Protecting the Enterprise while lowering the bottom line.

Slides:

Advertisements

Similar presentations

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Advertisements

©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Changing the Face of Intrusion Prevention: Check Point IPS Software Blade.

Separate Domains of IT Infrastructure

Chapter 12 Network Security.

MSIT 458: Information Security & Assurance By Curtis Pethley.

Stephen S. Yau CSE , Fall Security Strategies.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study

Department Of Computer Engineering

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Routing and Switching in the Enterprise – Chapter 1 Networking.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

SEC835 Database and Web application security Information Security Architecture.

Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.

ESubnet Enterprises Inc. Richard Danielli, eSubnet Higher sales volumes through high network availability INTIX 2010.

Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.

P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.

Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.

Linux Security LINUX SECURITY. Firewall Linux Security Internet Database Application Web Server Firewall.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

SANS Technology Institute GDWP Presentation 1 GIAC Enterprises Network Deployment Phase 1: The Perimeter Rodney Caudle, Jay Radcliffe, and Jim Voorhees.

FireProof. The Challenge Firewall - the challenge Network security devices Critical gateway to your network Constant service The Challenge.

Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,

Network Operating Systems : Tasks and Examples Instructor: Dr. Najla Al-Nabhan

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

Security Awareness – Essential Part of Security Management Ilze Murane.

Computer Security By Duncan Hall.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK

A presentation by John Rowley for IUP COSC 356 Dr. William Oblitey Faculty member in attendance.

Critical Infrastructure Protection and the Role of the Next Generation Firewall Blaž Ivanc.

ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.

1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Network Architecture Characteristics  Explain four characteristics that are addressed by.

Cisco Discovery 3 Chapter 1 Networking in the Enterprise JEOPARDY.

UNIT V Security Management of Information Technology.

E Safety & Security Tools 13 th March 2009 Martin Quinn - The Westfield Centre.

Security fundamentals

CS457 Introduction to Information Security Systems

Securing Information Systems

TOPIC: Applications of Web Technologies in Distributed Systems

Critical Security Controls

Technology Department Annual Report

Network Security Basics: Malware and Attacks

Security Standard: “reasonable security”

Client-Server & Peer-to-Peer Networks

N-Tier Architecture.

Information Technology Sector

Secure Software Confidentiality Integrity Data Security Authentication

Information Technology (IT) Department

Security Engineering.

Security of a Local Area Network

Project 2 Rachel Richman Gatcombe Section /17/2018 3:02 AM.

Tool Server Workstation Router Universal

Security in Networking

TASK 4 Guideline.

IS4550 Security Policies and Implementation

AKAMAI INTELLIGENT PLATFORM™

ISMS Information Security Management System

IS4680 Security Auditing for Compliance

Introduction to Databases Transparencies

Chapter 9 E-Commerce Security and Fraud Protection

How to Mitigate the Consequences What are the Countermeasures?

Unit 36: Internet Server Management

Cambridge TECHNICALS- LEVEL 3

Faculty of Science IT Department By Raz Dara MA.

Decisions, Decisions… Hosted vs. Premises-based VoIP Deployment

Web design for small busniess

Computer Security By: Muhammed Anwar.

Technology Department Annual Update

NSA Security-Enhanced Linux (SELinux)

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

Protecting the Enterprise while lowering the bottom line. Cyber Security Protecting the Enterprise while lowering the bottom line. June 3, 2004 Kevin Dziekonski

Cyber Security What does Cyber Security encompass? Secure Information Transfer E-commerce Email Enterprise LAN/WAN Web Presence

How is this accomplished? Proprietary based systems Application layer switches Software Linux based systems (Open Source) Linux flavors SELinux

What is SELinux? As part of its Information Assurance mission, the National Security Agency has long been involved with the computer security research community in investigating a wide range of computer security topics including operating system security. Recognizing the critical role of operating system security mechanisms in supporting security at higher levels, researchers from NSA's Information Assurance Research Group have been investigating an architecture that can provide the necessary security functionality in a manner that can meet the security needs of a wide range of computing environments. End systems must be able to enforce the separation of information based on confidentiality and integrity requirements to provide system security. Operating system security mechanisms are the foundation for ensuring such separation. Unfortunately, existing mainstream operating systems lack the critical security feature required for enforcing separation: mandatory access control. As a consequence, application security mechanisms are vulnerable to tampering and bypass, and malicious or flawed applications can easily cause failures in system security.

Cost of being secure Proprietary Linux Very Expensive Recurring maintenance costs (~20-40% of Initial purchase price Product Lifecycle Specially trained personnel Linux Shared cost Indirect Direct 68% of the Internet is Linux based

Total Cost of Ownership Purchase Price Maintenance Cost (25%) Lifecycle (Years) Total Router $ 25,000.00 $ 6,250.00 3 $ 37,500.00 IP Traffic Scanner $ 40,000.00 $ 10,000.00 $ 60,000.00 IP Load Balancer Firewall $ 15,000.00 $ 3,750.00 $ 22,500.00 Server Load Balancer Intrusion Detection System (IDS) Servers $ 10,000.00 $ 10,000.00 $ 235,000.00 Redundancy Total $ 470,000.00

Linux Deployed?

Support model Become SELinux support specialists Test Bed IV&V Release updates Virus DDoS DNS Blacklists

Is it working?