Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enterprise Enterprise Wrappers for Information Assurance DARPA/SPAWAR Contract N66001-C-8023 Mark Feldman, Wayne Salamon, Steve Kiernan, John Axisa NAI.

Published byAnna Baker Modified over 8 years ago

Similar presentations

Presentation on theme: "Enterprise Enterprise Wrappers for Information Assurance DARPA/SPAWAR Contract N66001-C-8023 Mark Feldman, Wayne Salamon, Steve Kiernan, John Axisa NAI."— Presentation transcript:

1 Enterprise Enterprise Wrappers for Information Assurance DARPA/SPAWAR Contract N66001-C-8023 Mark Feldman, Wayne Salamon, Steve Kiernan, John Axisa NAI Labs, Network Associates OASIS Winter PI Meeting 12 March 2002 Not for Public Release

2 Enterprise Wrappers slide 2 -- 3/12/02 OASIS PI Meeting -- Not for Public Release Overview and Status Blah, blah, blah Wrappers Blah, blah, blah NAI Labs Blah, blah, blah Teknowledge Blah, blah, blah Enterprise Success, but more work to do

3 Enterprise Wrappers slide 3 -- 3/12/02 OASIS PI Meeting -- Not for Public Release A Parallel, Collaborative Effort Using Previous DARPA Research Prototypes as a Base Teknowledge: Windows NT/2000 NAI Labs: Multi-Platform, concentrating on Linux under this program http://opensource.nailabs.com/wrappers/ Base Technology and Teaming ftp://ftp.tislabs.com/pub/wrappers/

4 Enterprise Wrappers slide 4 -- 3/12/02 OASIS PI Meeting -- Not for Public Release Enterprise Wrappers Goals  Integrate host-based wrappers into scalable cyber- defense system  Create common, multi-platform, policy-enforcing infrastructure  Populate this infrastructure with useful monitors, authorizers, and controllers  Dynamically ensure a consistent, enterprise-wide policy “Scaling the power of the wrapper to the enterprise”

5 Enterprise Wrappers slide 5 -- 3/12/02 OASIS PI Meeting -- Not for Public Release Enterprise Wrappers Objectives Wrapper Network Interface –Off-board cyber-defense controllers –Off-board communication of wrapper data Multi-Platform Host Controller –Manages dynamic insertion and removal of Wrappers –Network-scalable NWM Network Schema & Data Hardened System “Soft” System Manager Interface Other IA components, such as intrusion detection, sniffers, secure DNS, IDIP, etc. Boundary Controller... service WMI proxy Control Protocol Data Push/Pull Linux or NT Wrapper Subsystem Data Base Hardened System(expanded) Host Controller M M M M MediationCocoon App M M M M MediationCocoon App

6 Enterprise Wrappers slide 6 -- 3/12/02 OASIS PI Meeting -- Not for Public Release Revisiting What “Policy” Means Here A combination of –Wrappers written in WDL –Activation Criteria –Data to drive decisions Distributed based on –Hardware/Software Platform –Network Topology –Geographic Location –Mission –Users via a secure, hierarchical distribution mechanism driven by a GUI (drag-and-drop) with local override

7 Enterprise Wrappers slide 7 -- 3/12/02 OASIS PI Meeting -- Not for Public Release What We’ve Done Lately Selected and implemented technologies –Communication using sockets (adaptable to BEEP, Spread, SSL, IPSEC) –Portable Java-based host and network controller and lightweight native host controller –Portable storage mechanism (LDAP) for policy First release with Enterprise functionality –One GUI to rule them all –Implements policy across the Enterprise Started experimentation and testing of policy model

8 Enterprise Wrappers slide 8 -- 3/12/02 OASIS PI Meeting -- Not for Public Release Come see the Demo! We’ll be demonstrating Enterprise Wrappers for the first time* Wednesday night. Please stop by to see the power of the wrapper scale to the enterprise * Outside of a preview to Jay in October

9 Enterprise Wrappers slide 9 -- 3/12/02 OASIS PI Meeting -- Not for Public Release DARPA-hard Questions we still have Is the Policy Model adequate for the user? Are pre-packaged groups of wrappers, activation criteria, and data sufficient? Will composition produce unexpected/unintended results? Will the administrator-in-the-middle hierarchical model produce unexpected/unintended results?

