Rwanda GovNet Xuan Pan Nkusi Issa Claude Hakizimana Joakim Slettengren Innocent Nkurunziza Xuan Pan Nkusi Issa Claude Hakizimana Joakim Slettengren Innocent.

Slides:



Advertisements
Similar presentations
Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.
Advertisements

5-Network Defenses Dr. John P. Abraham Professor UTPA.
What's new in Threat Management Gateway (TMG) 2010 Ronald Beekelaar
System Security Scanning and Discovery Chapter 14.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Vulnerability Analysis Borrowed from the CLICS group.
Group Presentation Design and Implementation of a company- wide networking & communication technologies strategy 9 th December 2003 Prepared By: …………
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Trend Micro Round Table May 19, Agenda Introduction – why switch? Timeline for implementation Related policies Trend Micro product descriptions.
Copyright 2002 Year 2 - Chapter 4/Cisco 3 - Module 4 LAN Design By Carl Marandola.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Islamic Republic of Afghanistan Ministry of Education EMIS Directorate.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Microsoft ® Application Virtualization 4.5 Infrastructure Planning and Design Series.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Module 15: Developing a Security Plan
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.
Desktop in the Clouds Using Virtualization to Extend Client Outreach and Protect Data.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –
Security Guide for Interconnecting Information Technology Systems
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:
OASIS V2+ Next Generation Open Access Server CSD 2006 / Team 12.
Alabama Supercomputer Authority A partnership of … and.
Distributed IDS The implementation of a Distributed Intrusion Detection System over a medium scale open network where the focus is availability of services.
Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.
蓄勢待發迎WebSAMS Preparation Forum for WebSAMS Implementation Document 12
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Identifying Application Impacts on Network Design Designing and Supporting Computer.
Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Microsoft and Community Tour 2011 – Infrastrutture in evoluzione Community Tour 2011 Infrastrutture in evoluzione.
Rwanda GovNet Xuan Pan Nkusi Issa Claude Hakizimana Joakim Slettengren Innocent Nkurunziza Xuan Pan Nkusi Issa Claude Hakizimana Joakim Slettengren Innocent.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD.
Module 5: Designing a Terminal Services Infrastructure.
NuolSec VIspace Vientiane, Laos.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
NUOL Internet Application Services Final Presentation 24 th of May, 2004.
22-March CSD2004 Team 4 NUOL Backbone & Internet Connection Project Mid Term Presentation 22 nd March 2004, Monday.
Scott Butson District Technology Manager. Provide professional to all district staff Professional development has been provided on a regular basis to.
1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.
Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
The Intranet.
Data Communications and Networks Chapter 10 – Network Hardware and Software ICT-BVF8.1- Data Communications and Network Trainer: Dr. Abbes Sebihi.
CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.
Module 11: Designing Security for Network Perimeters.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
MT. CARMEL BAPTIST CHURCH NETWORK OVERHAUL L. Kennerly Newlin Networking and Database.
DIT Campus Network 2G1713 Communication Systems Design, 2004 Department of Microelectronics and Information Technology, KTH Team Members Honoratha Shayo2G1713.
Elements of an ICT networks COMMUNICATION DEVICES: 1.Network interface card 2.Hub 3.Switch 4.Router STANDARDS AND PROCEDURES: 1.Enable devices to communicate.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
Dr. Pipat Sookavatana. IT for Business Communication and Information Exchange Web access File and Printer Sharing Information Access Advertisement.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Project ICTanzania 2006 Team 5 Saad Riaz | Zach Isamuyo | Nsubis Genesis | Mikael Corp.
OPEN SOURCE NETWORK MANAGEMENT TOOLS
Chapter 7. Identifying Assets and Activities to Be Protected
Working at a Small-to-Medium Business or ISP – Chapter 8
Secure Software Confidentiality Integrity Data Security Authentication
Welcome To : Group 1 VC Presentation
ISMS Information Security Management System
TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.
Global One Communications
Presentation transcript:

