Al Lilianstrom CD/LSC/SOS/ESG  Blocked?  Operating Systems  Baselines  Detection  TiSSUE  Compliance  Windows  OS/X  Questions.

Slides:

Advertisements

Similar presentations

Configuring Windows to run Dr.Web scanner remotely.

Advertisements

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Installing software on personal computer

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Untangle and OpenVPN. ‏ What is OpenVPN? Allows secure remote connection Based on SSL Uses UDP 1194 Supports – Site to Site (hardware to hardware) – Site.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

FNAL Configuration Management Jack Schmidt Cyber Security Workshop May th 2006.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

All Experimenters Meetings Windows 7 Migration 1 April 18, 2011 W7 AEM Presentation.

Networking Security Chapter 8 powered by dj. Chapter Objectives  Explain various security threats  Monitor security in Windows Vista  Explain basic.

Hands-On Microsoft Windows Server 2003 Administration Chapter 2 Managing Windows Server 2003 Hardware and Software.

Chapter SIx Maintaining a Computer Part I: Configuring, Updating, and Upgrading the OS.

September 29, 2009Computer Security Awareness Day1 Fermilab.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

Troubleshooting Windows Vista Security Chapter 4.

3-Protecting Systems Dr. John P. Abraham Professor UTPA.

FNAL System Patching Design Jack Schmidt, Al Lilianstrom, Andy Romero, Troy Dawson, Connie Sieh (Fermi National Accelerator Laboratory) Introduction FNAL.

SMS 2003 Deployment and Managing Windows Security Rafal Otto Internet Services Group Department of Information Technology CERN 26 May 2016.

W2K Server Installation It is very important that before you begin to install Windows 2000 Server, you must prepare for the installation by gathering specific.

PC MANAGER MEETING January 23, Agenda  Next Meeting  Training  Windows Policy  Main Topic: Windows AV Service Review.

PPD Computing “Business Continuity” David Kelsey 3 May 2012.

RINGS (ResNet Integrated Next Generation Solution) Educause Security Professionals Conference 2006.

Scott Drucker, Systems Engineer Migrating to Microsoft Vista with WinINSTALL.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

7400 Samsung Confidential & Proprietary Information Copyright 2006, All Rights Reserved. -0/17- OfficeServ 7400 Enterprise IP Solutions Quick Install Guide.

1 NTC/TCS Training Dallas 2009 TaxWise, TrueCrypt, and Vista There are several issues that need to be addressed when using TaxWise and TrueCrypt on computers.

1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Jonathan Loving Fermi Lab Computing Division

Chapter 8 Configuring and Managing Shared Folder Security.

GROUP MEMBERS: Asjad Bin Aqdas Javaria Khan Mishal Arshad Nauman Ansari Bushra Waheed Presented to: Ma’am Ayisha Qureshi.

Terri Lahey Control System Cyber-Security Workshop October 14, SLAC Controls Security Overview Introduction SLAC has multiple.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

17 Establishing Dial-up Connection to the Internet Using Windows 9x 1.Install and configure the modem 2.Configure Dial-Up Adapter 3.Configure Dial-Up Networking.

W elcome to our Presentation. Presentation Topic Virus.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.

Windows Vista Configuration MCTS : User Account Security.

Security Awareness Our security depends on you. What IT Security Protects ECU Campus network and everything attached to it Information –personal data.

Chapter 1 Objectives Understand the History of Windows Over the Last 20-Plus Years. Compare and Contrast the Available Editions of Windows 7. Understand.

Introducing, Installing, and Upgrading Windows 7

Chapter Objectives In this chapter, you will learn:

Backdoor Attacks.

CompTIA Server+ Certification (Exam SK0-004)

Putting It All Together

Putting It All Together

IBM Software Group | Tivoli Brand Software

5.0 : Windows Operating System

Introduction To Networking

TYPES OF SERVER. TYPES OF SERVER What is a server.

How to Fix Trojan.Poweliks Using Norton Antivirus?

Lesson #8 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 8 Configuring Applications and Internet Explorer.

Norton customer support Number

Intercept X for Server Early Access Program Sophos Tester

Virus Attack Final Presentation

IT Development Initiative: Status and Next Steps

Information Security Session October 24, 2005

ISMS Information Security Management System

Identity & Access Management

PLANNING A SECURE BASELINE INSTALLATION

Presentation transcript:

Al Lilianstrom CD/LSC/SOS/ESG

 Blocked?  Operating Systems  Baselines  Detection  TiSSUE  Compliance  Windows  OS/X  Questions

 What does it mean to get BLOCKED?  When a system is blocked it is prevented from accessing the network  Symptoms  The use of the computer that is blocked is suddenly unable to  Read  Browse the web  Access file servers Other users in the same area are not experiencing any problems

 Windows 7, Windows XP sp3, Windows Vista sp2  Leopard, Snow Leopard  SLF4, SLF 5  Operating systems that have not been approved or have reached end of life can be blocked from the network  Windows 2000  Windows XP sp2  Scientific Linux (Fermi) 3.0

 Approved operating systems have baselines defined for them  The baseline documents set the minimum required configuration for the operating system to be allowed on the Fermilab network  Firewall  Antivirus  Operating System

 In addition Computer Security may deem a certain patch or minimum OS level be required  Variances can be requested from Computer Security for required items that negatively impact production services  Submit requests for variances through the Service Desk

 For a variance to be approved you must supply:  The business reason why you cannot comply with the baseline  Using a hardware device for which no driver exists in the current version of the operating system  Saying it would be inconvenient to upgrade is NOT a sufficient justification  The compensatory security controls that will be applied to provide adequate security  Typically this will involve limitations on network connections, applications, and users for that particular system

 CST continuously scans all systems on site  Scans originate from both on and off site systems  Scans are also done of central inventory and anti-virus systems looking for non-compliant systems  A system with a detected vulnerability will generate a TiSSUE event

 Blocking and non-blocking events  Registered system administrators of the system are notified  The event must be remediated and closed in TiSSUE  If the event is closed without the cause being remediated a new event will be created the next time the system is scanned

 Use an approved operating system  Abide by the applicable baseline  Patches  AV  Firewall settings  System configuration

 Participate in  Central AV  Central Inventory  Central Patching  Meet baseline standard  If the system is a member of the Fermi Windows domain the baseline for the system is met. Non- domain systems MUST meet the same baselines as domain systems.

 Reminder  Don’t use an account with Administrator access to read mail, surf the web, etc. Use a regular user account.

 Approved for use on the Fermilab network  Improved User Account Control (UAC)  Less intrusive  Easier to run as a standard user rather than an administrator  Advanced firewall  Data Execution Prevention (DEP)  Address Space Layout Randomization (ASLR)

 Centralized management not as mature  Rapidly improving  Participate in  Central AV  Central Inventory  Centralized Patching (coming soon…)