidance 2. Usage scenario 3. Summary of platform security 4. How the platform can best
More informationITAR Compliant Data Exchange
ITAR Compliant Data Exchange Managing ITAR Data Across Collaborative Project Teams WebSpace Customers Aerospace & Defense Manufacturing High Tech & Contract Manufacturing Automotive Manufacturing Medical/
More informationWeb Security School Final Exam
Web Security School Final Exam By Michael Cobb 1.) Which of the following services is not required to run a Windows server solely configured to run IIS and publish a Web site on the Internet? a. IIS Admin
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak CR V4.1 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents Table of Contents
More informationNEFSIS DEDICATED SERVER
NEFSIS TRAINING SERIES Nefsis Dedicated Server version 5.2.0.XXX (DRAFT Document) Requirements and Implementation Guide (Rev5-113009) REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER Nefsis
More informationBlue Jeans Network Security Features
Technical Guide Blue Jeans Network Security Features Blue Jeans Network understands an organization s need for secure communications. The Blue Jeans cloud-based video conferencing platform provides users
More informationCITY UNIVERSITY OF HONG KONG Network and Platform Security Standard
CITY UNIVERSITY OF HONG KONG Network and Platform Security Standard (Approved by the Information Strategy and Governance Committee in December 2013) INTERNAL Date of Issue: 2013-12-24 Document Control
More informationCloud Security Framework (CSF): Gap Analysis & Roadmap
Cloud Security Framework (CSF): Gap Analysis & Roadmap Contributors: Suren Karavettil, Bhumip Khasnabish Ning So, Gene Golovinsky, Meng Yu & Wei Yinxing Please send comments & suggestions to Suren Karavettil
More informationThank you for joining us today! The presentation will begin shortly. Thank you for your patience.
Thank you for joining us today! The presentation will begin shortly. Thank you for your patience. Copyright 2012-2015. SDNCentral LLC. All Rights Reserved September 11, 2015 Webinar Logistics Enable pop-ups
More informationA Monitored Student Testing Application Using Cloud Computing
A Monitored Student Testing Application Using Cloud Computing R. Mullapudi and G. Hsieh Department of Computer Science, Norfolk State University, Norfolk, Virginia, USA r.mullapudi@spartans.nsu.edu, ghsieh@nsu.edu
More informationAV-18 Introduction of the GIS Integration
Slide 1 AV-18 Introduction of the GIS Integration Authors Victor Lough Dan Marsillo Geoff Tarcha social.invensys.com @InvensysOpsMgmt / #SoftwareRevolution /InvensysVideos /InvensysOpsMgmt /company/invensys
More information