From Enterprise Perimeter to Distributed, Virtual Enterprise Security
|
|
- Madeline Roberts
- 7 years ago
- Views:
Transcription
1 From Enterprise Perimeter to Distributed, Virtual Enterprise Security Ed Amoroso SVP, CSO AT&T Page 1
2 Page 2 Sandbags Piled in Front of AT&T Building 12/15/41
3 Original Perimeter Objective (Circa 1995) Enterprise Perimeter Untrusted External Actor Inside the Firewall Outside the Firewall Page 3
4 Enabling Browser Access to Enterprise site (External) Untrusted External Actor Page 4
5 Rule Added to Firewall to Allow Inbound Access to TCP/Port 80 (http) (External) Untrusted External Actor Off the Shelf Software and Tools with Potentially Exploitable Vulnerabilities Packets from Browsers Anywhere Enter the Perimeter Page 5
6 Perimeter Design Firewall Router Scan UTM PKI Admin Access to Server Enterprise Access to Server 2FA Log Allowed RBAC (External) DLP A/V SIEM Proxy FW IPS A/S Page 6
7 Page 7 (External)
8 Enabling External VPN Access to Enterprise (External) VPN Designed for VPN/RA Client Page 8
9 Perimeter Design Firewall Router Scan UTM PKI Admin Access to Server Admin Access to VPN Server Enterprise Access to Server 2FA 2FA Log Log Allowed RBAC RBAC (External) VPN DLP A/V SIEM Proxy FW FW IPS A/S Integrate into Common Physical Perimeter Firewall Router Scan UTM PKI Enterprise Access to VPN Server Allowed DLP A/V SIEM Proxy IPS A/S Page 9
10 (External) VPN Page 10
11 Adding Third Party Gateway Access to Enterprise (External) Designed for Third Party Care, Contact, Support, etc. Third Party Gateway VPN Page 11
12 Perimeter Design Admin Access to Third Party Gateways Scan UTM PKI DLP SIEM IPS 2FA Log (External) A/V Proxy A/S Typically Source IP-Based Authentication RBAC Third Party Gateway VPN FW Integrate into Common Physical Perimeter FW FW Scan UTM PKI Scan UTM PKI DLP A/V SIEM Proxy IPS A/S Allowed Enterprise Access to Third Party Gateways DLP A/V SIEM Proxy IPS A/S Integrate into Common Physical Perimeter Page 12
13 Enterprise Assets (External) Third Party Gateway VPN Page 13
14 Adding Inbound to Enterprise Enterprise Assets (External) Third Party Gateway VPN Page 14
15 Perimeter Design Scan UTM PKI Scan UTM PKI DLP SIEM IPS DLP SIEM IPS A/V Proxy A/S (External) A/V Proxy A/S FW FW Allow Exchange with any Sender or Receiver Third Party Gateway VPN Integrate into Common Physical Perimeter FW Allowed FW Integrate into Common Physical Perimeter Scan UTM PKI Enterprise Access to Mail Scan UTM PKI DLP SIEM IPS DLP SIEM IPS A/V Proxy A/S A/V Proxy A/S Integrate into Common Physical Perimeter Page 15
16 Enterprise Assets (External) Third Party Gateway VPN Page 16
17 Hundreds to Millions of Rules ( ) Enterprise Assets (External) Additional Firewall Rule Exceptions Additional Firewall Rule Exceptions Third Party Gateway VPN Page 17
18 Expanded Third Party Gateways Enterprise Assets (External) Additional Firewall Rule Exceptions Additional Firewall Rule Exceptions Third Party VPN Additional Third Parties, Retail Dealers, Outsourcing, Offshoring Page 18
19 Expanded Employee Remote Access Enterprise Assets (External) Additional Firewall Rule Exceptions Additional Firewall Rule Exceptions Third Party VPN Additional Third Parties, Retail Dealers, Outsourcing, Offshoring Additional Remote Access, Employee Telework, Road Warriors Page 19
20 Network Vulnerabilities Network Misconfigurations (Internet Exposing) Unauthorized Network Connections (Internet Exposing) Enterprise Assets (External) Additional Firewall Rule Exceptions Additional Firewall Rule Exceptions Third Party VPN Additional Third Parties, Retail Dealers, Outsourcing, Offshoring Additional Remote Access, Employee Telework, Road Warriors Page 20
