Конференция IT Energy, 27 – 30 Ноября 2006 Предотвращение утечки Корпоративной Информации Сергей Кузнецов Представительство Citrix Systems International.

Slides:



Advertisements
Similar presentations
Benefits of CA Technology & HVB Bank Romania Study Case Bucharest, May 31, 2005.
Advertisements

. 15 Patches / 32 Vulns – 9 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.
PREVIOUS GNEWS. 13 Patches – 5 Critical Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS
XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
Origins of the Internet The Internet was started as a research project sponsored by the Advanced Research Projects Agency (ARPA) within the U.S. Dept.
Introduction to Web Application Architectures Web Application Architectures 18 th March 2005 Bogdan L. Vrusias
1 Computing for Todays Lecture 22 Yumei Huo Fall 2006.
Interpret Application Specifications
Chapter 4 Application Security Knowledge and Test Prep
Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
Server 2008 Terminal Services and Remote Desktop Services Basic application access is possible without Citrix, and Server 2008 R2 adds on some key features.
SP2 Mikael Nystrom. Agenda Översikt Installation.
Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Application Architecture
To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
© 2005,2006 NeoAccel Inc. Training Access Modes. © 2005,2006 NeoAccel Inc. Agenda 2. Access Terminals 6. Quick Access Terminal Client 3. SSL VPN-Plus.
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.
Microsoft October 2004 Security Bulletins Briefing for Senior IT Managers updated October 20, 2004 Marcus H. Sachs, P.E. The SANS Institute October 12,
1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.
IT 210 The Internet & World Wide Web introduction.
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 5: Multimedia on the Web.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Exploring Microsoft Office XP - Microsoft Word 2002 Chapter 61 Exploring Microsoft Word Chapter 6 Creating a Home Page and Web Site By Robert T. Grauer.
Architecture Of ASP.NET. What is ASP?  Server-side scripting technology.  Files containing HTML and scripting code.  Access via HTTP requests.  Scripting.
1 UCISA-SG WebTools Forum An Evaluation Exercise David Lomas University of Salford.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Databases and the Internet. Lecture Objectives Databases and the Internet Characteristics and Benefits of Internet Server-Side vs. Client-Side Special.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
E-Business & Web Technology - 1 © Minder Chen, IT Architectures Minder Chen, Ph.D. Associate Professor of ISOM George Mason University Fairfax,
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
The School District of Philadelphia Office of Information Technology Division of Technology Services Gary Brookstein Carmen Verrilli “Collaboration
Jason G. Caudill Assistant Professor of Business Administration Carson-Newman College.
Student Learning Environment on the World Wide Web l CGI-programming in Perl for the connection of databases over the Internet. l Web authoring using Frontpage.
Introduction to Computers Section 8A. home How the Internet Works Anyone with access to the Internet can exchange text, data files, and programs with.
Internet, intranet, and multimedia database processing l Database processing across local and wide area networks l Alternative architectures for distributing.
Office Live Workspace Visio 2007 Outlook 2007 Groove 2007 Access 2007 Excel 2007 Word 2007.
Microsoft ASP.net Session Samar Samy Microsoft Student Partner.
Introduction to ASP.NET 1www.tech.findforinfo.com.
1 SCOoffice Server for OpenServer Technical Overview.
Web Programming : Building Internet Applications Chris Bates CSE :
Previous Gnews. 13 Patches – 8 Critical, Affects pretty much everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS SMBv2.
Conducting Security Assessments Dan Elder Security Engineer Novacoast Eron Howard Manager Development Services Novacoast.
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
Cs332a_chapt10.ppt CS332A Advanced HTML Programming DHTML Dynamic Hypertext Markup Language A term describing a series of technologies Not a stand-a-lone.
Using FrontPage FrontPage is a great Web editing tool for people with limited knowledge and time for HTML coding. It’s similar to using Microsoft Word.
Kuliah Pengantar Teknologi Informasi Coky Fauzi Alfi cokyfauzialfi.wordpress.com Internet (2)
PREVIOUS GNEWS. 16 Patches / 49 Vulns – 4 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Cumulative.
Ajax for Dynamic Web Development Gregory McChesney.
PREVIOUS GNEWS. 3 Patches – 4 Critical – 53+ CVEs Affected – Kernel, AD, SharePoint, Office, and more MS Microsoft SharePoint Server, Remote Code.
OASIS | November 16, 2003 Organization for the Advancement of Structured Information Standards OASIS OASIS | November 18, 2003 Web Services Remote Portlets.
Web Services Using Visual.NET By Kevin Tse. Agenda What are Web Services and Why are they Useful ? SOAP vs CORBA Goals of the Web Service Project Proposed.
ASP. ASP is a powerful tool for making dynamic and interactive Web pages An ASP file can contain text, HTML tags and scripts. Scripts in an ASP file are.
Forcier and Descy The Computer as an Educational Tool (Fifth Edition) Copyright © 2008 by Pearson Education, Inc. Columbus, Ohio All rights reserved.
The basics of knowing the difference CLIENT VS. SERVER.
Introduction to the World Wide Web & Internet CIS 101.
Microsoft Office System UK Developers Conference Radisson Edwardian, Heathrow 29 th & 30 th June 2005.
Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter Out of Band Patchs –MS – IE Cumulative Security Update / Activex –MS
Chapter 4 COMPUTER SOFTWARE. Objective Describe several important trends occurring in computer software. Explain the purpose of several popular software.
Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.
Information About Microsoft’s August 2004 Security Bulletins August 13, 2004 Feliciano Intini, CISSP, MCSE Security Advisor Premier Security Center Microsoft.
Talking Points Provides EY people with greater working flexibility and collaboration opportunities. EY people can have access to technology that enables.
XP Creating Web Pages with Microsoft Office
Amol Sarwate Director of Vulnerability Labs, Qualys Inc State of Vulnerability Exploits.
Introduction ITEC 420.
Web-based Software Development - An introduction
Database Applications Using Internet Technology
Chapter 1 Introduction to HTML.
Introduction to ASP By “FlyingBono” 2009_01 By FlyingBono 2009_01
Severity and Exploitability Index
Presentation transcript:

