Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Protecting Wintel Infrastructures: The University of Memphis Case Robert Jackson, University of Memphis Dr. Mark Frolick, Xavier University Copyright.

Published byClaire Boyd Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Protecting Wintel Infrastructures: The University of Memphis Case Robert Jackson, University of Memphis Dr. Mark Frolick, Xavier University Copyright."— Presentation transcript:

1 1 Protecting Wintel Infrastructures: The University of Memphis Case Robert Jackson, University of Memphis Dr. Mark Frolick, Xavier University Copyright Mark Frolick and Robert Jackson 2003. This work is the intellectual property of the Mark Frolick and Robert Jackson. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the authors. To disseminate otherwise or to republish requires written permission from the authors.

2 2 I.Existing infrastructure II.Challenges so far III.Lessons Learned IV.What does the future hold? V.Miscellaneous last-minute points VI.Questions and Comments Presentation Content

3 3 I.Existing Infrastructure

4 4 Network Open network -Most computers directly accessible via internet -Limited firewall protection -Common port vulnerabilities blocked at University of Memphis border (eg, ingress filters for NETBIOS and MS-SQL access)

5 5 Hardware Approximately 60 Wintel servers –Dell servers –Virtual servers (www.vmware.com) Typical configuration –NT4 / W2K / W2K3 / Novell –RAID 5 –Redundancy Power Fans Network connections

6 6 Hardware, continued Console for local access to Wintel servers –Limited access to console Physical access User privileges –Accessible via internet (requires additional privileges)

7 7 Personnel Central IT staff –3 Wintel System Administrators –1 Network Security Specialist Local Support Providers (LSP’s) –Approximately 50 personnel –Various levels of technical expertise

8 8 Software NetBackup –www.veritas.com –Enterprise solution –Currently hosted on Unix servers –Data backed up to tape library Incrementals Full

9 9 Software, continued PowerDeploy Suite 2.0 –www.powerquest.comwww.powerquest.com –Supports Dell RAID controllers –Procedure Operating system installed Server configured / secured Sysprep PowerDeploy used to create image of OS partition Image burned to CD for shorter recovery times Image restoration tested Server made available

10 10 Software, continued Norton Anti-virus Corporate Edition 7.6 –www.norton.comwww.norton.com –Virus definitions updated daily –Scans performed nightly –Automatic notification via email of virus activity

11 11 Software, continued Nessus vulnerability scanning –www.nessus.orgwww.nessus.org –Nessus server (Linux) –NessusWx client (Wintel) –MySQL database (Wintel) –New vulnerability definitions (“plugins“) downloaded each Friday –Automatic scans performed each Monday morning –Manual scans performed as requested

12 12 Software, continued Update Expert by St. Bernard Software –www.stbernard.comwww.stbernard.com –Automatic application of selected patches to various servers –Patches applied in test environment Tuesday –Notification of intent to patch production occurs on Wednesday –Patches applied to production servers on Sunday mornings

13 13 Software, continued System monitoring and reporting –Big Brother Email only Webpage for overview of all servers –BindView Phone paging Email

14 14 II. Challenges so far

15 15 Challenges Server compromises Improve backup/restore process Upgrade infrastructure software (eg, NAV 7.6) Guaranteed weekly downtime for Wintel patches Communication with internal ITD staff

16 16 Challenges, continued Improve PowerQuest imaging procedure Vulnerability scanning –False positives –Is there a need for historical analysis? for notification of newly detected vulnerabilities? Proactive scanning of campus network? –Are “safe checks” really safe?

17 17 III.Lessons learned

18 18 Lessons Learned Network –Diverse requirements of research environment –Difficult to proactively lock-down campus network without “breaking things” (eg, MS- SQL)

19 19 Lessons Learned, continued Hardware –Try to provide as much redundancy as possible –Service administrators want full access to hardware –Involve service administrators when developing access policies for hardware

20 20 Lessons Learned, continued Software –Encourage participation in the deployment of security technologies Update Expert Norton Anti-Virus Corporate Edition Nessus (Beware of unlimited network scanning!)

21 21 Lessons Learned, continued Policy and procedure changes –Written security policy –Procedure for handling compromised servers –Procedure for implementing new services (eg, 3-tier model) Educating users, including internal IT staff, about security concerns is an on-going process

22 22 IV. What Does the Future Hold?