21 Employee Use of Mobile Network Misconfigurations (Internet Exposing) Unauthorized Network Connections (Internet Exposing) Enterprise Assets (External) Additional Firewall Rule Exceptions Additional Firewall Rule Exceptions Third Party VPN Additional Third Parties, Retail Dealers, Outsourcing, Offshoring Enterprise Use of Mobility Additional Remote Access, Employee Telework, Road Warriors Page 21
22 Typical State of the Practice Enterprise Design Network Misconfigurations (Internet Exposing) Unauthorized Network Connections (Internet Exposing) Enterprise Assets (External) Additional Firewall Rule Exceptions Additional Firewall Rule Exceptions Third Party VPN Additional Third Parties, Retail Dealers, Outsourcing, Offshoring Enterprise Use of Mobility Additional Remote Access, Employee Telework, Road Warriors Page 22
23 Enterprise Perimeter Reality (Circa 2015) Enterprise Perimeter Outside Page 23
24 Nation State Exfiltration Attacks North/South Exploit (Perimeter) Phishing Attack East/West Exploit (Enterprise) Data Exfiltration Successfully attack this... and gain access to this... Page 24
25 Nation State Exfiltration Attacks Many Solutions Exist to Reduce Risk Inbound North/South Exploit (Perimeter) Inbound Filtering East/West Exploit (Enterprise) Outbound Filtering Many Solutions Exist to Reduce Risk Outbound No Good Solutions Exist to Reduce Traversal Risk Page 25
26 Page 26 Baseline Perimeter
27 Enabling Browser Access to Server Page 27
28 Micro-Perimeter Design ( Server) Virtual Micro Perimeter Page 28
29 Micro-Perimeter Provisioning to Cloud Scan UTM PKI Step 2: Provision Virtual Micro-Perimeter into Run Time System DLP SIEM IPS Step 1: Provision Server into Integrated Cloud A/V Proxy FW A/S Page 29
30 East-West Protection for Cloud Tenant Hypervisor Security Orchestration FW... A/S Proxy FW Virtual Appliances Virtual Perimeter Sampling of Vendors with Virtual Appliances Page 30
31 Virtual Micro Perimeter Page 31
32 Adding Security Command & Control Virtual Virtual Micro Perimeter Security C&C Virtual Micro Perimeter Page 32
33 Micro-Perimeter Provisioning to Cloud Scan UTM PKI DLP SIEM IPS A/V Proxy A/S FW Step 1: Provision Security Cmd/Ctrl into Virtual Data Center Security C&C Scan DLP UTM SIEM PKI IPS Integrate into Common Virtual Perimeter A/V Proxy A/S Step 2: Provision Virtual Micro-Perimeter into Run Time System FW Page 33
34 East-West Protection for and C&C Cloud Tenant Hypervisor Security Orchestration Server FW... A/S Proxy FW Virtual Appliances Tenant Security APIs SIEM Risk Compliance Security Reporting Security Alerting Tenant Security APIs Hypervisor Security Orchestration C&C FW... A/S Proxy FW Virtual Appliances Page 34
35 Enterprise Assets Virtual Micro Perimeter SOC Virtual Micro Perimeter Page 35
36 Adding Gateway Virtual Enterprise Assets Virtual Micro Perimeter Virtual Micro Perimeter Gateway SOC Virtual Micro Perimeter Page 36
37 Cloud Tenant Hypervisor Security Orchestration Gate way FW... A/S Proxy FW Virtual Appliances Tenant Hypervisor Security Orchestration Server FW... A/S Proxy FW Virtual Appliances SIEM Tenant Tenant Risk Compliance Security APIs Security Reporting Security APIs Security Alerting East-West Protection for, C&C, and Gateway Hypervisor Security Orchestration SOC FW... A/S Proxy FW Virtual Appliances Page 37
38 Enterprise Assets Virtual Micro Perimeter Virtual Micro Perimeter Gateway SOC Virtual Micro Perimeter Page 38
39 East-West Traversal Mitigated by Virtual Perimeter North/South Exploit (Perimeter) East/West Exploit (Enterprise) Successfully attack this... and gain NO access to this... Page 39
40 Legacy Assets Dependent on Existing Perimeter Legacy Assets Enterprise Assets Virtual Micro Perimeter Virtual Micro Perimeter Gateway SOC Virtual Micro Perimeter Page 40
