A Layered Approach to Support Extranet Security Ralph Santitoro Director of Security Solutions - Nortel SUPERCOMM 2005 Panel 2 Session - June.

Slides:



Advertisements
Similar presentations
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Advertisements

Security Training Lunch ‘n Learn. Agenda  Threat Analysis  Legal Issues  Threat Mitigation  User Security  Mobile Security  Policy Enforcement.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security Controls – What Works
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.
Web server security Dr Jim Briggs WEBP security1.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.
Wireless Network Security. Access Networks Core Networks The Current Internet: Connectivity and Processing Transit Net Private Peering NAP Public Peering.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Norman SecureSurf Protect your users when surfing the Internet.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
APA of Isfahan University of Technology In the name of God.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
Securing Information Systems
Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.
Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
BUSINESS B1 Information Security.
Internet Security facilities for secure communication.
C8- Securing Information Systems
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Introduction to Firewalls
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
Module 11: Designing Security for Network Perimeters.
Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.
Securing Information Systems
Working at a Small-to-Medium Business or ISP – Chapter 8
Instructor Materials Chapter 7 Network Security
Secure Software Confidentiality Integrity Data Security Authentication
Securing Information Systems
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Check Point Connectra NGX R60
Chapter 9 E-Commerce Security and Fraud Protection
Intrusion Detection system
Security week 1 Introductions Class website Syllabus review
Computer Security By: Muhammed Anwar.
In the attack index…what number is your Company?
AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.
Presentation transcript:

A Layered Approach to Support Extranet Security Ralph Santitoro Director of Security Solutions - Nortel SUPERCOMM 2005 Panel 2 Session - June 6,

© 2005 Nortel Networks. All Rights Reserved. -2- What are you trying to protect? >Business Continuity Protecting the network, hosts and applications from threats or vulnerabilities Protecting outsourced services, e.g., Call Centers, Customer Service Business Continuity Information Security Information Privacy Layer Network, Host, and Application Defense Layer >Information Security Controlling the usage of information Auditing the movement of information

© 2005 Nortel Networks. All Rights Reserved. -3- What’s Keeping the CxO Up at Night? > Computer worms, viruses > Regulatory compliance > Online fraud > Early warning of cyber attacks > Data Privacy - Top 5 Security Concerns for 2005* 80% of CSOs report that cyber attacks had a bottom-line financial impact on their organizations* * Source: CSO Interchange New York December

© 2005 Nortel Networks. All Rights Reserved. -4- Regulations will Drive Security Deployments - Regulations will increase the focus on Security >Sarbanes Oxley >Health Insurance Portability and Accountability Act (HIPAA) >Gramm-Leach-Bliley (GLB) >California Database Breach Notification Act (SB1386) >Data Protection and Misuse Act (UK) >Personal Information Protection & Electronic Documents Act (Canada) >Safe Harbor Act – EU Data Protection Act (Europe, U.S.)

Business Continuity - Protecting the Network, Hosts and Applications - What are the Threats ?

© 2005 Nortel Networks. All Rights Reserved. -6- Business Continuity - Must maintain reliable services >Conduct business without outages of critical services >Maintain communications Internally and with customers, suppliers, partners

© 2005 Nortel Networks. All Rights Reserved. -7- What are the Threats ? - Malicious Software (Malware) : Viruses, Worms, Trojans >Typically infect computer by exploiting “vulnerabilities” and social engineering Steal passwords (e.g., cookies) Destroy documents Steal confidential data (e.g, Phishing, Scam) Impede host or network device performance Distribute SPAM >Infected computers threaten security of the network >How to stop Malware AntiVirus software Intrusion Detection software or appliances Traffic Management devices Security policies

© 2005 Nortel Networks. All Rights Reserved. -8- Denial of Service and DDoS attacks >Targets known “vulnerability” in devices >Can cause devices to completely stop working >Denial of Service one hacker targeting one network device or host >Distributed Denial of Service (DDoS) One or several hackers taking over multiple hosts on the Internet. These machines then target a single network device or host

