Presentation is loading. Please wait.

Presentation is loading. Please wait.

SNA, Step 2, 10/31 Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SNA, Step 2, 10/31 Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song."— Presentation transcript:

1 SNA, Step 2, 10/31 Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song

2 SNA, Step 2, 10/31 Overview Essential User Capabilities Summary of Essential Components Firewall Type Essential Components Diagram Essential Scenarios Essential Component Details Next Steps

3 SNA, Step 2, 10/31 Essential User Capabilities Essential Capabilities performed by 300 dedicated users Dedicated users must have access to financial service applications Core Financial Applications Application Desktop Integrator Applications Feeder systems must integrate with financial applications Primary actions performed by users are: Billing, reporting & reconciliation of budgets and expenses

4 SNA, Step 2, 10/31 Summary of Essential Components Kerberos Domain Controller (authentication) Acis.as.cmu.edu (public access points) Mistral (db server) Tandem (print & e-mail) Chinook (backup server)

5 SNA, Step 2, 10/31 Logical Proxy (Application Gateway) Firewall SCP HTTPS … Oracle Connection Mgr. Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SMTP (e-mail) Tandem CAMPUS NETWORK PRIVATE NETWORK (External)(Internal) 1.Restricts traffic based upon packet content 2.Application specific

6 SNA, Step 2, 10/31 Essential Components Diagram Kerberos SCP HTTPS … Oracle Connection Mgr. Kerberos Domain Contriller Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SMTP (e-mail) Tandem O. DB HTTP … O. Listener Mistral (databse server) SQL Net O. Forms CITRIX FTP LPR (print) SSH SMTP (e-mail) O. DB HTTP … O. Listener Chinook (Backup) SQL Net O. Forms CITRIX FTP LPR (print) SSH SMTP (e-mail) CAMPUS NETWORK Cyert Computer Center 6555 Penn Ave FIBER

7 SNA, Step 2, 10/31 Essential Components [1] Acis.as.cmu.edu: Cluster of Sun Sparc Servers Public Access Points Support services Oracle Connection Manager HTTP, Telnet, FTP, HTTPS(some Kerberos authenticated) SCP (Secure Copy Protocol – unix) SSH Web DB, Big Brother (Monitoring software), …

8 SNA, Step 2, 10/31 Essential Components [2] Mistral: Database Server Hosts main Oracle Server: HTTP Oracle Listeners, Names, Database CITRIX Application Server NFS(data sharing), SMTP (e-mail) LPR (printer) & Fs (other printer) SQL net, FTP, SSH(file upload)…

9 SNA, Step 2, 10/31 Essential Components [3] Tandem Print & E-mail gateway No user accounts on this machine Services provided: SSH (Administrator Connections) LPD (Printing) SMTP (email)

10 SNA, Step 2, 10/31 Essential Components [4] Chinook Disaster Recovery Machine: standby database Located offsite at 6555 Penn Ave. Test & Development machine Mirroring of Development database every 5-minutes Existing passive fiber link between campus and this location. Exact Same HW & SW as Mistral

11 SNA, Step 2, 10/31 Essential Scenarios – Budget Spreadsheet Kerberos SCP HTTPS Oracle Connection Mgr. Kerberos Domain Contriller Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SMTP (e-mail) Tandem O. DB HTTP O. Listener Mistral (Databse Server) O. Forms CITRIX CAMPUS NETWORK (out)

12 SNA, Step 2, 10/31 Essential Scenarios – Feeder System Kerberos SCP HTTPS Oracle Connection Mgr. Kerberos Domain Contriller Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SMTP (e-mail) Tandem O. DB HTTP O. Listener Mistral (Database Server) O. Forms Secure Directory CAMPUS NETWORK LPR (print) SMTP (e-mail)

13 SNA, Step 2, 10/31 Essential Components – DB Mirroring O. DB O. Mirroring Software Mistral (Database Server)Chinook (Backup) O. DB O. Mirroring Software Automatic mirroring of development database changes every 5-minutes

14 SNA, Step 2, 10/31 Ongoing Steps Client & Users 3 rd client meeting to verify essential services and components On-going interviews of Business Managers with and w/o feeder systems Within Our Group Development of potential intrusion detection scenarios & attacker profiles Identify compromisable components Physical visit to 6555 Penn Ave. Backup facility

15 SNA, Step 2, 10/31 A potential security threat Business Managers: 30+ business managers SCS, MCS, CIT, etc… Determine exactly who is able to obtain various forms of access to areas of the oracle financial system For example, MCS: College Manager 7 Business Managers Provide access to 2-3 individuals (regular users)

Download ppt "SNA, Step 2, 10/31 Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song."

Similar presentations

Oracle Financial System Project Team: Aseem Gupta Jeng Toa Lee Jun Lu Kevin Patrick Zhu Thomas Verghese Weicheng Wong Xuegong Wang ( Jeff ) Date : 26 th.

Oracle Financial System Project Team: Aseem Gupta Jeng Toa Lee Jun Lu Kevin Patrick Zhu Thomas Verghese Weicheng Wong Xuegong Wang ( Jeff ) Date : 26 th.
Secure Lync mobile Authentication

Secure Lync mobile Authentication
1 Oracle Financial System Mary Ann Carr September 14, 2000.

1 Oracle Financial System Mary Ann Carr September 14, 2000.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Technical Brief v1.0. Communication tools that broadcast visual content directly onto the screens of computers, using multiple channels and formats Easy.

Technical Brief v1.0. Communication tools that broadcast visual content directly onto the screens of computers, using multiple channels and formats Easy.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
© Copyright 1997, The University of New Mexico C-1 Internet Service Provider Services What to do once you’re connected.

© Copyright 1997, The University of New Mexico C-1 Internet Service Provider Services What to do once you’re connected.
Lesson 3 – UNDERSTANDING NETWORKING. Network relationship types Network features OSI Networking model Network hardware components OVERVIEW.

Lesson 3 – UNDERSTANDING NETWORKING. Network relationship types Network features OSI Networking model Network hardware components OVERVIEW.
Lesson 17 – UNDERSTANDING OTHER NETWARE SERVICES.

Lesson 17 – UNDERSTANDING OTHER NETWARE SERVICES.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
11/14 SNA Presentation 3 Survivable Network Analysis Oracle Financial System SNA step 3 Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian.

11/14 SNA Presentation 3 Survivable Network Analysis Oracle Financial System SNA step 3 Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian.
Oracle Financial System Project Team: Xuegong Wang Jun Lu ZhengChun Mo Patrick Zhu Thomas Verghese Weicheng Wong Date : 14 th November, 2001 Step 3.

Oracle Financial System Project Team: Xuegong Wang Jun Lu ZhengChun Mo Patrick Zhu Thomas Verghese Weicheng Wong Date : 14 th November, 2001 Step 3.
Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : 97077200 7 August 1999 The Chinese University.

Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : August 1999 The Chinese University.
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
Advanced Web 2012 Lecture 2 Sean Costain 2012. How the Web Works - Refresh Sean Costain 2012 The web is a matrix of servers that handle client requests.

Advanced Web 2012 Lecture 2 Sean Costain How the Web Works - Refresh Sean Costain 2012 The web is a matrix of servers that handle client requests.
Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song.

Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
CHAPTER Introduction to LANs. MODULE Purpose and Use of a Network.

CHAPTER Introduction to LANs. MODULE Purpose and Use of a Network.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

Similar presentations

Ads by Google