Security Services Agenda Overview of HEAnet security services HEAnet CERT (Computer Emergency Response) Anti-Spam RBL (Real time blacklist service) HEAnet.

Slides:

Advertisements

Similar presentations

Approaches to meeting the PCI Vulnerability Management and Penetration Testing Requirements Clay Keller.

Advertisements

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.

Zombie or not to be: Trough the meshes of Botnets - Guillaume Lovet AVAR 2005 Tianjin, China.

© 2008 McAfee, Inc. “Endpoint” Security Defining the endpoints and how to protect them.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

(Geneva, Switzerland, September 2014)

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.

PCI's Changing Environment – “What You Need to Know & Why You Need To Know It.” Stephen Scott – PCI QSA, CISA, CISSP

Network Security and Personally Managed Computers Jordan K. Wiens Copyright Jordan K. Wiens 2004.

IP Blacklisting Causes & Solution Marcus Low, R&D Director InternetNow International Sdn Bhd.

Security Guidelines and Management

PCM2U Presentation by Paul A Cook IT SERVICES. PCM2U Our History  Our team has been providing complete development and networking solutions for over.

Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.

Website Hardening HUIT IT Security | Sep

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.

Dell Connected Security Solutions Simplify & unify.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Identifying Application Impacts on Network Design Designing and Supporting Computer.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Jeong, Hyun-Cheol. 2 Contents DDoS Attacks in Korea 1 1 Countermeasures against DDoS Attacks in Korea Countermeasures against DDoS Attacks in.

APRICOT 2015 Security Day Cooperation between Security Teams and Network Operators: Actionable Intelligence on ShellShock Arnold S. Yoon Information Security.

Information Technology Study Fiscal Crisis and Management Assistance Team (FCMAT) Las Virgenes Unified School District Presented By: Leslie Barnes Steve.

Lanxin Ma Institute of High Energy physics (IHEP) Chinese Academy of Sciences September 30, 2004 CHEP 2004, Interlaken The Security Protection System at.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

August Mr. Mike Finley, CISSP Senior Security Engineer Computer Science Corporation.

CERT AM: Securing NREN in Armenia. Armenian NREN ASNET AM – Connecting more than 40 academic institutes of NAS RA and more than 10 other research, educational.

ISS SiteProtector and Internet Scanner LanAdmin Group Meeting 12/8/2005.

I-Hack’08 International Hacking Competition “Details”

Rick Segal CEO Fixmo, Inc.. The Starting Point The Mobile Device is the most personal computer you will ever own.The Mobile Device is the most personal.

1 MISA Model Douglas Petry Manager Information Security Architecture Methodist Health System Managed Information Security.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

IT Security Policies and Campus Networks The dilemma of translating good security policies to practical campus networking Sara McAneney IT Security Officer.

Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.

Security Discussion IST Retreat June IT Security Statement definition In the context of computer science, security is the prevention of, or protection.

Application Security in a cyber security program

The Importance of Proper Controls. 5 Network Controls Developing a secure network means developing mechanisms that reduce or eliminate the threats.

Ed Tech Audit Case Study Pete Reilly. Process Meetings with the Superintendent Extended meetings with the technology coordinator Meeting with each administrator.

Security Policy: From EGEE to EGI David Kelsey (STFC-RAL) 21 Sep 2009 EGEE’09, Barcelona david.kelsey at stfc.ac.uk.

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

Computer Security Status C5 Meeting, 2 Nov 2001 Denise Heagerty, CERN Computer Security Officer.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Introduction to Networking. What is a Network? Discuss in groups.

Information Security tools for records managers Frank Rankin.

© 2011 IBM Corporation IBM Security Services Smarter Security Enabling Growth and Innovation Obbe Knoop – Security Services Leader Pacific.

Information Security in Laurier Grant Li Wilfrid Laurier University.

Presented by Martin Šimek Ransomware, Internet of Things and Botnets vs. Control.

Cosc 5/4765 NAC Network Access Control. What is NAC? The core concept: –Who you are should govern what you’re allowed to do on the network. Authentication.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Defining your requirements for a successful security (and compliance

Market Engagement – security update

Performing Risk Analysis and Testing: Outsource or In-house

Cybersecurity - What’s Next? June 2017

Critical Security Controls

Team 4 – Mack, Josh, Felicia, Kevin and Walter

Capabilities Matrix Access and Authentication

IS4550 Security Policies and Implementation

سيستم مديريت امنيت اطلاعات

Unit 27: Network Operating Systems

Security Essentials for Small Businesses

Identity & Access Management

Contact Center Security Strategies

Chapter 4: Protecting the Organization

IBM GTS Storage Security and Compliance overview.

Agenda Create certificates for the GlobalProtect Portal, internal gateway, and external gateway. Attach certificates to a SSL-TLS Service Profile. Configure.

Security week 1 Introductions Class website Syllabus review

Read this to find out how the internet works!

Cloud Computing for Wireless Networks

Presentation transcript:

Security Services Agenda Overview of HEAnet security services HEAnet CERT (Computer Emergency Response) Anti-Spam RBL (Real time blacklist service) HEAnet TCS ( Certificate Service ) HEAnet Vulnerability Scanning service Security Auditing Questions ?

Overview Internal and External security resources HEAnet Security Team Aidan – Robert - WebSite Typical projects. Firewalls, Patching, VPN e.g DR-IDP, Auditing new services, attacks against HEAnet infrastructure. Security advice to clients (e.g. Security appliance tenders ) and providing security based services. Liaising with other CERT teams, NRENs and Government departments. Security Workshops and Training

HEAnet CERT Provides Incident Response, support and advice to institution IT department Incidents include DDOS, Malware, Copyright and general AUP issues The HEAnet CERT is in conjunction with JA.net CSIRT

Anti-spam service Real-time IP lookup service for institution servers. Based on DNS lookups of “bad” IP addresses Uses commercial vendors SpamHaus.org and TrendMicro.com Significant reduction in spam (IP based, not even processed) Use beyond , general defense against botnets

TCS - Certificates service Usage categories include: Servers, Web applications and network devices. Code Signing Certificates for Applications Personal certificates eScience (High Performance Computing groups) TCS service uses a self service portal. ( Currently 2,500+ certificates across 45 clients, with 120+ users ) Available to any individuals nominated by IT department Provide a range of no-cost SSL certificates, signed by leading CA - Comodo

Vulnerability Scanning A web based vulnerability scanning service using the commercial version of Outpost24 Scanning of institution networks and a view from outside. Ongoing Reports, Metrics and Deltas Internal Scanning Appliance for Campus LAN Framework Agreement for large number of IPs and PCI compliance checking Offerred to IT department

Security Auditing Typical engagements Auditing of infrastructure (servers, routers, firewalls) Auditing of Web Applications (Web farm, Internal applications) Auditing of Virtualisation Environments Chargeable service An on-site security audit of HEAnet client’s infrastructure or applications, including documentation, vulnerability assessment and security recommendations.

Questions ?