Rwanda GovNet Xuan Pan Nkusi Issa Claude Hakizimana Joakim Slettengren Innocent Nkurunziza Xuan Pan Nkusi Issa Claude Hakizimana Joakim Slettengren Innocent Nkurunziza Team 2 -

Rwanda GovNet2 Agenda  Project background  Goals  Implementation phase  Video  Conclusions  Future recommendations  Questions  Project background  Goals  Implementation phase  Video  Conclusions  Future recommendations  Questions

Rwanda GovNet3 Project background Goals Implementation phase Video Conclusions Future recommendations Questions Project background Goals Implementation phase Video Conclusions Future recommendations Questions

Rwanda GovNet4 Project background  A new fiber optic network was installed for government departments in Kigali, Rwanda  Faced network instability due to viruses, DoS etc.  Difficult to detect or prevent the user causing problems  Difficult to monitor who was using the network resources  Lack of network policies  A new fiber optic network was installed for government departments in Kigali, Rwanda  Faced network instability due to viruses, DoS etc.  Difficult to detect or prevent the user causing problems  Difficult to monitor who was using the network resources  Lack of network policies

Rwanda GovNet5 GovNet pilot project requirements  Pilot project for selected nodes of the network  Establish basic network security  Bandwidth monitoring, network management  Create network policies  Easy to use and cheap, open source  Pilot project for selected nodes of the network  Establish basic network security  Bandwidth monitoring, network management  Create network policies  Easy to use and cheap, open source

Rwanda GovNet6 Principal  First principal, RITA, Rwanda Information and Technology Authority  The GovNet team got a new principal in March, Ministry of Infrastructure  Changes of the goals  Focus mainly on Ministry of Infrastructure and its PSOs (RITA)  First principal, RITA, Rwanda Information and Technology Authority  The GovNet team got a new principal in March, Ministry of Infrastructure  Changes of the goals  Focus mainly on Ministry of Infrastructure and its PSOs (RITA)

Rwanda GovNet7 Project background Goals Implementation phase Video Conclusions Future recommendations Questions Project background Goals Implementation phase Video Conclusions Future recommendations Questions

Rwanda GovNet8 Goals 1 /2  Replace Linux routers with network equipment  Increase connectivity between government departments  Develop an AUP  Present a network security solution  Present a network management solution  Replace Linux routers with network equipment  Increase connectivity between government departments  Develop an AUP  Present a network security solution  Present a network management solution

Rwanda GovNet9 Goals 2/2  Demonstrate VoIP in at least two sites  Conduct a training session to ensure the sustainability of the solutions  Demonstrate VoIP in at least two sites  Conduct a training session to ensure the sustainability of the solutions

Rwanda GovNet10 Project background Goals Implementation phase Video Conclusions Future recommendations Questions Project background Goals Implementation phase Video Conclusions Future recommendations Questions

Rwanda GovNet11 Equipment procurement  Uncertain funding delayed the equipment procurement  Quotations were collected  New funding agency  new procurement rules  New tender opening date, June 1 st 2006  Uncertain funding delayed the equipment procurement  Quotations were collected  New funding agency  new procurement rules  New tender opening date, June 1 st 2006

Rwanda GovNet12 Temporary solution  Desktop computers  Borrowed network equipment from other not yet implemented ICT projects  Desktop computers  Borrowed network equipment from other not yet implemented ICT projects

Rwanda GovNet13 GovNet topology  Separate VLAN in the fiber backbone  Using one centralized gateway  Removed NATs at the nodes  Separate VLAN in the fiber backbone  Using one centralized gateway  Removed NATs at the nodes

Rwanda GovNet14 Security Solution for GovNet 1. Cost-efficient 2. Centralized 3. Scalable 1. Cost-efficient 2. Centralized 3. Scalable and decentralized

Rwanda GovNet15 Methodology Risk analysis Acceptable User Policy System Weakness analysis-Nessus IntrusionDetection System 802.1x+Radius EAP-TLS Attack Impact Create Exploited Result in Reduce Decrease Discover Protect Deterrent Control Detective Control Preventative Control Trigger Corrective Control Vulnerability Threat ???

