Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sway7-1 NabiTel  User Administration : 사용자 등록 관리  Global Sign-On : 사용자 Log On 관리  Security Manager : 보안 정책 생성 및 적용 관리  Policy Director : 웹 서버 접근 관리.

Published byOsborne Fields Modified over 9 years ago

Similar presentations

Presentation on theme: "Sway7-1 NabiTel  User Administration : 사용자 등록 관리  Global Sign-On : 사용자 Log On 관리  Security Manager : 보안 정책 생성 및 적용 관리  Policy Director : 웹 서버 접근 관리."— Presentation transcript:

1 Sway7-1 NabiTel  User Administration : 사용자 등록 관리  Global Sign-On : 사용자 Log On 관리  Security Manager : 보안 정책 생성 및 적용 관리  Policy Director : 웹 서버 접근 관리  Privacy Manager : 개인 정보 접근 관리  Risk Manager : 침입 위험 관리  PKI : 공개 키를 이용한 인증 관리  User Administration : 사용자 등록 관리  Global Sign-On : 사용자 Log On 관리  Security Manager : 보안 정책 생성 및 적용 관리  Policy Director : 웹 서버 접근 관리  Privacy Manager : 개인 정보 접근 관리  Risk Manager : 침입 위험 관리  PKI : 공개 키를 이용한 인증 관리 Component : Risk Manager

2 Sway7-2 NabiTel Component : Risk Manager - 특징  Enterprise-wide centralized risk management solution  Attacks, threats and exposures  Correlate information from firewalls, IDS, scanner, etc.  Easy of use  Real-time monitoring: no expertise required  High degree of integrity and confidence  Cover multiple security checkpoints  Automated countermeasure: find out unauthorized access  Enterprise-wide centralized risk management solution  Attacks, threats and exposures  Correlate information from firewalls, IDS, scanner, etc.  Easy of use  Real-time monitoring: no expertise required  High degree of integrity and confidence  Cover multiple security checkpoints  Automated countermeasure: find out unauthorized access

3 Sway7-3 NabiTel Component : Risk Manager - 특징 ( 계속 )  Decision Support for Firewall Management  Configuration changes  Denied connections  Firewall event types  Decision Support for Intrusion Detection  Types of attack: access violation, DOS, etc.  Location of attackers  Resources most frequently attacked  Decision Support for Firewall Management  Configuration changes  Denied connections  Firewall event types  Decision Support for Intrusion Detection  Types of attack: access violation, DOS, etc.  Location of attackers  Resources most frequently attacked

4 Sway7-4 NabiTel Component : Risk Manager - 특징 ( 계속 )  Decision Support for Virus Management  Compliance with virus management policy  Detected virus type  Systems mostly attacked  Downtime and service-level implications  Decision Support for Risk Assessment  Access violations  Configuration changes: applications, networks  Decision Support for Virus Management  Compliance with virus management policy  Detected virus type  Systems mostly attacked  Downtime and service-level implications  Decision Support for Risk Assessment  Access violations  Configuration changes: applications, networks

5 Sway7-5 NabiTel Component : Risk Manager - IDS Example

6 Sway7-6 NabiTel Component : Risk Manager - IDS Type  Intrusion Detection Systems (IDS) Types  Host-based  Network-based  An important form of IDS consists of an agent that is placed on individual servers, which then interacts with a centrally located server whose purpose is to analyze data collected from various components out in the network.  Another form of IDS involves polling for status and unusual activity.  A third form is log analysis.  A complete IDS system will integrate and build upon existing system management components.

7 Sway7-7 NabiTel Component : Risk Manager - IDS Technology  Change detection  Writing to configuration files  Deleting/writing to log files  Process analysis  Start of unknown processes  Stop of important processes  Object signatures  Changes in persistent objects, such as key files, executables, and static Web pages  Historical norms  Unusually high volumes of activity outside of normal operating hours  Unusually large transaction values for a user  Unusually large numbers of transactions from/to the same user

8 Sway7-8 NabiTel Administrator TEC server Native Alerts Mgnt DB Component : Risk Manager - Architecture Tivoli SecureWay Risk Manager Adapter Tivoli Management Agent Managed Node Event Management Alert/Event Native format IDEF: Intrusion Detection Exchange Format Secure Framework Communication Rule DB Correlation Risk Decision

9 Sway7-9 NabiTel -CheckPoint Firewall- 1 -Cisco PIX Firewall Component : Risk Manager - Technology Tivoli SecureWay Risk Manager -ISS RealSecure Network Engine -Cisco Secure IDS -Tivoli Network IDS -IBM Research Network Scanner -Cisco Routers -Symantec Norton AntiVirus for Desktops -ISS RealSecure System Agent -Tivoli Host IDS for Windows, AIX and Sun servers -Tivoli WebIDS for WebSphere, IIS, Domino, Apache, Netscape servers

10 Sway7-10 NabiTel Central Security OS level IDS Web Servers Firewall Network Mgrs Appls Security Event Correlation/Automation Policy Director Component : Risk Manager - TEC Integration

11 Sway7-11 NabiTel Component : Risk Manager - 효과  Single Point Risk Center  Risk correlation possible  Enterprise-wide management  Reliable decision  Quick, Effective response  Risk mitigation  Increased availability  Management as a Whole  생산성 증대  관리 효율성 향상  Single Point Risk Center  Risk correlation possible  Enterprise-wide management  Reliable decision  Quick, Effective response  Risk mitigation  Increased availability  Management as a Whole  생산성 증대  관리 효율성 향상 Administrator Risk Manager Symptom-2 Symptom-1Symptom-n

