© 2005,2006 NeoAccel Inc. Training Endpoint Security.

Slides:

Advertisements

Similar presentations

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

AVG Internet Security 7.5 Product presentation.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.

Remote Access Network Management Kelly Given Allison Traina.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

14.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

NETOP ONDEMAND What’s new in version 2.1? DECEMBER 09 NETOP ONDEMAND1.

Cambodia-India Entrepreneurship Development Centre - : :.... :-:-

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Automating Endpoint Security Policy Enforcement Computing and Networking Services University of Toronto.

© 2005,2006 NeoAccel Inc. Training Access Modes. © 2005,2006 NeoAccel Inc. Agenda 2. Access Terminals 6. Quick Access Terminal Client 3. SSL VPN-Plus.

Installing Samba Vicki Insixiengmay Jonathan Krieger.

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

Course 201 – Administration, Content Inspection and SSL VPN

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

P6 - CONFIGURE THE SOFTWARE. CONFIGURE SOFTWARE Most software can be configured to suit an individual user, for example by changing the appearance of.

© 2007 NeoAccel, Inc. NeoAccel SGX Installation Guide Dear Customer: We are pleased to provide you with our training presentation for our SSL VPN-Plus.

Guide to Operating System Security Chapter 9 Web, Remote Access, and VPN Security.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

TUTORIAL # 2 INFORMATION SECURITY 493. LAB # 4 (ROUTING TABLE & FIREWALLS) Routing tables is an electronic table (file) or database type object It is.

© 2005,2006 NeoAccel Inc. Partners Presentation SSL VPN-Plus 2.0 Quick Start Guide.

Networking Security Chapter 8 powered by dj. Chapter Objectives  Explain various security threats  Monitor security in Windows Vista  Explain basic.

70-411: Administering Windows Server 2012

Instant Messaging for the Workplace A pure collaborative communication tool that does not distract users from their normal activities.

Implementing Network Access Protection

MANAGEMENT ANTIMALWARE PLATFORM Microsoft Malware Protection Center Dynamic Signature Svc Available only in Windows 8 Endpoint Protection Management.

Instant Messaging for the Workplace A pure collaborative communication tool that does not distract users from their normal activities.

Module 14: Configuring Server Security Compliance

3-Protecting Systems Dr. John P. Abraham Professor UTPA.

What’s New in Fireware v11.9.5

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,

Module 11: Implementing ISA Server 2004 Enterprise Edition.

A powerful network monitoring system

Securing Internet Access Designing an Internet Acceptable Use Policy Securing Access to the Internet by Private Network Users Restricting Access to Content.

© 2005,2009 NeoAccel Inc. Partners Presentation SSL VPN-Plus 2.3 Quick Start Guide.

Network Security Chapter 11 powered by DJ 1. Chapter Objectives  Describe today's increasing network security threats and explain the need to implement.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Integrating and Troubleshooting Citrix Access Gateway.

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

Pertemuan #10 Secure HTTP (HTTPS) Kuliah Pengaman Jaringan.

Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?

Information Security 493. Lab # 4 (Routing table & firewalls) Routing tables is an electronic table (file) or database type object that is stored in a.

Module 10: Windows Firewall and Caching Fundamentals.

Agency Introduction to DDM Dell Desktop Manager (DDM) Implementation.

Enterprise Messaging & Collaboration. e-Interact Modules.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

GCSE Computing: A451 Computer Systems & Programming Topic 3 Software System Software (2) Utility Software.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

SMOOTHWALL FIREWALL By Nitheish Kumarr. INTRODUCTION  Smooth wall Express is a Linux based firewall produced by the Smooth wall Open Source Project Team.

Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

Windows Vista Configuration MCTS : Internet Explorer 7.0.

Windows Vista Configuration MCTS : Network Security.

Main Features of iSafe All-in-One Keylogger Universal keylogger of isafe, Inc. Suitable for home parental control,corporate employee monitoring and cheating.

Chapter 5 Electronic Commerce | Security Threats - Solution

Working at a Small-to-Medium Business or ISP – Chapter 8

Securing the Network Perimeter with ISA 2004

Chapter 5 Electronic Commerce | Security Threats - Solution

Tips to pass your Check Point CCSA exam Pass your exam successfully html.