Конференция IT Energy, 27 – 30 Ноября 2006 Предотвращение утечки Корпоративной Информации Сергей Кузнецов Представительство Citrix Systems International GmbH В России и СНГ

Компания Citrix Systems Лидер в области Инфраструктуры Доступа ( Доля международного рынка 80%) Оборот 2005 $909m. (25% рост) Представлена в 35 странах мира 6200 партнеров в более 100 стран клиентов; 15М конк. лицензий 94% клиентская лойальность 75% ежедневного трафика Интрернета Стратегические партнеры Microsoft, IBM, HP, SAP and Oracle 1800 других индустриальных альянсов в области Оборудования,ПО, сетевых технологий, безопасности, и т.д.

Откуда идет угроза 75% всех инвестиций по безопасности сосредоточены здесь Сетевые атакиАтаки на приложения 75% всех атак сосредоточены здесь

Содержание Пассивная безопасность Citrix: Безопасность на уровне дизайна Использование Инфраструктуры Citrix

Пассивная безопасность Постоянные обновления патчей Разные зоны защиты Обновление СПД Безопасные Оконечные Устройства Сложные Пароли Пользователи Приложения

Vulnerability in Server Service Could Allow Denial of Service (923414): MS Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191): MS Vulnerability in Windows Explorer Could Allow Remote Execution (923191): MS Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770): MS Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486): MS Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422): MS Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670): MS Vulnerability in HTML Help Could Allow Remote Code Execution (922616): MS Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398): MS Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214): MS Cumulative Security Update for Internet Explorer (918899): MS Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683): MS Vulnerability in Server Service Could Allow Remote Code Execution (921883): MS Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388): MS Vulnerability in Server Service Could Allow Remote Code Execution (917159): MS The update for the selected product has been replaced by the update in the following bulletin(s): MS Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537): MS Vulnerability in ASP.NET Could Allow Information Disclosure (917283): MS Vulnerability in TCP/IP Could Allow Remote Code Execution (917953): MS Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389): MS Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280): MS Vulnerability in Windows Media Player Could Allow Remote Code Execution (917734): MS Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344): MS Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439): MS Cumulative Security Update for Internet Explorer (916281): MS The update for the selected product has been replaced by the update in the following bulletin(s): MS Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627): MS Cumulative Security Update for Outlook Express (911567): MS Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531): MS Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562): MS Cumulative Security Update for Internet Explorer (912812): MS Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190): MS Vulnerability in Web Client Service Could Allow Remote Code Execution (911927): MS Vulnerability in TCP/IP Could Allow Denial of Service (913446): MS The update for the selected product has been replaced by the update in the following bulletin(s): MS Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564): MS Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565): MS The update for the selected product has been replaced by the update in the following bulletin(s): MS Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919): MS Cumulative Security Update for Internet Explorer (905915): MS The update for the selected product has been replaced by the update in the following bulletin(s): MS Vulnerabilities in Graphics Rendering Engine Could Allow Code Executi on (896424): MS Cumulative Security Update for Internet Explorer (896688): MS Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400): MS Vulnerability in DirectShow Could Allow Remote Code Execution (904706): MS Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725): MS Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245): MS Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589): MS Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587): MS Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591): MS Vulnerability in Telephony Service Could Allow Remote Code Execution (893756): MS Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588): MS Cumulative Security Update for Internet Explorer (896727): MS Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214): MS Vulnerability in Telnet Client Could Allow Information Disclosure (896428): MS Vulnerability in Microsoft Agent Could Allow Spoofing (890046): MS Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458): MS Vulnerability in Server Message Block Could Allow Remote Code Execution (896422): MS Vulnerability in HTML Help Could Allow Remote Code Execution (896358): MS Cumulative Security Update for Internet Explorer (883939): MS Security Update for Office 2003 (KB905645) Office 2003 Security Update: KB Office 2003 Service Pack 1 Access 2003 Danish Update for MUI Pack: KB Office 2003 Critical Update: KB Security Update for Excel Viewer 2003 (KB918425) Security Update for Excel 2003 (KB918419) Security Update for Excel 2003 (KB905756) Security Update for Excel Viewer 2003 (KB914451) Security Update for Office 2003 (KB905645) Security Update for Office 2003 Multilingual User Interface Pack (KB905645) Security Update for Office 2003 Proofing Tools (KB905645) Office 2003 Security Update: KB Office 2003 Service Pack 1 Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Update for Outlook 2003 (KB913807) Outlook 2003 Junk Filter Update: KB Security Update for Office 2003 (KB905645) Security Update for Office 2003 Multilingual User Interface Pack (KB905645) Security Update for Office 2003 Proofing Tools (KB905645) Outlook 2003 Junk Filter Update: KB Security Update for Outlook 2003 (KB892843) Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Business Contact Manager Update for Outlook 2003 Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Office 2003 Security Update: KB Outlook 2003 Junk Filter Update: KB Business Contact Manager for Outlook 2003 Security Update: KB Outlook 2003 Junk Filter Update: KB Outlook 2003 Junk Filter Update: KB Security Update for Word 2003 (KB917334) Security Update for Word Viewer 2003 (KB917346) Security Update for Office 2003 (KB905645) Security Update for Office 2003 Multilingual User Interface Pack (KB905645) Security Update for Office 2003 Proofing Tools (KB905645) Security Update for Word 2003 (KB887979) Office 2003 Security Update: KB Office 2003 Service Pack 1 Word 2003 Update: KB for MUI Pack Word 2003 Update: KB Office 2003 Critical Update: KB Security Update for Visio 2003 Multilingual User Interface Pack (KB909115) Visio 2003 Service Pack 2 Visio 2003 Security Update: KB Visio 2003 Service Pack 1 Обновляйте «патчи» своих приложений Миф #1 Разработчики пишут идеальное ПО! ОфисOracle 9i