41 Legacy Assets Dependent on Existing Perimeter Enterprise Perimeter (Legacy Assets) Legacy Gateway SOC Page 41
42 Enterprise Perimeter Has Less to Defend Legacy Gateway SOC Page 42
43 Legacy Gateway SOC Page 43
44 Back-End Legacy Gateway SOC Page 44
45 Back-End Legacy Gateway SOC (Primary) SOC (Backup) Page 45
46 Back-End Legacy Gateway SOC (Primary) SOC (Backup) Page 46
47 Back-End Legacy Gateway SOC (Primary) SOC (Backup) Page 47
48 Legacy Back-End Gateway SOC (Primary) SOC (Backup) Page 48
49 Gateway Legacy Back-End SOC (Primary) SOC (Backup) Page 49
50 Gateway Legacy Back-End SOC (Primary) SOC (Backup) Page 50
51 Ring (Gateway) Ring (Legacy) Ring (Back-End) Ring ( Server) SOC (Primary) SOC (Backup) Page 51
52 SOC (Primary) SOC (Backup) Page 52
53 Page 53
54 Page 54
55 Page 55
56 Page 56
57 Micro-Domain Rings Micro-Domain Rings Security Command and Control (C&C) Page 57
58 Micro-Domain Rings Micro-Domain Rings Security Command and Control (C&C) Robust, Secure Communication with Multiple C&C Security Software Drop Locations Page 58
59 Bots Bots Botnet Command and Control (C&C) Robust, Secure Communication with Multiple C&C Botnet Software Drop Locations Page 59
60 Resilience of Botnets ZeroAccess Botnet (Click Fraud) Resilient!! Massive Industry Botnet Takedown Effort Page 60
61 Distributed, Virtual Enterprise Perimeter Design Micro-Domain Rings Micro-Domain Rings Security Command and Control (C&C) Security Software Drop Locations Robust, Secure Communication with Multiple C&C Page 61
Networking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationFirewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA
Firewalls Securing Networks Chapter 3 Part 1 of 4 CA M S Mehta, FCA 1 Firewalls Learning Objectives Task Statements 1.3 Recognise function of Telecommunications and Network security including firewalls,..
More informationGuest Speaker. Michael Sutton Chief Information Security Officer Zscaler, Inc.
Guest Speaker Michael Sutton Chief Information Security Officer Zscaler, Inc. Michael Sutton has dedicated his career to conducting leadingedge security research, building world-class security teams and
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationSecure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services
Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013
More informationFIREWALL POLICY DOCUMENT
FIREWALL POLICY DOCUMENT Document Id Firewall Policy Sponsor Laura Gibbs Author Nigel Rata Date May 2014 Version Control Log Version Date Change 1.0 15/05/12 Initial draft for review 1.1 15/05/14 Update
More informationIT Security Strategy and Priorities. Stefan Lager CTO Services stefan.lager@addpro.se
IT Security Strategy and Priorities Stefan Lager CTO Services stefan.lager@addpro.se Cyberthreat update Why would anyone want to hack me? I am not a bank! Security Incidents with Confirmed Data Loss Source:
More informationF-SECURE MESSAGING SECURITY GATEWAY
F-SECURE MESSAGING SECURITY GATEWAY DEFAULT SETUP GUIDE This guide describes how to set up and configure the F-Secure Messaging Security Gateway appliance in a basic e-mail server environment. AN EXAMPLE
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationWHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats
WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationSoftware that provides secure access to technology, everywhere.
Software that provides secure access to technology, everywhere. Joseph Patrick Schorr @JoeSchorr October, 2015 2015 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE 1 Agenda What are we dealing with? How
More informationFIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.
