Approach to Secure IP Platforms Clarence Pape March 12, 2011.

Slides:

Advertisements

Similar presentations

Trusted Computing in Government Networks May 16, 2007 Richard C. (Dick) Schaeffer, Jr. Information Assurance Director National Security Agency.

Advertisements

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.

| Copyright © 2009 Juniper Networks, Inc. | 1 WX Client Rajoo Nagar PLM, WABU.

OneBridge Mobile Data Suite Product Positioning. Target Plays IT-driven enterprise mobility initiatives Extensive support for integration into existing.

BI Web Intelligence 4.0. Business Challenges Incorrect decisions based on inadequate data Lack of Ad hoc reporting and analysis Delayed decisions.

LeadManager™- Internet Marketing Lead Management Solution May, 2009.

Working for the future - today

HP Quality Center Overview.

Software Engineering CSE470: Process 15 Software Engineering Phases Definition: What? Development: How? Maintenance: Managing change Umbrella Activities:

Key-word Driven Automation Framework Shiva Kumar Soumya Dalvi May 25, 2007.

Key Considerations for Report Generation & Customization Richard Wzorek Director, Production IT Confidential © Almac Group 2012.

© Nuance Communications, Inc. All rights reserved. Page 1 Nuance ® AutoStore ® for SAP ® solutions.

The Most Analytical and Comprehensive Defense Network in a Box.

Mobile Resource Manager v2. Core Pillars  Engine - High fuel costs, vehicle maintenance  Productivity - Customers expect increasing levels of service.

Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.

04b | Manage Test Execution (2 of 2) Steven Borg | Co-founder & Strategist, Northwest Cadence Anthony Borton | ALM Consultant, Enhance ALM.

Advance Analytics Capabilities

Chapter 19: Network Management Business Data Communications, 4e.

Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Copyright 2009 FUJITSU TECHNOLOGY SOLUTIONS PRIMERGY Servers and Windows Server® 2008 R2 Benefit from an efficient, high performance and flexible platform.

Copyright © 2007 Advantica Inc. (USA Only) and Advantica Ltd. (Outside USA). All rights reserved by the respective owner. Benefits of an Integrated Compliance.

Driving Productivity with Microsoft Dynamics CRM Presenter Name Presenter Title Presenter Date.

SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

Microsoft Dynamics. Introducing Al-Futtaim Technologies  One of the region’s leading System Integrators  Strong partnerships with leading global ICT.

Maintaining and Updating Windows Server 2008

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

Call Center – What Really Makes Sense? Call Center – ce este cu adevarat important?

Professional Systems Associates, Inc. We’ve been building powerful, people-oriented software solutions for commercial and government.

Internet GIS. A vast network connecting computers throughout the world Computers on the Internet are physically connected Computers on the Internet use.

Powered by. Motus is an integrated web-based and mobile software platform that supports field work management and execution, giving employees necessary.

By N.Gopinath AP/CSE. Why a Data Warehouse Application – Business Perspectives  There are several reasons why organizations consider Data Warehousing.

WP6: Grid Authorization Service Review meeting in Berlin, March 8 th 2004 Marcin Adamski Michał Chmielewski Sergiusz Fonrobert Jarek Nabrzyski Tomasz Nowocień.

Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.

Nurjana Technologies Company Presentation. Nurjana Technologies (NT) is a small business enterprise founded in 2012 and operating in Aerospace and Defence.

Dillon: CSE470: SE, Process1 Software Engineering Phases l Definition: What? l Development: How? l Maintenance: Managing change l Umbrella Activities:

OneView Benefits Sales collaboration across network A “one-stop” utility portal Ease of use, scalability & accessibility Useful reports and metrics Improved.

ESCOP ™ System Center Operations Portal Expanding SCOM 2007 Data Warehouse and ACS Function.

Honeypot and Intrusion Detection System

System Management for Virtualization and Automation in a Dynamic Data Center SVM’08 Munich Karsten Beins, Sen. Director Infrastructure Technology.

Module 7: Fundamentals of Administering Windows Server 2008.

Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.

InstantGMP: Electronic Batch Records System for GMP Manufacturing InstantGMP™ Inventory Control Module for GMP Manufacturing.

An Approach To Automate a Process of Detecting Unauthorised Accesses M. Chmielewski, A. Gowdiak, N. Meyer, T. Ostwald, M. Stroiński

CUTTING COMPLEXITY – SIMPLIFYING SECURITY INSERT PRESENTERS NAME HERE XXXX INSERT DATE OF EVENT HERE XXXX.

Paul Butterworth Management Technology Architect

A Software Solution for the Control, Acquisition, and Storage of CAPTAN Network Topologies Ryan Rivera, Marcos Turqueti, Alan Prosser, Simon Kwan Electronic.

GREG CAPPS [ ASUG INSTALLATION MEMBER MEMBER SINCE:1998 ISRAEL OLIVKOVICH [ SAP EMPLOYEE MEMBER SINCE: 2004 GRETCHEN LINDQUIST [ ASUG INSTALLATION MEMBER.

Distributed Databases

MIS 105 LECTURE 1 INTRODUCTION TO COMPUTER HARDWARE CHAPTER REFERENCE- CHP. 1.

March 2004 At A Glance NASA’s GSFC GMSEC architecture provides a scalable, extensible ground and flight system approach for future missions. Benefits Simplifies.

Microsoft Management Seminar Series SMS 2003 Change Management.

