How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI.

Slides:

Advertisements

Similar presentations

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP, CCSK Principal Systems Engineer – Security.

Advertisements

Computer Security: Principles and Practice

The Most Analytical and Comprehensive Defense Network in a Box.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

This paper states that one of the major problem to the adoption of cloud computing is that of security.  Existing cloud computing problem or concerns.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.

Information Security in Real Business

Controls for Information Security

Stephen S. Yau CSE , Fall Security Strategies.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Virtualization for Cloud Computing

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

5205 – IT Service Delivery and Support

Microsoft delivers a complete datacenter solution with Windows Server 2012 R2 out-of-the-box Cloud OS Development Management Identity Virtualization.

University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.

System Center 2012 Setup The components of system center App Controller Data Protection Manager Operations Manager Orchestrator Service.

Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

PBA. Observations  Growth, projects, busy-ness –Doing an incredible amount of work  Great Quality of work  Concern about being perfect  Attitudes.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Module 14: Configuring Server Security Compliance

IBM Global Services © 2006 IBM Corporation IBM Internet Security Systems Ahead of the threat. ™ IBM Global Technology Services © 2009 IBM Corporation IBM.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Chapter 6 of the Executive Guide manual Technology.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Windows Azure Pack Service Provider Foundation 2012 R2 Windows Server 2012 R2 Virtual Machine Manager 2012 R2 Damian Flynn MVP System Center

1 Evolution and Revolution: Windows 7 and Desktop Virtualization How to Accelerate Migration to Windows 7 Miguel Sian, Sr. Enterprise Solutions Consultant.

SAM-21 Fortress Model and Defense in Depth Some revision on Computer Architecture.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Chapter 2 Securing Network Server and User Workstations.

Module 11: Designing Security for Network Perimeters.

Application Security in a cyber security program

Security Environment Assessment. Outline  Overview  Key Sources and Participants  General Findings  Policy / Procedures  Host Systems  Network Components.

Virtualization One computer can do the job of multiple computers, by sharing the resources of a single computer across multiple environments. Turning hardware.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

Russell Rice Senior Director, Product Management Skyport Systems

IS3220 Information Technology Infrastructure Security

INFORMATION SECURITY AND CONTROL. SECURITY: l Deter l Detect l Minimize l Investigate l Recover.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.

Chapter 13 Network Security Auditing Antivirus Firewalls Authentication Authorization Encryption.

OIT Security Operations

CSCE 548 Student Presentation By Manasa Suthram

Network Security Research Presentation

Critical Security Controls

Capabilities Matrix Access and Authentication

Securing the Network Perimeter with ISA 2004

Virtualization & Security real solutions

Secure & Unified Identity

VMware NSX and Micro-Segmentation

Firewalls at UNM 11/8/2018 Chad VanPelt Sean Taylor.

Operationalizing MITS: How do we make this happen?

ISMS Information Security Management System

Understanding Security Layers

Identity & Access Management

Implementing Client Security on Windows 2000 and Windows XP Level 150

CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018

AT&T Firewall Battlecard

Presentation transcript:

How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI

Proactive Security Model Map Architecture Digital Asset ID Profile Model Identify Vulnerabilities Standardize Policies Incident Response Training Risk Assessment

Defense in Depth Strategy Multiple (overlapping) Layers Narrow “windows” of access per layers High Fault tolerance Always assume that the higher layer will fail

Defense in Depth Strategy Perimeter Defenses Network Defenses Host Defenses Application Defenses Data and Resources

Defense in Depth Strategy Perimeter Defenses Physical Access Control Remote video monitoring Essential personnel access only Network Defenses VLAN access control lists Firewall (Zones) Auditing Packet Inspection / Intrusion Detection Host Defenses Server hardening Auditing and host intrusion detection Packet filtering

Defense in Depth Strategy Application Defenses Validation Checks Verify HTML & Cookies source Secure Web Services Data and Resources Authentication method Data encryption Services Account

Securing Virtualization in Data Centers VMM or Hypervisor VMM or Hypervisor Hardware Integrated Security VM Integrated Security VM App OS Next-Generation Virtualization Security: Control virtual machine Control virtual machine management - Hypervisor Security VM Features: Centralized network protection VM NAC, assessment, and control Hypervisor Security: Hypervisor attestation (Trusted Platform Module, or TPM) VM attestation (vTPM) Guest VM Guest VM Guest VM Guest VM Mgmt Network Protection (IPS/FW) Host Protection (AV/HIPS) Policy-Based MAC NAC, Assessment & Control TPM Security APIs vTPM FinanceEngineering 7

Topological View

3-D Visualization

Role-Based Dashboard Situational Awareness Enterprise Focused

Top Five Recommendations 1.Vulnerability scans 2.Patch management 3.Multi-layered security 4.Policy refresh 5.Integration of logical and physical controls

Thought for the day Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away. Antoine De Saint-Exupery ( )

THANK YOU Rob Lara