1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams
More informationINTRODUCTION TO FIREWALL SECURITY
INTRODUCTION TO FIREWALL SECURITY SESSION 1 Agenda Introduction to Firewalls Types of Firewalls Modes and Deployments Key Features in a Firewall Emerging Trends 2 Printed in USA. What Is a Firewall DMZ
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationMove over, TMG! Replacing TMG with Sophos UTM
Move over, TMG! Replacing TMG with Sophos UTM Christoph Litzbach, Pre-Sales Engineer NSG 39 Key Features of TMG HTTP Antivirus/spyware URL Filtering HTTPS forward inspection Web Caching Role based access
More informationNext Generation Firewalls and Sandboxing
Next Generation Firewalls and Sandboxing Joe Hughes, Director www.servicetech.co.uk Summary What is a Next Generation Firewall (NGFW)? Threat evolution Features Deployment Best practices What is Sandboxing?
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationTHE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS
THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS INCONVENIENT STATISTICS 70% of ALL threats are at the Web application layer. Gartner 73% of organizations have been hacked in the past two
More informationSecurity Information & Event Management (SIEM)
Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting
More informationMaruleng Local Municipality
Maruleng Local Municipality. 22 November 2011 1 Version Control Version Date Author(s) Details 1.1 23/03/2012 Masilo Modiba New Policy 2 Contents ICT Firewall Policy 1 Version Control.2 1. Introduction.....4
More informationIntroduction of Intrusion Detection Systems
Introduction of Intrusion Detection Systems Why IDS? Inspects all inbound and outbound network activity and identifies a network or system attack from someone attempting to compromise a system. Detection:
More informationUnified Threat Management, Managed Security, and the Cloud Services Model
Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical
More informationAchieving PCI-Compliance through Cyberoam
White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit
More informationMany network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.
RimApp RoadBLOCK goes beyond simple filtering! Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes. However, traditional
More informationFirewalls and VPNs. Principles of Information Security, 5th Edition 1
Firewalls and VPNs Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to: Understand firewall technology and the various approaches
More informationGOOD GUYS VS BAD GUYS: USING BIG DATA TO COUNTERACT ADVANCED THREATS. Joe Goldberg. Splunk. Session ID: SPO-W09 Session Classification: Intermediate
GOOD GUYS VS BAD GUYS: USING BIG DATA TO COUNTERACT ADVANCED THREATS Joe Goldberg Splunk Session ID: SPO-W09 Session Classification: Intermediate About Me Joe Goldberg Current: Splunk - Security Evangelist
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationSecurity Analytics for Smart Grid
Security Analytics for Smart Grid Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC robert.griffin@rsa.com blogs.rsa.com/author/griffin @RobtWesGriffin 1 No Shortage of Hard
More informationComputer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1
Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton
More informationUsing Skybox Solutions to Achieve PCI Compliance
Using Skybox Solutions to Achieve PCI Compliance Achieve Efficient and Effective PCI Compliance by Automating Many Required Controls and Processes Skybox Security whitepaper August 2011 1 Executive Summary
More informationWHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform
WHITE PAPER Cloud-Based, Automated Breach Detection The Seculert Platform Table of Contents Introduction 3 Automatic Traffic Log Analysis 4 Elastic Sandbox 5 Botnet Interception 7 Speed and Precision 9
More informationSecurity Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net
Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationFirewall Environments. Name
Complliiance Componentt DEEFFI INITION Description Rationale Firewall Environments Firewall Environment is a term used to describe the set of systems and components that are involved in providing or supporting
More informationCALNET 3 Category 7 Network Based Management Security. Table of Contents
State of California IFB STPD 12-001-B CALNET 3 Category 7 Network Based Security Table of Contents 7.2.1.4.a DDoS Detection and Mitigation Features... 1 7.2.2.3 Email Monitoring Service Features... 2 7.2.3.2
More information全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks
全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks Agenda Challenges and PCI DSS 3.0 Updates Personal Information Protection Act Strategy to Protect against leak of Confidential Personal and Corporate
More informationConfiguring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA
Configuring Personal Firewalls and Understanding IDS Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA 1 Configuring Personal Firewalls and IDS Learning Objectives Task Statements 1.4 Analyze baseline
More informationDefend Your Network with DNS Defeat Malware and Botnet Infections with a DNS Firewall
Defeat Malware and Botnet Infections with a DNS Firewall By 2020, 30% of Global 2000 companies will have been directly compromised by an independent group of cyberactivists or cybercriminals. How to Select
More informationPOLIWALL: AHEAD OF THE FIREWALL
POLIWALL: AHEAD OF THE FIREWALL FIREWALL HISTORY Since the earliest days of the Internet, when hackers sat in their darkened basements dialing into networks with dial-up modems, both network threats and
More informationU06 IT Infrastructure Policy
Dartmoor National Park Authority U06 IT Infrastructure Policy June 2010 This document is copyright to Dartmoor National Park Authority and should not be used or adapted for any purpose without the agreement
More informationInnovations in Network Security
Innovations in Network Security Michael Singer April 18, 2012 AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationAppendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003
http://technet.microsoft.com/en-us/library/cc757501(ws.10).aspx Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 Updated: October 7, 2005 Applies To: Windows Server 2003 with
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Security Scanning Procedures Version 1.1 Release: September 2006 Table of Contents Purpose...1 Introduction...1 Scope of PCI Security Scanning...1 Scanning
More informationEmerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA
Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering
More informationPROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES
PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute
More informationManaged Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint?