Designing IIS Security (IIS – Internet Information Service)

Presentation transcript:

© 2005,2006 NeoAccel Inc. Training Endpoint Security

© 2005,2006 NeoAccel Inc. Helen of Troy Troy had the strongest walls and hence it was impossible to break into the city Trojans were led by Hector, best of many sons of Priam ! Trojans had employed defending parameters to protect enemies to break the gate and wall !

© 2005,2006 NeoAccel Inc. Troy and Trojans The only point of access into the city was through the “Gate” Greeks fought for 10 years, but could not get through the Troy defense !

© 2005,2006 NeoAccel Inc. Break into perimeter security Trojan Horse !!! Sinon mislead Trojans by telling them Odysseus is his enemy now.

© 2005,2006 NeoAccel Inc. Come to 21 st Century Corporate Network Access to only known services Managed LAN hosts accessing managed server and resources 24X7 managed control and corporate policy compliance Perimeter Security

© 2005,2006 NeoAccel Inc. A Hole in Perimeter Security Corporate Network Remote access to authorized users Remote Access Server, right there sitting in your LAN, providing access to your managed resources Unmanaged or out of control access point

© 2005,2006 NeoAccel Inc. What’s the security risk? User may be authorized, but the medium of access- ’The host machine’ may not be! “We have strong authentication mechanisms. Only authorized users can access the network. What’s the security risk?” An authentic authorized user will run only authorized applications, but other hidden programs like virus, trojans, spy-wares are free birds ! They can access what the user should not be accessing.

© 2005,2006 NeoAccel Inc. Example… An authorized user, knowingly or unknowingly, may lead to a security breach Of course you are carrying a passport, you need to get through security check Just Authentication is not enough for secure remote access. Showing your passport at airport

© 2005,2006 NeoAccel Inc. Then what! Need a mechanism to deploy effective Endpoint Security Policy Management and Compliance NeoAccel SSL VPN-Plus has this feature and we call it EndPoint Security (EPS)

© 2005,2006 NeoAccel Inc. End Point Security: Introduction EPS is meant for user’s machine’s security, hence securing corporate network EPS checks if the user’s machine complies to corporate policies and can be allowed to connect to corporate network e.g. It should have Anti Virus Software running, Firewall running, Latest security patches, Etc. Your luggage is checked on airport for Explosives, Sharp objects, Your health status is also checked

© 2005,2006 NeoAccel Inc. End Point Security: Introduction EPS scans user’s machine and decides the trust (security) level (or zone) of your machine and you are provided access based on the zone your machine fall into. EPS is authorization of your machine. Trust level set by your identity is always overridden by Trust level of your machine.

© 2005,2006 NeoAccel Inc. Scan host machine for required software and cleanliness User logs in using NeoAccel SSL VPN-Plus Client SSL VPN-Plus: Endpoint Security Check for Firewall Check for OS Patches Check for Anti-Spy Wares Check for Desktop Search engine Check for Browser Security Settings Check for Key loggers Check for IP-forwarding & network bridging Check for Antivirus Check for customized files/process/service/port Real time End-point security checks keeps the host safe. NeoAccel SSL VPN Plus Gateway Security level of host machine is calculated and is sent to gateway. Depending upon security level, Gateway decides how much access to be given to remote user. Remote desktop Web-mail (http) File sharing FTP Private network resources Remote user Next

© 2005,2006 NeoAccel Inc. NeoAccel Management Server Endpoint Security Zone Definition File Zone name, Zone Trust Level, Associated EPS policy list, Associated ACL list Endpoint Security Policy Database Rules to scan host machine User information database Group, password (if local database) Group Definition File Group name, Group ID, Associated Users, Associated ACL list, Authentication server type and address Access Control Policy Database Input to Gateway Input to Client through gateway Endpoint security Client DAT file EPS policy and Zone levels Level 1- Endpoint host integrity based authorization mechanism. Highest priority Level 2- User identity based authorization mechanism. Lower priority System Architecture