10 Enterprise Wrappers slide 10 -- 3/12/02 OASIS PI Meeting -- Not for Public Release NAI Start Teknowledge Start Schedule Norfolkgk PI Meetin Hawaii PI Meeting2001200020022003 Base technology build-up Host & Network Controllers Santa Fe PI Meeting Updated Wrappers New API design and implementation Hilton Head PI Meeting Interoperability Summer PI Meeting TBD: Useability Wrapper population Integration with other OASIS technologies You are here

11 Enterprise Wrappers slide 11 -- 3/12/02 OASIS PI Meeting -- Not for Public Release Technology Transfer Wrappers are available and being used; Enterprise Wrappers becoming the default. Actively seeking input on –wrappers necessary to protect mission –ways to make wrappers easier to use Continuing to make the toolkit, including new Enterprise functionality, available under the GPL. ftp://ftp.tislabs.com/pub/wrappers/ http://opensource.nailabs.com/wrappers/

12 Enterprise Wrappers slide 12 -- 3/12/02 OASIS PI Meeting -- Not for Public Release ? Questions, Suggestions, or Ideas

Download ppt "Enterprise Enterprise Wrappers for Information Assurance DARPA/SPAWAR Contract N66001-C-8023 Mark Feldman, Wayne Salamon, Steve Kiernan, John Axisa NAI."

Similar presentations

NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)

NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)
Arrow color indicates specific subset of Security Service Desk Common Backplane API. is DC Backplane API impledmented by the Backplane Services. Devices.

Arrow color indicates specific subset of Security Service Desk Common Backplane API. is DC Backplane API impledmented by the Backplane Services. Devices.
® Context Aware Firewall Policies Ravi Sahita Priya Rajagopal, Pankaj Parmar Intel Corp. June 8 th 2004 IEEE Policy (Security)

® Context Aware Firewall Policies Ravi Sahita Priya Rajagopal, Pankaj Parmar Intel Corp. June 8 th 2004 IEEE Policy (Security)
Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.

Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.
Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.

Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.
Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.
1 June 1, 2015 Secure access to project budget information for OAR Principal Investigators Eugene F Burger Sylvia Scott Tracey Nakamura John L Forbes PMEL.

1 June 1, 2015 Secure access to project budget information for OAR Principal Investigators Eugene F Burger Sylvia Scott Tracey Nakamura John L Forbes PMEL.
Active Directory: Final Solution to Enterprise System Integration

Active Directory: Final Solution to Enterprise System Integration
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
02/12/00 E-Business Architecture

02/12/00 E-Business Architecture
Office of Science U.S. Department of Energy Grids and Portals at NERSC Presented by Steve Chan.

Office of Science U.S. Department of Energy Grids and Portals at NERSC Presented by Steve Chan.
1 Dynamic Assembly, Assessment, Assurance, and Adaptation via Heterogeneous Software Connectors Nenad Medvidovic with Marija Rakic and Barry Boehm University.

1 Dynamic Assembly, Assessment, Assurance, and Adaptation via Heterogeneous Software Connectors Nenad Medvidovic with Marija Rakic and Barry Boehm University.
Milos Kobliha Alejandro Cimadevilla Luis de Alba Parallel Computing Seminar GROUP 12.

Milos Kobliha Alejandro Cimadevilla Luis de Alba Parallel Computing Seminar GROUP 12.
Grids and Grid Technologies for Wide-Area Distributed Computing Mark Baker, Rajkumar Buyya and Domenico Laforenza.

Grids and Grid Technologies for Wide-Area Distributed Computing Mark Baker, Rajkumar Buyya and Domenico Laforenza.
Managing Agent Platforms with the Simple Network Management Protocol Brian Remick Thesis Defense June 26, 2015.

Managing Agent Platforms with the Simple Network Management Protocol Brian Remick Thesis Defense June 26, 2015.
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.

Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 2000 by Carnegie Mellon.
Integrated Information Technology (IT) & Information Assurance (IA)

Integrated Information Technology (IT) & Information Assurance (IA)
Windows 2000 Remote Access. Remote Access Overview With Windows 2000 remote access, remote access clients connect to remote access servers and are transparently.

Windows 2000 Remote Access. Remote Access Overview With Windows 2000 remote access, remote access clients connect to remote access servers and are transparently.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
A Survey on Interfaces to Network Security

A Survey on Interfaces to Network Security

Similar presentations

Ads by Google