Managed Intrusion, Detection, & Prevention Services (MIDPS) Why E-mail Sorting Solutions? Why ProtectPoint? Why? Focused on Managed Intrusion Security Superior-Architected Hardened Technology Security
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationHow To Protect A Network From Attack From A Hacker (Hbss)
Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures DAVID COLE, DIRECTOR IS AUDITS, U.S. HOUSE OF REPRESENTATIVES Assessment Planning Assessment Execution Assessment
More informationIBM Advanced Threat Protection Solution
IBM Advanced Threat Protection Solution Fabio Panada IBM Security Tech Sales Leader 1 Advanced Threats is one of today s key mega-trends Advanced Threats Sophisticated, targeted attacks designed to gain
More informationWHITE PAPER. FortiWeb Web Application Firewall Ensuring Compliance for PCI DSS 6.5 and 6.6
WHITE PAPER FortiWeb Web Application Firewall Ensuring Compliance for PCI DSS 6.5 and 6.6 Ensuring compliance for PCI DSS 6.5 and 6.6 Page 2 Overview Web applications and the elements surrounding them
More informationSFWR ENG 4C03 Class Project Firewall Design Principals Arash Kamyab 9940313 March 04, 2004
SFWR ENG 4C03 Class Project Firewall Design Principals Arash Kamyab 9940313 March 04, 2004 Introduction: A computer firewall protects computer networks from unwanted intrusions which could compromise confidentiality
More informationMarch 2012 www.tufin.com
SecureTrack Supporting Compliance with PCI DSS 2.0 March 2012 www.tufin.com Table of Contents Introduction... 3 The Importance of Network Security Operations... 3 Supporting PCI DSS with Automated Solutions...
More informationVIEWABILL. Cloud Security and Operational Architecture. featuring RUBY ON RAILS
VIEWABILL Cloud Security and Operational Architecture featuring RUBY ON RAILS VAB_CloudSecurity V1 : May 2014 Overview The Viewabill.com cloud is a highly-secure, scalable and redundant solution that enables
More informationStateful Inspection Technology
Stateful Inspection Technology Security Requirements TECH NOTE In order to provide robust security, a firewall must track and control the flow of communication passing through it. To reach control decisions
More informationPOLIWALL: AHEAD OF THE FIREWALL
POLIWALL: AHEAD OF THE FIREWALL FIREWALL HISTORY Since the earliest days of the Internet, when hackers sat in their darkened basements dialing into networks with dial-up modems, both network threats and
More informationUMHLABUYALINGANA MUNICIPALITY FIREWALL MANAGEMENT POLICY
UMHLABUYALINGANA MUNICIPALITY FIREWALL MANAGEMENT POLICY Firewall Management Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Originator: Recommended by Director
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Firewall 1 Basic firewall concept Roadmap Filtering firewall Proxy firewall Network Address Translation
More informationZscaler Internet Security Frequently Asked Questions
Zscaler Internet Security Frequently Asked Questions 1 Technical FAQ PRODUCT LICENSING & PRICING How is Zscaler Internet Security Zscaler Internet Security is licensed on number of Cradlepoint devices
More informationCompany Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.
Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim
More informationPayment Card Industry Data Security Standard Payment Card Industry Data Security Standard (PCI / DSS)
Payment Card Industry Data Security Standard (PCI / DSS) InterSect Alliance International Pty Ltd Page 1 of 12 Intersect Alliance International Pty Ltd. All rights reserved worldwide. Intersect Alliance
More informationPCI Security Scan Procedures. Version 1.0 December 2004
PCI Security Scan Procedures Version 1.0 December 2004 Disclaimer The Payment Card Industry (PCI) is to be used as a guideline for all entities that store, process, or transmit Visa cardholder data conducting
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 03.16 EB7178 DATA SECURITY Table of Contents 2 Data-Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationBlackRidge Technology Transport Access Control: Overview
2011 BlackRidge Technology Transport Access Control: Overview 1 Introduction Enterprises and government agencies are under repeated cyber attack. Attacks range in scope from distributed denial of service
More informationFortiWeb 5.0, Web Application Firewall Course #251
FortiWeb 5.0, Web Application Firewall Course #251 Course Overview Through this 1-day instructor-led classroom or online virtual training, participants learn the basic configuration and administration
More informationSECURITY ADVISORY FROM PATTON ELECTRONICS
SECURITY ADVISORY FROM PATTON ELECTRONICS Potential Security Vulnerabilities Identified in Simple Network Management Protocol (SNMP) Revision 1.0 For Public Release March 7, 2002 Last Updated March 7,
More informationWho Moved My Firewall. Clinton Thomson Derivco (PTY) Ltd
Who Moved My Firewall Clinton Thomson Derivco (PTY) Ltd 1 Agenda Introduction to Derivco (Pty) Ltd Efficacy of Firewalls Firewall Roles Threat Landscape De-perimeterisation Q & A 2 Derivco as a company
More informationSSL VPN Technology White Paper
SSL VPN Technology White Paper Keywords: SSL VPN, HTTPS, Web access, TCP access, IP access Abstract: SSL VPN is an emerging VPN technology based on HTTPS. This document describes its implementation and
More informationCHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security Objectives List the different types of network security devices and explain how they can be used Define network
More informationFear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured!
Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured! Presented by: Kristen Zarcadoolas, Jim Soenksen, and Ed Sale PART 2: plan, act, repeat (from the look, plan,
More informationInformation Security for the Rest of Us
Secure Your Way Forward. AuditWest.com Information Security for the Rest of Us Practical Advice for Small Businesses Brian Morkert President and Chief Consultant 1 Introduction President Audit West IT
More informationTABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY
IT FIREWALL POLICY TABLE OF CONTENT 1. INTRODUCTION... 3 2. TERMS AND DEFINITION... 3 3. PURPOSE... 5 4. SCOPE... 5 5. POLICY STATEMENT... 5 6. REQUIREMENTS... 5 7. OPERATIONS... 6 8. CONFIGURATION...
More informationRam Dantu. VOIP: Are We Secured?
Ram Dantu Professor, Computer Science and Engineering Director, Center for Information and Computer Security University of North Texas rdantu@unt.edu www.cse.unt.edu/~rdantu VOIP: Are We Secured? 04/09/2012
More informationMobile security and your EMR. Presented by: Shawn Tester & Allen Cornwall
Mobile security and your EMR Presented by: Shawn Tester & Allen Cornwall Date: October 14, 2011 Overview General Security Challenges & best practices Mobile EMR interfaces - EMR Access - Today & Future
More informationAddressing Security for Hybrid Cloud
Addressing Security for Hybrid Cloud Sreekanth Iyer Executive IT Architect IBM Cloud (CTO Office) Email : sreek.iyer@in.ibm.com Twitter: @sreek Blog: http://ibm.co/sreek July 18, 2015 Cloud is rapidly
More informationCloud Security Overview
UT DALLAS Erik Jonsson School of Engineering & Computer Science Cloud Security Overview Murat Kantarcioglu Outline Current cloud security techniques Amazon Web services Microsoft Azure Cloud Security Challengers
More informationSSL: A False Sense of Security? How the Tenable Solution Restores SSL Effectiveness and Mitigates Related Threats
SSL: A False Sense of Security? How the Tenable Solution Restores SSL Effectiveness and Mitigates Related Threats White Paper Copyright 2002-2012 Tenable Network Security, Inc. Tenable Network Security,
More informationMetric Matters. Dain Perkins, CISSP Dain.Perkins@gmail.com
Metric Matters Dain Perkins, CISSP Dain.Perkins@gmail.com My Perspective Information security metrics do not show us how we need to improve our defenses Image: http://abcnews.go.com/sports/2014-fifa-world-cup-us-goalie-tim-howard/story?id=24400295
More informationPENETRATION TESTING GUIDE. www.tbgsecurity.com 1
PENETRATION TESTING GUIDE www.tbgsecurity.com 1 Table of Contents What is a... 3 What is the difference between Ethical Hacking and other types of hackers and testing I ve heard about?... 3 How does a
More informationChapter 11 Cloud Application Development
Chapter 11 Cloud Application Development Contents Motivation. Connecting clients to instances through firewalls. Chapter 10 2 Motivation Some of the questions of interest to application developers: How
More informationCheck Point Security Administrator R70
Page 1 of 6 Check Point Security Administrator R70 Check Point Security Administration R70 Length Prerequisites 5 days* (recommended) Basic networking knowledge, knowledge of Windows Server and/or UNIX,
More informationInternet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM
Internet Security Protecting Your Business Hayden Johnston & Rik Perry WYSCOM Introduction Protecting Your Network Securing Your Information Standards & Best Practices Tools & Options Into The Future Creating
More informationWhy Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation www.lumeta.
