Presentation is loading. Please wait.

Presentation is loading. Please wait.

Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD.

Published byMalcolm Skinner Modified over 9 years ago

Similar presentations

Presentation on theme: "Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD."— Presentation transcript:

1 Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD

2 Agenda  Network Security  Remote Access  Anti-Virus Protection  E-mail Content Filtering and Blocking  Possible Future Directions

3 Network Security

4 Private Network External Firewall Internal Firewall Internet DMZ Extranet DMZ SITA X25 InternetInternet

5 Network Security  2 levels of firewalls for access control  2 separate DMZs to protect sensitive information  Outgoing Internet access through application relays  Intrusion detection systems on both DMZs  Vulnerability scanning on a regular basis

6 Intrusion Detection System  Network sensor watching for attack signatures  Responses to suspicious activity:  Connection termination  Alerts sent by E-mail  Session recorded  Other …

7 Intrusion Detection System

8 Centrally Managed Security Policies

9 Remote Access

10 Exchange Web SQL

11 Remote Access Home users Mission users

12 Remote Access  For portables and Outlook Web Access users to access the OECD network, two- factor authentication based on:  A PIN number (known by the user)  An authenticator (either hardware or software)  Also based on Windows authentication to access network resources

13 Anti-Virus Protection

14 NetworkServer Gateway & Firewall Internet Point of Entry E-mail & SMTP relay Client

15 Prevention And Detection  Anti-Virus products from 2 different vendors installed on:  Desktops and laptops  File Servers  E-mail Servers  SMTP Relays  Signature updates on a weekly basis  Scanning on PCs and servers on a weekly basis  User Education  Being Prepared  Basic Network Security  Standard Disaster Recovery Procedures

16 E-mail Content Filtering and Blocking

17  Implemented after the ILOVEYOU virus  SMTP relay level filtering of all incoming and outgoing Internet messages:  Scan for viruses  Block « program » attachments and HTML scripts for 2 days  Search for « suspicious » text strings in subject  Reporting to management

18 E-mail Content Filtering and Blocking

19 W32/Navidad W32/Navidad-B

20 Possible Future Directions  Outsource detection and reporting of network vulnerabilities  SSL for Outlook Web Access  Use RTBL to prevent spamming  Content inspection on HTTP/FTP downloads

21 Comments and Questions?

Download ppt "Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD."

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.

Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Group Presentation Design and Implementation of a company- wide networking & communication technologies strategy 9 th December 2003 Prepared By: …………

Group Presentation Design and Implementation of a company- wide networking & communication technologies strategy 9 th December 2003 Prepared By: …………
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Cyber Security – Our Approach James Clement Network Specialist ETS: Communications & Network Services

Cyber Security – Our Approach James Clement Network Specialist ETS: Communications & Network Services
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
EDUCAUSE Security 2006 Internet John Brown University.

EDUCAUSE Security 2006 Internet John Brown University.
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.
Securing Exchange Server 2003. Session Goals: Introduce you to the concepts and mechanisms for securing Exchange 2003. Examine the techniques and tools.

Securing Exchange Server Session Goals: Introduce you to the concepts and mechanisms for securing Exchange Examine the techniques and tools.
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.

1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.

Similar presentations

Ads by Google