Presentation is loading. Please wait.

Presentation is loading. Please wait.

Asco. Prof. Dr. Sureswaran Ramadass Enterprise Network Monitoring and Security “iNet Enterprise”

Published byCamron Harvey Modified over 9 years ago

Similar presentations

Presentation on theme: "Asco. Prof. Dr. Sureswaran Ramadass Enterprise Network Monitoring and Security “iNet Enterprise”"— Presentation transcript:

1 Asco. Prof. Dr. Sureswaran Ramadass Enterprise Network Monitoring and Security “iNet Enterprise”

2 Enterprise Network Security

3 Networks are suffering from viruses, worms, Trojans, spy- wares, ad-wares, hijackers, pop generators, spam, intrusion and many more. If you have an internet connection (home, corporate) then, your machine is exposed to the Internet world. And hence you are vulnerable against Worms and Viruses. Virus and Worm are the biggest contributors to today’s network problems. With these modern threats, firewall and antivirus alone are not enough To protect your organization from the blended threats. The Problem

4 Cost of worms Cost for cleanup of worms worldwide.  Sobig: USD 37.1 billion  MyDoom: USD 22.6 billion  Klez: USD 19.8 billion  Nachi: USD 13 billion  Mimail: USD 11.5 billion  Swen: USD 10.4 billion  Love Bug: USD 8.8 billion  Bugbear: USD 3.9 billion Source: www.wholesecurity.com

5  Cost for cleanup of worms in Malaysia.  Code Red: RM 22 million  Nimda: RM 22 million  Blaster: RM 31 million  Nachi: RM 31 million 90% of desktop computers in a Malaysian internet company experienced downtime caused by Blasted.D worm. (August 2003) Local universities network bandwidth was badly effected by the Nachi Worm. Source: NISER study Cost of worms…

6 Target discovery techniques  Random, sequential, local  Hitlist (external, internal) Because of the Speed of there infection / spread…. Why Worms Are Dangerous?

7 Patched infected Network Parallelized Infected Network Busy Network AlertWarning

8 What worms can do to you? Once the host is infected, it can: Steal YOUR private info and distribute it to all the users in your email database. Send dummy traffic to paralyze your network. Destroy key system files that would damage and crash your computer. Destroy database system within your server.

9 What you need? A holistic approach on the security strategies you currently have in place MUST be adopted To protect your organization from the new generation of blended Threats. A solution that covers loopholes left by other security products for an all round protection. A Solution can detect internal worm attack as well as external. An updated Software with most worm signatures. A warning, alerting mechanism to aware security team to take the proper action.

10 The Answer… Easy to install and use. Low memory requirements. Detects worm activity on the wire. Live updates from m-Protect database server that consists of a comprehensive list of all known worms. Works passively to scan network traffic for worms. Alerts you of a potential worm attack via synthesized voice warning and visual messages as well as sms and emails. Pinpoints the source of the computer that is broadcasting the worm packets. Works hand in hand with 3rd party anti – virus tools. Able to detect worms with multiple signatures. Detect worm attacks within the LAN and from outside.

11 Enterprise Network Monitoring

12 Network monitoring Goals: To Constantly monitors a computer network for slow or failing systems. To Notify the network administrator in case of outages via email, sms or other alarms. Network monitoring tools falls into two categories: Software based network monitoring Hardware based network monitoring Network monitoring Approaches: Passive Network Monitoring Active Network Monitoring Network Monitoring..

13

14 it would alert everyone in the network regarding the worm attack Locate source of the problem. Provide possible solutions Besides propagation via the internet connection, Worms can still reach the internal network by: laptops. external media (cd, thumbdrive). wireless access points. encrypted/ zipped emails. Border defenses is of no use if the worm is already inside the internal network. Because..

15 The product introduces a new approach for worm monitoring; it monitors the area left out by other current approaches. It has a complete database of signatures, explanation and an expert solution and recommendation to all known worms in the net. Uses an intelligent matching engine to match worm payload packets and an expert database of solutions to the worms. Works passively, no additional traffic is added to the network. Updates definitions automatically. Boasts a database of all currently known Email, IM, Web, Internet, P2P and IRC worms. Warns users locally by synthesized voice warnings and visual messages. Logging facilities. Buffering.. High Speed Network

16 To minimize the limits in the time-consuming trial and error methods network administrators spend in identifying network problems. To provide a robust, non-pervasive, real time network monitoring capabilities. To provide an intuitive designed user interface to improve users learning curve to get acclimatized with the applications. To provide global access to remotely monitor any network on any corner of the world tunneling via the Internet. “To provide a robust monitoring tool and at the same time does not affect the network performance while performing its tasks” iNet Enterprise

17

18 Use technology or techniques that consume minimal bandwidth and yet provide real-time and up to date information about your network. (non-streaming) iNet Segment would gather network information and store it in the local segment. Administrator can probe into a particular segment, through iNet Console. Immediate past incident scenario can be recreated with iNet Console to investigate the cause of the network problem. Synonymous to the playback of videotapes of CCTV to investigate criminal acts. Via iNet Console, iNet Enterprise provides global access services to remotely monitor your network from any part of the world via an IP connection through the Internet. The monitoring console could also be your mobile PDA (iNet m-Console) using EDGE, 3G or Wifi technologies. iNet Enterprise Technology

19 Deployed in National Advance IPv6 Centre, NEC, School of Computer Science USM POC done for UUM and UPM In discussion with a National Bank of Panama, St George Bank Panama, MDeC, TPM Implementation

20 Enterprise Level overview Segment 1 Segment 2 Segment 3 1 Monitoring Center

21 Enterprise and ISP Level overview

22

23

24 Q&A Thank You

Download ppt "Asco. Prof. Dr. Sureswaran Ramadass Enterprise Network Monitoring and Security “iNet Enterprise”"

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.

1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.
Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.

Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
University of Maryland I.T. Security Gerry Sneeringer IT Security Officer

University of Maryland I.T. Security Gerry Sneeringer IT Security Officer
Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.

Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Similar presentations

Ads by Google