Presentation is loading. Please wait.

Presentation is loading. Please wait.

ISS SiteProtector and Internet Scanner LanAdmin Group Meeting 12/8/2005.

Published byJerome Mason Modified over 9 years ago

Similar presentations

Presentation on theme: "ISS SiteProtector and Internet Scanner LanAdmin Group Meeting 12/8/2005."— Presentation transcript:

1 ISS SiteProtector and Internet Scanner LanAdmin Group Meeting 12/8/2005

2 SiteProtector SiteProtector is an enterprise command, control and monitoring system. It allows us to use vulnerability assessment information to protect our operations ahead of the threat.

3 Internet Scanner Internet Scanner minimizes our risk by identifying the security holes, or vulnerabilities, in our network so we can protect them before an attack occurs. Once all of our networked devices are identified, Internet Scanner analyzes the configurations, patch levels, operating systems and installed applications to find vulnerabilities that could be exploited by hackers trying to gain unauthorized access.

4 Benefits to UTMB from SiteProtector/Internet Scanner Scanner Configuration Multiple in-line scanners Less time and network traffic More scanning Different scan configurations “Local” (10.10.x.x) scans Centralized scan management

5 Benefits to UTMB from SiteProtector/Internet Scanner “Enterprise” Configuration Logical group scanning User roles Distributed visibility of our security posture Compliance and remediation monitoring Departmental scanning capability

6 Benefits to UTMB from SiteProtector/Internet Scanner Process Flow Discovery scans Certification scans On-line query and reports Self scans - remediation Exception Documentation

7 Scanning Processes Current scanning process is under review and revision due to: Improved capability of tools (ISS) Staffing and priority changes Changing institutional requirements Best practices in response to changing environment

8 Scanning Processes Discovery Scan Identification & Grouping Vulnerability Scans Remediation Scans Remediation Reporting Identify new systems Initiated by NSS Schedule to be determined Feeds Cert. & Accreditation process NSS / Department collaboration Initiated by NSS (vulnerability assessments/system certifications) and/or Audit Services (server reviews) Servers - Quarterly Workstations/printer - Yearly Initiated by Department or NSS Verify status of remediation efforts On-line!! Exception/Risk Acceptance notes Available to Department Management, IS Security and Audit Services

9 Scanning Processes Patch Scan Delta Scan Exception Reports Verify Patch Management Initiated by Department with Admin. Credentials Schedule to be determined (Quarterly, as needed) Ad-hoc Processes Track Changes to system configuration Schedule to be determined Verify Exception processing Working with ISS to develop process 30-days to request Exception, then yearly review

10 Significant Events SiteProtector 2.0, SP6 release – 12/6/05 Scanner deployment – December 2005 Initial Group Configurations - Dec. ’05 – Jan. ’06 Department POC Training – Dec. ’05 – Jan. ’06 Transition to Group Scanning – March-April 2005

11

12

13

14 Q & A Email additional questions and system inventory to: Network & Security Services (SecurityVAR@utmb.edu)

Download ppt "ISS SiteProtector and Internet Scanner LanAdmin Group Meeting 12/8/2005."

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Solutions & Services to ‘Multiply your Business Performance’ 2013.

Solutions & Services to ‘Multiply your Business Performance’ 2013.
SACM Terminology Nancy Cam-Winget, David Waltermire, March.

SACM Terminology Nancy Cam-Winget, David Waltermire, March.
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.

Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Computer Security: Principles and Practice

Computer Security: Principles and Practice
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
University of Maryland I.T. Security Gerry Sneeringer IT Security Officer

University of Maryland I.T. Security Gerry Sneeringer IT Security Officer
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Securing Information Systems

Securing Information Systems
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

Similar presentations

Ads by Google