23 23 …The Future… Network infrastructure –Monitoring capabilities (HP Openview?) –Convert parts of campus to routed network Wintel environment –Backup software (CA backup?) –Event log analysis capabilities (Aelita’s InTrust) –Strive to improve existing processes Communication and Teamwork –Continue educating co-workers about advantages of working together to provide server security

24 24 V. Miscellaneous Last-minute Points

25 25 Password strength validation –L0phtcrack Password “auditing” program Various methods to obtain and decipher Windows platform passwords To avoid privacy issues, always get permission before “auditing” passwords 3-tier model (test, pre-production, production) Helpful websites –www.vmware.comwww.vmware.com –www.nessus.orgwww.nessus.org –www.sans.orgwww.sans.org –www.symantec.comwww.symantec.com

26 26 Questions and Comments? Robert Jackson rjax@memphis.edu Dr. Mark Frolick mark@frolick.net rjax@memphis.edu mark@frolick.net

Download ppt "1 Protecting Wintel Infrastructures: The University of Memphis Case Robert Jackson, University of Memphis Dr. Mark Frolick, Xavier University Copyright."

Similar presentations

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
Networking Essentials Lab 3 & 4 Review. If you have configured an event log retention setting to Do Not Overwrite Events (Clear Log Manually), what happens.

Networking Essentials Lab 3 & 4 Review. If you have configured an event log retention setting to Do Not Overwrite Events (Clear Log Manually), what happens.
A Successful Help Desk Process for all IT Support

A Successful Help Desk Process for all IT Support
Student, Faculty, and Staff Data Availability and Protection What’s the Back-Up Plan? (for academic computing) Sponsored by.

Student, Faculty, and Staff Data Availability and Protection What’s the Back-Up Plan? (for academic computing) Sponsored by.
© Copyright Computer Lab Solutions 2006. All rights reserved. Do you need usage information about your computer labs? Copyright Computer Lab Solutions.

© Copyright Computer Lab Solutions All rights reserved. Do you need usage information about your computer labs? Copyright Computer Lab Solutions.
Cut Costs and Increase Productivity in your IT Organization with Effective Computer and Network Monitoring. Copyright © T3 Software Builders, Inc 2004.

Cut Costs and Increase Productivity in your IT Organization with Effective Computer and Network Monitoring. Copyright © T3 Software Builders, Inc 2004.
Information Technology Services & Office of Residence Life WIRED Computer Protection CD: Healing Students' Personally Owned Computers Information Technology.

Information Technology Services & Office of Residence Life WIRED Computer Protection CD: Healing Students' Personally Owned Computers Information Technology.
Copyright Brian T. Huntley and Tim Antonowicz 2007 This work is the intellectual property of the authors. Permission is granted for this material to be.

Copyright Brian T. Huntley and Tim Antonowicz 2007 This work is the intellectual property of the authors. Permission is granted for this material to be.
Provisioning 101: Cutting Costs, Enhancing Security, and Improving Service David Lavenda VP Marketing & Product Strategy June 19, 2003 © Business Layers.

Provisioning 101: Cutting Costs, Enhancing Security, and Improving Service David Lavenda VP Marketing & Product Strategy June 19, 2003 © Business Layers.
Southwest Educause 2003 © Baylor University 2003 Adapting Enterprise Security to a University Environment Bob Hartland Director of IT Servers and Network.

Southwest Educause 2003 © Baylor University 2003 Adapting Enterprise Security to a University Environment Bob Hartland Director of IT Servers and Network.
Systems Management for Student Computing Facilities Graham Bouton Manager, Instructional Technologies Johns Hopkins University EDUCAUSE MARC 2003 Copyright.

Systems Management for Student Computing Facilities Graham Bouton Manager, Instructional Technologies Johns Hopkins University EDUCAUSE MARC 2003 Copyright.
Delivering Windows OS Updates at Yale with SUS EDUCAUSE Security Professionals Workshop May 17, 2004 Washington DC Ken Hoover, Systems Programmer

Delivering Windows OS Updates at Yale with SUS EDUCAUSE Security Professionals Workshop May 17, 2004 Washington DC Ken Hoover, Systems Programmer
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.

SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.
Deploying Tools for Cleaning Personal Information University of Pennsylvania School of Arts and Sciences Justin C. Klein Keane Sr. Information Security.

Deploying Tools for Cleaning Personal Information University of Pennsylvania School of Arts and Sciences Justin C. Klein Keane Sr. Information Security.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Similar presentations

Ads by Google