Exchange Deployment Planning Services Exchange 2010 Complementary Products.

Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.

Authorized economic operator Minimizing risks, optimizing flows.

Data Center Management Microsoft System Center. Objective: Drive Cost of Data Center Management 78% Maintenance 22% New Issue:Issue: 78% of IT budgets.

Electronic Design Change Process Paul Tobin Jr.- PKMJ Technical Services.

1© Copyright 2015 EMC Corporation. All rights reserved. FEDERATION ENTERPRISE HYBRID CLOUD OPERATION SERVICES FULL RANGE OF SERVICES TO ASSIST YOUR STAFF.

March 2004 At A Glance The AutoFDS provides a web- based interface to acquire, generate, and distribute products, using the GMSEC Reference Architecture.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Simple, End-to-End Performance Management Application Performance.

1 Acquisition Automation – Challenges and Pitfalls Breakout Session # E11 Name: Jim Hargrove and Allen Edgar Date: Tuesday, July 31, 2012 Time: 2:30 pm-3:45.

Automating Work Order Processes for Advanced Metering Infrastructure (AMI) Devices with Collector for ArcGIS and Portal for ArcGIS Subrahmanyam Pendyala.

WHY VIDEO SURVELLIANCE

WHY VIDEO SURVELLIANCE

Sample Fit-Gap Kick-off

Hybrid Management and Security

Hybrid Management and Security

Michael Mast Senior Architect

Business Document Platform

WHY VIDEO SURVELLIANCE

WHY VIDEO SURVELLIANCE

Presentation transcript:

Approach to Secure IP Platforms Clarence Pape March 12, 2011

Challenge Aircraft Platforms are incredibly complex Systems and networks degrade in quality and security over time Controlled point testing does not replicate real-world scenarios No room/budget for carrying emergency SMEs Shift in systems and networks to IP-based = changes in quality + security? Agile test system that is configurable to meet high demands Modular software approach to reduce weight and increase capabilities Leverage expert COTS tools with mission-focused workflows Generate actionable data in real time Collect detailed data for SME trend analysis Solution

Stuxnet Worm Iranian Nuclear Attack Infected over 45,000 machines Waited for the right conditions Targeted highly specific electronically controlled systems –IP Addresses in Iran –Presence of key technologies that indicate the system is installed in a vulnerable power plant Forces the industrial process to self-destruct

Overview of the Solution ID Optimize –Advanced Policy Engine –Leverages the power of COTS tools –Provides a customized interface that can be designed to represent the exact data necessary –Detailed logs are created for analysis and policy updates The power of enterprise-class tools, without the cost of SMEs.

ID Optimize -> DISA Air Mobility Test Suite ID Optimize is a COTS tool developed by ID DISA saw the potential –Custom workflows based on agency and mission –Ability to be run by non-IT professionals –Ability to provide simple summaries for users and after-action reports –Ability to return highly granular data for trend analysis

What is IDOptimize A flexible development framework that combines multiple COTS products for easy to use, integrated testing and reporting Flexible – Integrate with COTS, GOTS or custom built systems Modules designed for specific purposes = low training + high success rate Modules shared across different platforms Automation - Reduces human error - Increases productivity - Run more tests and test often - Compare results with previous test runs and platform baselines quickly Systematic testing leads to predictable and repeatable results

ANALOG MODULE

Comm Testing Comm Test Module Collect subjective data and objective meta-data variables about tone quality and encryption success for end to end network segment mapping Systematically generate 3-10 tones at different human audible pitches Record the generated tones 250KH Provide actionable feedback Benefits Focused on the end user quality True end-to-end system quality test, "through the demark” Track over 50 different variables for quality control as a workflow Plug and play After action reports Centralized database with full 250kHz data capture Logistical data integration

REPORTING MODULE

Reporting All information can be uploaded to central Control Centers and Reporting Engines instantly or in a batch process The IDOptimize Test Suite Reporting Engine can also be used for mash-ups and deep dive analysis Client-side mash-up technologies preserves user authentication through to primary databases Reports can include local information, as well as global information

Calls by GEP geo-coded and graphed by Altitude– success/failure FOUO

Calls by GEP geo-coded and graphed by CCSD – success/failure FOUO

Calls by GEP geo-coded and graphed by weather – success/failure FOUO

SECURITY MODULE

Data Feeds Policies Summary Reports Data Scanning Network Status Indicator

Data Scanning

Data Feeds

Policies

Summary Reports

Network Status Indicator

IP Type Casting Core Systems – Mission critical systems that are permanently attached to the plane for years at a time. These controls should have very tight policies. Crew – Mission support systems that are carried on the plane for the mission. A wider variety of configurations may be acceptable here. Guest – These systems may be of widely varying levels of civilian, commercial, or military security and may be removed from the network in cases where they can not be remediated due to lack of control/timing constraints. Other – This is a general designation open to interpretation based on the requirements of particular work flows.

Proposed Scan Policies 4 Degrees of Control IAVA Violations Risk Level 3-6 Risk Level 0-3 Risk Level 6-9 FDCC Violations Cat III Cat II Cat I

Summary Avoid SME Costs (IP Security, Signals Analysts, etc) Security of IP Networks in disconnected/semi-connected state Communication quality shift and drift over time Systematic approach to root cause analysis Increase use of software and virtualization Agile solutions approach is quickly extendable to meet demands Software Development Acquisition Relevant data integration Centralized data Mash-ups maintain security