Rwanda GovNet16 AUP and Update service Microsoft Windows Server Update Services (WSUS) Microsoft Windows Server Update Services (WSUS) Acceptable User Policy Best Practices

Rwanda GovNet17 Nessus Each ministry has one scanner To use free plug-ins To use selected plug-ins when scanning To use selected plug-ins when scanning

Rwanda GovNet18 Certification Authority And Authentication Server Authentication Challenge one decentralization … … Ministry A … Ministry B ISP x x Terracom Certification Authority And Authentication Server Client side certificate Certificate of CA Server side certificate Certification Authority And Authentication Server

Rwanda GovNet19 Authentication Challenge two Alcatel Switch issue Procurement Contract Supplier Configuration Guide Trail version Update Pre-study Phase Implementation Phase Currently Future

Rwanda GovNet20 Intrusion Detection System … Ministry A Sensor SQL … Ministry B Sensor SQL … Snort Center ACID ISP Sensor SQL

Rwanda GovNet21 Intrusion Protection System -- Modules 1.Configuration File 2.Debug mode or Daemon 3.Ignore list 4.System information detection module 5.Database communication module 6.Action module 7.Log module

Rwanda GovNet22 Intrusion Protection System --Function Diagram

Rwanda GovNet23 Training session Basic of network security such as security planning, policies and mechanisms 1. Network monitoring with Nagios 2. Network vulnerability scan with Nessus 1. AAA 2. Intrusion detection system with Snort 3. Intrusion protection program Network management and bandwidth monitoring with NTOP

Rwanda GovNet24 Network management 1/3  Installed and configured Nagios host and service monitor  Sends notifications  Will be extended with SMS notifications  Sends notifications  Will be extended with SMS notifications

Rwanda GovNet25 Network management 2/3  Installed MRTG  Monitors the external bandwidth  Monitors throughput at each node  Will monitor the equipment of the ISP  Installed MRTG  Monitors the external bandwidth  Monitors throughput at each node  Will monitor the equipment of the ISP

Rwanda GovNet26 Network management 3/3  Installed NTOP  Monitors user bandwidth usage  Can find viral activity  Can find file sharing users  Installed NTOP  Monitors user bandwidth usage  Can find viral activity  Can find file sharing users

Rwanda GovNet27 VoIP demonstration  Installed the SIP server SER  Used software clients  Tested between users at Mininfra and RITA  Can be extended with hardware phones  Installed the SIP server SER  Used software clients  Tested between users at Mininfra and RITA  Can be extended with hardware phones

Rwanda GovNet28 Project background Goals Implementation phase Video Conclusions Future recommendations Questions Project background Goals Implementation phase Video Conclusions Future recommendations Questions

Rwanda GovNet29 Project background Goals Implementation phase Video Conclusions Future recommendations Questions Project background Goals Implementation phase Video Conclusions Future recommendations Questions

Rwanda GovNet30 Conclusions  Despite the delayed equipment, the GovNet team were able to partly fulfill all goals  The equipment will most probably arrive Rwanda in mid June  The three Rwandan team members will then install the solutions and return the borrowed equipment  Despite the delayed equipment, the GovNet team were able to partly fulfill all goals  The equipment will most probably arrive Rwanda in mid June  The three Rwandan team members will then install the solutions and return the borrowed equipment

Rwanda GovNet31 Project background Goals Implementation phase Video Conclusions Future recommendations Questions Project background Goals Implementation phase Video Conclusions Future recommendations Questions

Rwanda GovNet32 Future Recommendations  Ways of optimizing ICT investments, better planning  Better documentation  Centralized web caching  More spare equipment  GovNet intranet  Ways of optimizing ICT investments, better planning  Better documentation  Centralized web caching  More spare equipment  GovNet intranet

Rwanda GovNet33 Project background Goals Implementation phase Video Conclusions Future recommendations Questions? Project background Goals Implementation phase Video Conclusions Future recommendations Questions?

Rwanda GovNet34 Thanks for listening Rwanda GovNet team Rwanda GovNet team

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.