1 / 23

Security Management

Security Management. IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong. Note:. Textbook now available in bookstore Essay due next week in tutorials Seminars one and two due next week in tutorials Lecture note powerpoint files can be accessed from

kalila
Télécharger la présentation

Security Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong

  2. Note: • Textbook now available in bookstore • Essay due next week in tutorials • Seminars one and two due next week in tutorials • Lecture note powerpoint files can be accessed from • http://www.uow.edu.au/~gene/2005/iact418/lectures/

  3. Overview Security Management • Security management is the process of protecting sensitive information • Sensitive information is any data an organisations wants to secure • It may include • Payroll data • Customer accounts • Research and development schedules

  4. Overview Security Management • Security management enables network engineers to protect sensitive data by • Limiting access to hosts and network devices • Notifying the engineer of actual breaches

  5. Overview Security Management • It consists of • Identifying the sensitive information to be protected • Finding the access points • software services • Hardware components • Network media • Securing the access points • Maintaining the secure access points

  6. Overview Security Management • Should NOT be confused with • Application security • Operating system security • Physical security

  7. Benefits of the Security Management Process • Primary concern of users • Lack of security for sensitive information located on HOST • One solution • Remove network access to host • Whilst secure this method is not efficient and removes need for data network altogether • Drawbacks of NOT having security management • All users have access to ALL information • What happen if network connects to a public network • Virus and worm attacks

  8. Accomplishing Security Management • Balance required between • Need to secure sensitive information • Needs of users to access information to do their job • Security Management involves the following four steps • Identify the sensitive information • Find the access points • Secure the access points • Maintain the secure access points

  9. Identify the Sensitive Information • Determine which hosts on the network have sensitive information • Organisation may have polices on what is considered sensitive • Information may relate to • Accounting • Financial • Customer • Market • Engineering • Employees

  10. Identify the Sensitive Information • What is defined as sensitive may vary depending on the specific environment • Most difficult part may be identifying WHERE the information resides

  11. Find the Access Points • Once you know • What data is considered sensitive • Where the data is located • Need to find out how network users access the information • Access methods and points may be • Physical • Software

  12. Find the Access Points • Software that accesses the network can potentially access any data on the network • Most networks allow for remote login • If remote login doesn’t • Identify users uniquely and • Limit their movements to authorised areas • This access point needs to be examined

  13. Find the Access Points • File transfer programs • If users cannot be uniquely identified • Use needs to be examined or limited • Restrict access to onsite • DMZs • Firewall anonymous FTP

  14. Find the Access Points • Other programs to examine may include • Email • Remote process execution • File and directory servers • Name servers • Web servers

  15. Find the Access Points • Security management can be accomplished by • Hiding information from client systems • Segmenting network into regions • Apple zones • DMZ

  16. Find the Access Points • Leaks may come from • Network analysers • Network management protocols • Network management system • Policies may include • Hosts with sensitive information may not also allow anonymous FTP • Personal computer software packages MUST meet security standards before installation

  17. Secure the Access Points • Access points can be secured by • Using encryption at the data link layer • Secure traffic flow by using packet filters at the network layer • On every host use one or more of • Host authentication • User authentication • Key authentication

  18. Maintain the Secure Access Points • Key to maintaining security is the location of actual or potential security breaches • May be done as part of the security audit • Hard to keep current with volume of networking software • May use a program itself to check for known security problems • May offer a cash prize to first to breach security • Generally offered by company who designed software/hardware

  19. Attaching to a Public Network • Three types of access from a public data network to an organisations network • No access • Send and receive email • Modem used • Full access • Limited access • Small subset of hosts authorised to provide public access service • These hosts should be separated with firewall from private zone

  20. Security Management on a Network Management System • Simple • Show where security measures have been set up • Show all security measures applicable to device or host • Query configuration database

  21. Security Management on a Network Management System • More Complex • Include real time application to monitor access points • Query number of breaches using network management tool • Produce reports on breaches • Automatic notification • Advanced • Use data to guide network engineers • Examine types of security required • Alerts for repercussions

  22. Reporting Security Events • Audit trails that summarise and report on security • Example • Key personnel leaving to go to competition • Remove physical access to network • Remove accounts, change passwords etc • Set up, or confirm, audit trails on device former employee had access to • Look for files application employee may have altered to gain future access

  23. Note: • Textbook now available in bookstore • Essay due next week in tutorials • Seminars one and two due next week in tutorials • Lecture note powerpoint files can be accessed from • http://www.uow.edu.au/~gene/2005/iact418/lectures/

More Related