Why Leaks Matter Leak Detection and Mitigation as a Critical Element of Network Assurance A publication of Lumeta Corporation www.lumeta.com Table of Contents Executive Summary Defining a Leak How Leaks
More informationFirewall Introduction Several Types of Firewall. Cisco PIX Firewall
Firewall Introduction Several Types of Firewall. Cisco PIX Firewall What is a Firewall? Non-computer industries: a wall that controls the spreading of a fire. Networks: a designed device that controls
More informationMcAfee Next Generation Firewall (NGFW) Administration Course
McAfee Product Education McAfee Next Generation Firewall (NGFW) Administration Course The McAfee NGFW Administration course from Education Services provides attendees with hands-on training on the design,
More informationSymantec Enterprise Firewalls. From the Internet Thomas Jerry Scott
Symantec Enterprise Firewalls From the Internet Thomas Symantec Firewalls Symantec offers a whole line of firewalls The Symantec Enterprise Firewall, which emerged from the older RAPTOR product We are
More informationK7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109
K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS v.109 1 The Exchange environment is an important entry point by which a threat or security risk can enter into a network. K7 Mail Security is a complete
More informationOn and off premises technologies Which is best for you?
On and off premises technologies Which is best for you? We don t mind what you buy, as long as it is YELLOW! Warren Sealey and Paul-Christian Garpe On Premises or in the cloud? 1 Agenda Why Symantec? Email
More informationBuilding Your Firewall Rulebase Lance Spitzner Last Modified: January 26, 2000
Building Your Firewall Rulebase Lance Spitzner Last Modified: January 26, 2000 Building a solid rulebase is a critical, if not the most critical, step in implementing a successful and secure firewall.
More informationReverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006
Reverse Shells Enable Attackers To Operate From Your Network Richard Hammer August 2006 Reverse Shells? Why should you care about reverse shells? How do reverse shells work? How do reverse shells get installed
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationSAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)
SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) A RSACCESS WHITE PAPER 1 Microsoft Forefront Unified Access Gateway Overview 2 Safe-T RSAccess Secure Front-end Overview
More informationSmarter Security for Smarter Local Government. Craig Sargent, Solutions Specialist
Smarter Security for Smarter Local Government Craig Sargent, Solutions Specialist SUMMARY 1 Trustwave and SpiderLabs 2 Penetration Testing 3 Web Application Firewall (WAF) 4 Security Information & Event
More informationH.I.P.A.A. Compliance Made Easy Products and Services
H.I.P.A.A Compliance Made Easy Products and Services Provided by: Prevare IT Solutions 100 Cummings Center Suite 225D Beverly, MA 01915 Info-HIPAA@prevare.com 877-232-9191 Dear Health Care Professional,
More informationA host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.
A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based
More informationSecurity Intelligence and Analytics in Industrial Systems
Users Group Europe, Middle East and Africa Security Intelligence and Analytics in Industrial Systems Eric D Knapp, About the Presenter Eric D. Knapp Global Director of Cyber Security Solutions and Technology
More information