Создавайте множественные зоны защиты Миф #2 Существует несколько и простых сценариев доступа!

Загрязнен источник? Обновите водопровод! Улучшайте Сеть Передачи Данных Миф #3 Утечка информации происходит на сетевом уровне

Безопасность конечного устройства Миф #4 Вы можете защитить оконечное устройство!

Используйте сильные пароли! Миф #5 Разные пароли – более безопасны

Увеличение возможностей для атак Растущее предприятие

Мифы и Реальности Программисты пишут идеальное ПО Ограниченное число простых сценариев Доступа Утечка данных происходит на Сетевом Уровне Вы можете защитить оконечные устройства Пользователи работают в безопасной среде Программисты пишут ПО с ошибками Существует много сценариев Доступа 75% Утечки Данных происходит на Уровне Приложений Безопасный Доступ - Существует Пользователи работают во враждебной среде VS

Citrix: Безопасность – неотъемлимая часть дизайна продуктов Контроль Доступа пользователя Единый Безопасный Путь Защита Приложений Пользователи Приложения

Виртуализация Приложений Пользователи Приложения

Доставка Web Приложений Пользователи Приложения

Стриминг Приложений Пользователи Приложения

Единый Безопасный Путь Пользователи Приложения

Зоны Безопасности Зона Доверия Зоны Недоверия Данные и Приложения Пользователи Anti-spam Anti-virus Firewall VPN Проблема: Небезопасный пользователь (Вирус на Laptop) Пользователи Проблема: Разрешенный пользователь (Telecommuter)

Опеспечение безопасного доступа Зона Доверия Зоны Недоверия Пользователи Пользователь не прошел проверку по безопасности оконечного устройства Anti-spam Anti-virus Firewall Данные и Приложения Access Gateway WiFi

SmartAccess («Умный Доступ») Проверка Оконечного устройства AСценарий Доступа Какой пользователь Гранулированный Доступ Контроль правами доступа Edit View OnlyPrint Save

Управление паролями - Сильная Аутентификация - Повышение производительности - Возможности самостоятельного управления/обнуления 9X1CA523U KEVIN Single Sign-On

Пользователи Претворяем Видение Безопасности в жизнь Приложения Централизация Серверов, Приложений,Данных Подход ко всем пользователям, как к «внешним» Контроль Доступа к Приложениям Управление и кодирование информации, покидающей границы ЦОДа Прозрачность из конца в конец, аудит, статистика

CPS CSS Web Apps Application Firewall Access Gateway Advanced Access Control Password Manager Пользователи Приложения Citrix Инфраструктура

Best Access Experience. Anytime. Anywhere.

Представительство Citrix Systems в России и СНГ Сергей Борисович Кузнецов Офис в Москве Мобильный Вопросы и Ответы

Интересный материал “ Citrix : Защита данных ” ments_onecat.asp?contentid=23559&cid=W hite+Papers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.