© 2005,2006 NeoAccel Inc. NeoAccel Gateway Module Host Scanning DAT file NeoAccel Client Application Host Scanning Engine User Login challenge handshake protocol Start Scan the host and calculate security level Read rules to execute Update DAT file from gateway Login Client Sends Security level of machine Apply Access control over this connection Endpoint Security Zone Definition File Zone name, Zone Trust Level, Associated EPS policy list, Associated ACL list Endpoint security Client DAT file EPS policy and Zone levels Access Control Policy Database If new version DAT file is available, send EPS DAT file. Client Sends Client information: Client Version EPS DAT Version If upgraded client is available, gateway sends upgrade notification Query Access Control Policies for current zone level. TCP & SSL Handshake Gateway Queries Current Security level of host machine Endpoint Host machine integrity based Level 1 Authorization

© 2005,2006 NeoAccel Inc. Two level of authorization –Level 1: Trust level of machine –Level 2: Identification of user Endpoint Security Policy Management Capabilities Can create 40 security zone profiles Most intuitive and easiest interface to create EPS policies Check for system security settings and status and security software or custom policies Browser cache cleanup, visited URL cleanup, cookies cleanup, downloaded program files, Java cache Blocks printing, copy-paste, saving file from browser to disk Factory default rules and policies for quick deployment Fine grained custom policy creation UI Auto update of EPS policies Support on windows and Linux Timely updates for EPS policy database with release of new software and service packs EPS: Features

© 2005,2006 NeoAccel Inc. Option to specify information for users to troubleshoot or raise security level of machine Automatic enabling of certain mandatory services Sense presence/absence of specified applications/processes –Notify user to install required applications –Blocks black listed applications Real time scanning On the fly updating of ACLs in case change in security zone is detected Provides architecture for Endpoint Vulnerability Checking for administrators Completely transparent to user EPS: Features…contd

© 2005,2006 NeoAccel Inc. Endpoint Security policies EPS policies can be added/modified/deleted from here EPS Policy Definition Screen

© 2005,2006 NeoAccel Inc. Creating an EPS policy as a set of already existing EPS policies EPS Policy as set of EPS policies

© 2005,2006 NeoAccel Inc. EPS Policy as set of new rules Add process/files/port/registry base rules

© 2005,2006 NeoAccel Inc. EPS Zone Creation screen Lower the security level, more stringent will be the EPS policies Associate EPS policies. a machine will fall in this zone if all the checked policies are satisfied Associate Access Control Policies which will be applied to connections from host machine falling in this zone

© 2005,2006 NeoAccel Inc. Can create custom policies for –Files Modification time Size Version (binaries) –Process Existence Owner Status –Registry Values Existence –Open ports State; open/close/listen –Service State –Digital signatures Existence based on parameters; CN, private key Validity –Loaded drivers –Key loggers EPS: Custom Policies

© 2005,2006 NeoAccel Inc. Policies exist for –System security settings: Browser type and version Browser security level IP forwarding Bridging –System status OS version Service packs Security patches Auto-update service status –Security software: Anti virus; TrendMicro, AVG, McAfee, Symantec, Sophos, Alladin Firewall; McAfee, TrendMicro, AVG, Zone alarm Anti-spyware; Microsoft, McAfee, AVG, TrendMicro Desktop Search Engines; Google And many more… EPS: Factory defined policies

© 2005,2006 NeoAccel Inc. Complete system monitoring to track the application cache or files saved from private network to local machine. Either the user is disallowed to save the data or is cleaned after logout based upon type of data stored. This feature is normally not present for full access clients or is implemented using third party secure desktop products. EPS: Cache Cleanup

© 2005,2006 NeoAccel Inc. Scanning Status This dialog may appear at the time of login (before authentication). The dialog shows that client machine does not satisfies all security policies. User should enable the policies that has failed to get maximum access rights. Next Enable Windows firewall for each physical adapter to pass endpoint security check.

© 2005,2006 NeoAccel Inc. Virtual Keyboards Virtual Keyboard to mitigate Key-logger threats. Next Though OS take care of not displaying password in plain text but it is still hack-able. SSL VPN-Plus Client never passes password to OS GUI. Hence mitigate threat from password crackers.