1 مديريت فناوري اطلاعات و ارتباطات نشست تخصصي كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها 27 مهرماه 1390 مديريت.

Slides:

Advertisements

Similar presentations

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Automating Crosswalk between SP 800, 20 Critical Controls, and Australian Government.

Advertisements

Managed Premises Firewall. 2 Common IT Security Challenges Does my network security protect my IT environment and sensitive data and meet the regulatory.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

© 2008 McAfee, Inc. “Endpoint” Security Defining the endpoints and how to protect them.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

Chapter 12 Network Security.

Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.

IS Network and Telecommunications Risks

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Department Of Computer Engineering

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Securing Information Systems

Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.

SEC835 Database and Web application security Information Security Architecture.

Introduction to Information and Computer Science Security Lecture b This material (Comp4_Unit8b) was developed by Oregon Health and Science University,

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Dell Connected Security Solutions Simplify & unify.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.

Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

The Changing World of Endpoint Protection

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

Network security Product Group 2 McAfee Network Security Platform.

Data Communications and Networks Chapter 10 – Network Hardware and Software ICT-BVF8.1- Data Communications and Network Trainer: Dr. Abbes Sebihi.

Wireless Intrusion Prevention System

Module 11: Designing Security for Network Perimeters.

1 OFF SYMB - 12/7/2015 Firewalls Basics. 2 OFF SYMB - 12/7/2015 Overview Why we have firewalls What a firewall does Why is the firewall configured the.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Welcome Information Security Office Services Available to Counties Security Operations Center Questions.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

ISSeG Integrated Site Security for Grids WP2 - Methodology

Working at a Small-to-Medium Business or ISP – Chapter 8

Critical Security Controls

Threat Landscape for Data Security

Check Point Connectra NGX R60

Comodo Dome Data Protection

Presentation transcript:

1 مديريت فناوري اطلاعات و ارتباطات نشست تخصصي كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها 27 مهرماه 1390 مديريت فناوري اطلاعات و ارتباطات شرکت ملي نفت ايران

2 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Innovative Security Solutions for Enterprises Protection Against Internal Threats DPI DLP Admin Auditing Protection Against External Threats UTM Vulnerability Management and Compliance Web and Guard

3 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Internal Security Threats Internet Abuse Staff Malicious Activities Unauthorized Access to Valuable Information Disclosure of Intellectual Property Admin Malicious activities

4 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Deep Packet Inspection (DPI) Form of computer network packet inspection Examine the data part of packets Block packet or pass it Collect statistical information Inspect beyond OSI layer 2 & 3 Classify traffic based on signature database Classify traffic based on statistical values

5 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها C BitTorrent, eMule, Skype,... HTTP,SMTP, SQL Server, Oracle, MSN, Y! Link Layer IP TCP/UDP Static Port Dynamic Port Router/Switch Firewall DPIIPS Stateful Inspection String matching with bit offsets Application Control Engine

6 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها L2-L4 L7 Link Layer Traffic IP Layer Traffic UDP Layer TrafficTotal Traffic DOYBITORRENTOUKNOW SIGNATURE UDP Layer Traffic Up Layer Traffic L5-L6

7 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Application Group User Group User Time

8 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها DPI Usage Policy definition and enforcement Quality of service Marking Shaping Traffic analysis Behavior auditing Statistical reports

9 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Data Loss Prevention (DLP) Most of data leakages occur by staff Digital data is an asset of organizations Identify, monitor and protect Data in use Data in motion Data in rest Network DLP Endpoint DLP Datacenter DLP

10 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Network DLP Reduce the risk of sensitive data leaving the network perimeter via , web, instant messaging and telnet Audit, encrypt, quarantine or block unauthorized transmissions of compliance-driven information or intellectual property in real- time as defined by policy Involve end users in data security processes and remediation to build awareness and reduce administrative cost Maintain competitive advantage and brand value through comprehensive protection of corporate data

11 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Endpoint DLP Reduce risk by discovering and protecting sensitive data on laptops and desktops Minimize the time, costs and staff required to comply with regulations Monitor and control how end users interact with sensitive information in real-time as defined by policy Involve end users in remediation to build awareness of data security policies and reduce administrative costs

12 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Datacenter DLP Prioritize your security projects with the fastest and most accurate way to profile your risk across file shares, databases, storage systems (SAN/ NAS) and other data repositories. Reduce risk through a rich set of automated actions such as move, quarantine, change access control, and eDRM encryption Identify sensitive information in collaborative environments such as Microsoft SharePoint®, Documentum® and Lotus Notes®

13 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Admin Audit Challenge Security and audit requirement to inspect all incoming traffic to the critical secured datacenter How to inspect encrypted connections? Solution: Guardian Guardian combined with existing Intrusion Detection System provides a solution that enables customer to inspect and control all the incoming connections, encrypted or not

14 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها

15 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها

16 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها

17 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها External Security Threats Malicious code (Viruses, Malwares,…) DoS/DDoS attacks Web server attacks attacks VoIP attacks Application attacks Wireless Attacks,…

18 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Unified Threat Management (UTM) It is the evolution of the traditional firewall into an all-inclusive security product that has the ability to perform multiple security functions in one single appliance: Network firewalling, network intrusion prevention, gateway antivirus, application filtering, application control, monitoring & event log. A single UTM appliance simplifies management of a company's security strategy, with just one device taking the place of multiple layers of hardware and software.

19 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Firewall A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. IPS Intrusion Prevention Systems is network security appliance that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about said activity, attempt to block/stop activity, and report activity.

20 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Key Advantages of UTM Reduced complexity: Single security solution Single Vendor Simplicity: Avoidance of multiple software installation and maintenance Easy Management: Plug & Play Architecture, Web-based GUI for easy management Reduced technical training requirements, one product to learn

21 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Security Unified Management (SUM) More than 95% of security incidents result from exploitation of known vulnerabilities! Despite the countermeasures were available

22 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها IT Security Challenges High costs of standards implementation (ISO27001, PCI) High costs of maintaining these standards Asset risk status that is often out of date Complexity of IT structures Different scanning engines, and policies Disintegrated individual vulnerability management tools

23 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها Where you want to be at! Things to know Security measures The current levels of security of your IT systems The required investment for improving security Impacts of current IT investments The performance of IT security

24 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها SUM Overview Unified management for all known and custom scan engines and recommending remedy. Standards-compatible Risk Assessment Compliance with all international and custom standards Effective reporting and auditing Unified Vulnerability Assesment, Risk Management, Audit & Reporting and Compliance.

25 مديريت فناوري اطلاعات و ارتباطات كاربرد ارتباطات ماهواره اي در مديريت بحران و راهكارهاي نوين محافظت اطلاعات سازمان ها SUM: Governance Real-time asset inventory Real-time asset and department risk status Clear view of organizational structure, responsible personnel, controlled assets Department-wise risk mitigation, investment, disaster recovery, or business continuity plans Department-wise compliance status