12 Sway7-12 NabiTel Component : Risk Manager - Platform  Managed Technologies  ISS Real Secure Network engine and System agent 3.2.x  Cisco SecureID 2.2  CheckPoint Firewall-1 and VPN-1 V4  Cisco PIX Firewall 506, 520, 525  Cisco routers running IOS 11.2  Symantec Norton AntiVirus 7  Tivoli Web IDS  Tivoli Network IDS  Tivoli Host IDS  Managed Technologies  ISS Real Secure Network engine and System agent 3.2.x  Cisco SecureID 2.2  CheckPoint Firewall-1 and VPN-1 V4  Cisco PIX Firewall 506, 520, 525  Cisco routers running IOS 11.2  Symantec Norton AntiVirus 7  Tivoli Web IDS  Tivoli Network IDS  Tivoli Host IDS  Risk Manager Toolkit  Built on TEC  Leverages TEC API  Risk Manager Toolkit  Built on TEC  Leverages TEC API

13 Sway7-13 NabiTel Bendigo Bank 호주 Major 은행 Tivoli Risk Manager 를 이용하여 인터넷 뱅킹 시스템을 구성하고 있는 보안 툴에 대한 통합 보안 관리 시스템 구축 통합 보안 관리 대상 Firewalls: Checkpoint Firewall-1 IDS: ISS RealSecure NIDS WebServer: MS IIS Routers: Cisco Routers Norton Anti-virus N/W Topology Firewalls: DMZ 구간 IDS: DMZ 구간 WebServer: internal firewall Routers: outside firewall, internet RM Server: internal/secure network, Non-TME Adapter 로 구성하여 방화벽 port open 최소화 Component : Risk Manager - Bendigo Bank

14 Sway7-14 NabiTel HIT IDC Center 현대정보기술 IDC 센터 Tivoli Risk Manager 를 이용하여 IDC 센터 내의 보안툴에 대한 통합 보안 관리 시스템 구축 통합 보안 관리 대상  Firewalls: Checkpoint Firewall-1  IDS: Tivoli SecureWay Risk Manager NIDS  WebServer  서버 보안 툴 : Tivoli Security Manager  Router: Cisco Router  AntiVirus: Norton AntiVirus 특징  IDC 센터 내의 보안 툴에 대한 이벤트 / 로그 통합 관리  통합 보안 관제 시스템 구축  UNIX/OS390 통합 보안 관리 시스템 구축  SMS 와 보안시스템과의 통합 관리 시스템 구축 Component : Risk Manager - HIT

15 Sway7-15 NabiTel  미 국방성  Bendigo Bank – Australia ( ‘ 2001)  Hit IDC Center ( ‘ 2001) Component : Risk Manager - Reference

Download ppt "Sway7-1 NabiTel  User Administration : 사용자 등록 관리  Global Sign-On : 사용자 Log On 관리  Security Manager : 보안 정책 생성 및 적용 관리  Policy Director : 웹 서버 접근 관리."

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.

Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.
Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.

Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.
Security Monitoring & Management Security Control Panel Sensors & Detection Devices $ $ $ $ $ $ Physical Security Monitoring.

Security Monitoring & Management Security Control Panel Sensors & Detection Devices $ $ $ $ $ $ Physical Security Monitoring.
Computer Security II Lecturer – Lynn Ackler – Office – CSC 222 – Office Hours 9:00 – 10:00 M,W Course – CS 457 – CS 557.

Computer Security II Lecturer – Lynn Ackler – Office – CSC 222 – Office Hours 9:00 – 10:00 M,W Course – CS 457 – CS 557.
Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.

Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.
The Case for Tripwire® Nick Chodorow Sarah Kronk Jim Moriarty Chris Tartaglia.

The Case for Tripwire® Nick Chodorow Sarah Kronk Jim Moriarty Chris Tartaglia.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
Sway3-1 NabiTel Component : Global Sign-On  User Administration : 사용자 등록 관리  Global Sign-On : 사용자 Log On 관리  Security Manager : 보안 정책 생성 및 적용 관리  Policy.

Sway3-1 NabiTel Component : Global Sign-On  User Administration : 사용자 등록 관리  Global Sign-On : 사용자 Log On 관리  Security Manager : 보안 정책 생성 및 적용 관리  Policy.
Intrusion Detection Systems By: William Pinkerton and Sean Burnside.

Intrusion Detection Systems By: William Pinkerton and Sean Burnside.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.

A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.

1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.
Introduction to the new mainframe: Large-Scale Commercial Computing © Copyright IBM Corp., 2006. All rights reserved. Chapter 7: Systems Management.

Introduction to the new mainframe: Large-Scale Commercial Computing © Copyright IBM Corp., All rights reserved. Chapter 7: Systems Management.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
A survey of commercial tools for intrusion detection 1. Introduction 2. Systems analyzed 3. Methodology 4. Results 5. Conclusions Cao er Kai. INSA lab.

A survey of commercial tools for intrusion detection 1. Introduction 2. Systems analyzed 3. Methodology 4. Results 5. Conclusions Cao er Kai. INSA lab.
Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,

Intrusion Detection Systems. Definitions Intrusion –A set of actions aimed to compromise the security goals, namely Integrity, confidentiality, or availability,

Similar presentations

Ads by Google