Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.

Slides:



Advertisements
Similar presentations
Security Update Server Registration, Active scanning and Windows patching.
Advertisements

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
SL21 Information Security Board Mission, Goals and Guiding Principles.
Grid Security Users, VOs, Sites OSG Collaboration Meeting University of Washington Bob Cowles August 23, 2006 Work supported.
Security Controls – What Works
August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Network Security Testing Techniques Presented By:- Sachin Vador.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
University of California, Davis1 Draft Wireless Network Policy Administrative Computing Coordinating Council September 10, 2001.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Social Engineering Jero-Jewo. Case study Social engineering is the act of manipulating people into performing actions or divulging confidential information.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
1 Case Study ESTABLISHING NATIONAL CERT By Saleem Al-Balooshi Etisalat - AE.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
(Geneva, Switzerland, September 2014)
Computer Security: Principles and Practice
Stephen S. Yau CSE , Fall Security Strategies.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Flexible Network Access Overview. Flexible Access an Integral part of Universal Access Policy Universal Access to Campus IT Resources Managed LAN portsFlexible.
Payment Card Industry (PCI) Data Security Standard
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
Session 3 – Information Security Policies
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
Department Of Computer Engineering
Term 2, 2011 Week 3. CONTENTS Network security Security threats – Accidental threats – Deliberate threats – Power surge Usernames and passwords Firewalls.
Network security policy: best practices
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Incident Response Updated 03/20/2015
Website Hardening HUIT IT Security | Sep
Teaching Security via Problem- based Learning Scenarios Chris Beaumont Senior Lecturer Learning Technology Research Group Liverpool Hope University College.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Introduction to Computer Security PA Turnpike Commission.
OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
ISP Policy Position: For A university should monitor university networks and connected computers for improper activities such as copyright infringement.
Campus Network Development Network Architecture, Universal Access & Security.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Addressing Unauthorized Release of Personal Information at UC Davis August 12, 2003.
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
Module 11: Designing Security for Network Perimeters.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Security fundamentals Topic 10 Securing the network perimeter.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Information Technology Services Strategic Directions Approach and Proposal “Charting Our Course”
Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.
Computer Security Status C5 Meeting, 2 Nov 2001 Denise Heagerty, CERN Computer Security Officer.
CPT 123 Internet Skills Class Notes Internet Security Session B.
Role Of Network IDS in Network Perimeter Defense.
IS3220 Information Technology Infrastructure Security
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
Chapter 3 “A Case Study of Effectively Implemented Information Systems Security Policy[1]” John Doran, CST554, Spring 2008.
Contingency Management Indiana University of Pennsylvania John P. Draganosky.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.
Appendix A: Designing an Acceptable Use Policy. Overview Analyzing Risks That Users Introduce Designing Security for Computer Use.
Security fundamentals
Information Technology Acceptable Use An Overview
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Introduction to Networking
IS4680 Security Auditing for Compliance
Unit 7 – Organisational Systems Security
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture

What’s all the fuss about Why is network and systems security important? Do we have a problem at Glasgow? If we do how should we deal with it?

Why is network and systems security important? Classic view is to ensure the Integrity, confidentiality and availability of data However Security Incidents present other problems. e.g. Legal threats – Copyright infringements, DoS attacks, hacking attempts, Unacceptable content Wastes valuable resources – Staff time, bandwidth Bad PR

Do we have a problem at Glasgow? YES! Data leakage – Definite e.g password files SAM db System compromise – Definite e.g RootKit, Blaster, Nachi, MyDoom Legal threats – Definite e.g various requests to remove content or investigate system misuse Resources – Definite e.g 6FTE from CS alone to deal with RootKit/Blaster and Nachi Router performance badly affected by external and internally sourced DoS attacks

So how should we deal with this problem? The proposed strategy is as follows; Produce and maintain Risk register and associated Risk reduction measures Agree set of Policies and Guidelines that would address specific areas of concern Agree a Network Architecture that would reduce the exposure of Networked systems and provide Inherent containment measures Establish a Computer Incident Response Team to handle incidents in a structured and coordinated way Raise awareness of Security issues. Security is not someone else’s problem it affects everyone and everyone has a role to play

Risk Register Information Security working group has produced a draft Risk register and is working on costing the Risk reduction measures

Security Policies and Guidelines The Universal Access and Information Security working groups have produced a set of draft Policies and Guidelines for consultationPolicies and Guidelines for consultation These are not meant to place unnecessary barriers in the way of users doing their legitimate work They are not tablets of stone but rather starting points that will evolve and develop with time and experience The general aim is to define the University’s security requirements with respect to the following areas of concern;

Policies and Guidelines Network Connection Policy Campus Network  Who can connect  What can and can’t be connected  How do systems connect  What address and name space can be used  What services can be run  What services can be accessed  What security measures should be implemented

Policies and Guidelines Monitoring Policy Network and Systems Monitoring Informs users of the extent that network activities may be monitored Identifies what personnel may be authorised to perform monitoring functions Highlights the ethics, procedures and safeguards employed Identifies what information may be gathered Identifies how long information is stored Outlines the purpose information may be used for

Policies and Guidelines Wireless LAN Policy Wireless LANs Establish the rules and support requirements for WLAN deployments Prevent (or arbitrate) interference issues between WLAN deployments Help safeguard the integrity of the University’s information technology resources Ensure that WLAN security and performance issues are understood

Policies and Guidelines Bastion Host Policy Bastion Host Ensure that critical University servers are managed with appropriate levels of security Define the overheads wrt management, operation and security functions associated with deploying a network server Identify all network servers and establish their purpose, security requirements, user base and support staff Limit the exposure of network servers to those apps that are critical for their primary purpose Establish ACLs for specific IP applications. ACLs would restrict access to specific IP apps to those servers that have been registered to provide them

Policies and Guidelines Password Policy & Guidelines for Sys and Net Admins Password Policy – Establishes a standard for The creation of strong passwords The protection of those passwords The recommended frequency of change for those passwords Guidelines for Systems and Network Administrators Defines the roles of system and network administrators from a network and systems security perspective

Proposed Network Architecture General Network Architecture Goals Reduce Network systems exposure Provide inherent containment measures How? Implement server registration process (Bastion host policy) Implement client and server nets Implement security Access Control Lists (ACLs) to protect client and server nets

Proposed Network Architecture (Existing) Client Server Router All traffic in/out Full exposure no containment Campus Network probes Probes

Proposed Network Architecture (Intermediate) Client Server-1 Router Server-1 traffic in/out – limited exposure Client traffic in/out – some containment probes Campus Network Server-1 ACLs

Proposed Network Architecture (Final) Client Server-1 Router Campus Network Server-1 Traffic in/out Targeted exposure and containment Client Traffic in/out Containment and limited exposure Bastion Host probes ACLs

Establish Computer Incident Response Team (CIRT) The purpose of the CIRT would be twofold; Firstly to work with all relevant University constituents to implement proactive measures aimed at reducing the risk and or impact of a computer or network security incident Secondly to manage, direct and assist University constituencies in responding to such incidents when they occur

Raise Awareness of security Issues How? Message is that security affects everyone and everyone has a role to play Security events Like this one Role of security coordinator Manage UGCirt Cirt web site Security training courses/seminars Security awareness built into other courses