© 2005 Nortel Networks. All Rights Reserved. -9- Extranet Challenges - Threats from Encrypted Traffic >Sensitive data, VPN traffic, secure multimedia and eCommerce rely on encryption for security Encryption hides malicious code >Threat prevention devices must: Decrypt the traffic Scan traffic for Malware Report or take action on the traffic E.g., report the threat, drop the traffic, reduce the bandwidth, etc. Re-encrypt the traffic

© 2005 Nortel Networks. All Rights Reserved ANATOMY OF A REAL-WORLD ATTACK A sophisticated attacker will leverage trust relationships to gain access to more valuable information assets. Base camp A target server is attacked and compromised The acquired server is used as vantage point to penetrate the corporate net Further attacks are performed as an internal user External attacker’s system 5 P’s Probe Penetrate Persist Propagate Paralyze

© 2005 Nortel Networks. All Rights Reserved Threat Prevention >Extranet Treats require similar protection to other internal or external threats >Similar technologies and procedures used >Intelligent traffic management is critical Configure Capture AnalyzeSignatures Violations Behavior Scan Patch Policy Log Alert Block MonitorDetect ActMitigate Monitor Detect Act Mitigate

© 2005 Nortel Networks. All Rights Reserved Enterprise Security Challenge - A Dynamic Situation Infrastructure Attacks Unknown Connections Wireless access points Unused active ports Unauthorized use Extranet Compromised Malicious Unintentional Unknown attacks Engineered attacks Passwords compromised Sessions intercepted X X X X X Intranet Compromised Malicious Unintentional X X X X Understand the network. Detect the vulnerabilities. Protect the assets

© 2005 Nortel Networks. All Rights Reserved Security Policy Layers - Why Deep Packet (L3-L7) Inspection and Intelligent Traffic Management are so important IP Access Protection Denial of Service Attack Protection Application Inspection Apply Policies Anti-Spoofing ScanSynFin DoS Attack Worms, Viruses, Trojans … Peer-to-Peer Instant Messaging VoIP Guaranteed Limited Reporting and Logging Malware Inspection Example Traffic Flows

© 2005 Nortel Networks. All Rights Reserved Remote End Point Compliance >Remote end point devices (PCs, mobile devices, etc.) accessing Extranet are assessed prior to network access To determine if they are compliant with security policies >Example policy compliance rules AntiVirus installed, AntiSpyware installed, Operating System security patches and Application security patches must be installed >Compliance Policies Choices Block All, Quarantine, Allow Some, Allow All End point devices accessing the network are made compliant with corporate security policies

© 2005 Nortel Networks. All Rights Reserved Remote End Point Security Challenges and Solutions for Extranets >Masquerading: How do I know the user hasn’t stolen a user ID & password? Use a Token-based or 2-factor authentication, e.g,. RSA SecureID card or User ID / Password + VPN ID / Password >Negligence: A user walks away from her desk leaving an open VPN session Use an auto-logoff timer to terminate VPN session after a period of inactivity >Residual Data: A patient’s medical data is cached on a PC and becomes accessible to the next user Use cache cleansing to clear browser history and cached data once VPN session is terminated. >Trust: I don’t want sensitive applications accessed from any unknown PCs Use dynamic access policies enabling varied access depending on configured parameters at login, e.g., allow , but no file access or deny access completely

© 2005 Nortel Networks. All Rights Reserved Virus IDS AntiSpyware PFW Remote Endpoint Security Compliance and Remediation for Extranets >Example Extranet end point security policy to access network: AntiVirus must be installed AntiSpyware must be installed Client-based Extranet access Quarantine / Remediation Virus IDS AntiSpyware PFW Client-less Extranet access Extranet VPN connection

© 2005 Nortel Networks. All Rights Reserved Summary >Extranets require multiple layers of protection to ensure business continuity and protect information privacy Secure access (VPN) with user-based Security Policies Threat Prevention at Layer 3-7 Deep Packet Inspection and Intelligent Traffic Management End Point Security Compliance and Remediation

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.