Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kevin Watson and Ammar Ammar IT Asset Visibility.

Published byGary Hudson Modified over 8 years ago

Similar presentations

Presentation on theme: "Kevin Watson and Ammar Ammar IT Asset Visibility."— Presentation transcript:

1 Kevin Watson and Ammar Ammar IT Asset Visibility

2 The University of Tennessee Health Science Center What is Total Asset Visibility? Capability to provide users with timely and accurate information Capability to act upon that information to improve overall performance Location Movement Status Identity of units Personnel Equipment Material Supplies

3 The University of Tennessee Health Science Center Total Asset Visibility As applied to IT Hardware Software Endpoints Portable devices Servers Network/infrastructure devices “If it has an IP Address, it is an asset, and you need visibility into it.”

4 The University of Tennessee Health Science Center Why is it important? SANS 20 Critical Controls for an Effective Cyber Defense Without knowing what you have, you can’t effectively protect it Attackers continuously scan target organizations waiting on vulnerable systems to appear on the network Devices off and on the network Out of date devices New systems and applications

5 The University of Tennessee Health Science Center Foreign systems should be isolated to prevent compromises from affecting security Test systems Vender portables Personal assets Guest systems BYOD is becoming increasingly common

6 The University of Tennessee Health Science Center How do we do it? Managed control 1.Deploy and leverage asset discovery tool to build an inventory 2.Deploy dynamic host configuration protocol (DHCP) server logging 3.Ensure all IP enabled acquisitions update the inventory system as new, approved devices

7 The University of Tennessee Health Science Center 4.Inventory should include every system that has an Internet protocol (IP) address Network IP address(es) Hostname Function of system Asset owner, steward, and custodian Business units serviced Portable? Personal? 5.Use network level authentication via 802.1x and tie inventory data to determine authorized and unauthorized systems 6.Network Access Control (NAC) monitors authorized systems to facilitate remediation when necessary

8 The University of Tennessee Health Science Center How does this help the organization? Accounts for and manages inventory Network devices can be reconciled with the asset inventory Active scanning tools and passive listening tools can pair to improve detection of new or unauthorized devices Switches can be configured to implement 802.1x Only properly configured devices can connect to the network

9 The University of Tennessee Health Science Center Effectiveness Metrics Average time to detect a new devices Average time for scanners to alert the security administrators to unauthorized devices Average time to isolate/remove unauthorized devices Ability to identify location, department, and other critical details about the detected, unauthorized device SANS, http://www.sans.org/critical-security- controls/control/1

10 The University of Tennessee Health Science Center What tools can help?

11 The University of Tennessee Health Science Center Questions?

12 The University of Tennessee Health Science Center Contact information Kevin Watson 901-448-7010 Kevin.Watson@uthsc.edu Ammar 901-448-2163 aammar@uthsc.edu http://uthsc.edu/its/information-security

Download ppt "Kevin Watson and Ammar Ammar IT Asset Visibility."

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
IT Asset Management Status Update 02/15/2010. 2 Agenda What is Asset Management and What It Is Not Scope of Asset Management Status of Key Efforts Associated.

IT Asset Management Status Update 02/15/ Agenda What is Asset Management and What It Is Not Scope of Asset Management Status of Key Efforts Associated.
© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, 2009 05/30/2009.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
Networking with Windows Vista.. Vista’s New Tools and Features The Network and Sharing Center Network Discovery Network Map Network Diagnostics.

Networking with Windows Vista.. Vista’s New Tools and Features The Network and Sharing Center Network Discovery Network Map Network Diagnostics.
Jim Purcell – Senior IT Auditor, UT System

Jim Purcell – Senior IT Auditor, UT System
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.

Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Similar presentations

Ads by Google