1 / 19

jEnterprise Suite For Network Monitoring and Security

jEnterprise Suite For Network Monitoring and Security. Dr. Sureswaran Ramadass, Dr. Rahmat Budiarto, Mr. Ahmad Manasrah, Mr. M. F. Pasha. Agenda. Problem Statement. What is Worm Worms Damage Effects Cost of Worms Solution Technology. The Problem. Networks nowadays suffering from

lucky
Télécharger la présentation

jEnterprise Suite For Network Monitoring and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. jEnterprise Suite For Network Monitoring and Security Dr. Sureswaran Ramadass, Dr. Rahmat Budiarto, Mr. Ahmad Manasrah, Mr. M. F. Pasha

  2. Agenda • Problem Statement. • What is Worm • Worms Damage Effects • Cost of Worms • Solution • Technology

  3. The Problem • Networks nowadays suffering from • - Viruses, Worms. • - Trojans, Spy-wares • - Ad-wares, Hijackers, Pop generators • Spam, Intrusion and many more. • If you are connected to the internet (home, corporate) then, your machine is exposed to the Internet world. And hence you are vulnerable against Worms and Viruses. • Virus and Worm are the biggest contributors to today’s network problems. And thus, firewall and antivirus alone are not enough To protect your organization from the blended threats.

  4. What is Worm? • Worms are programs that replicate themselves from system to system without the use of a host file. • Although worms generally exist inside of other files, often Word or Excel documents. • Usually the worm will release a document that already has the "worm" macro inside the document. The entire document will travel from computer to computer, so the entire document should be considered the worm. W32.Mydoom.AX@mm is an example of a worm

  5. Worms Damage Effects Once the host is infected , Worms can: • Steal YOUR private info and distribute it to all the users in your email database. • Send dummy traffic to paralyze your network. • Destroy key system files that would damage and crash your computer. • Destroy database system within your server. • Irrecoverably overwrites your personal files . • Slows down your PC.

  6. Cost of Worms • Cost for cleanup of worms worldwide. • Sobig: USD 37.1 billion • MyDoom: USD 22.6 billion • Klez: USD 19.8 billion • Nachi: USD 13 billion • Mimail: USD 11.5 billion • Swen: USD 10.4 billion • Love Bug: USD 8.8 billion • Bugbear: USD 3.9 billion Source: www.wholesecurity.com

  7. Cost of Worms… • Cost for cleanup of worms in Malaysia. • Code Red: RM 22 million • Nimda: RM 22 million • Blaster: RM 31 million • Nachi: RM 31 million • 90% of desktop computers in a Malaysian internet company experienced downtime caused by Blasted.D worm. (August 2003) Source: NISER study

  8. What Do You Need? • A holistic approach on the security strategies you currently have in place MUST be adopted To protect your organization from the new generation of blended Threats. • A solution that covers loopholes left by other security products for an all round protection and able to detect internal worm attack as well as external. • An updated Software with worm signatures armed with a warning, alerting mechanism to aware security team to take the proper action. • Advising and Recommendation

  9. What Do You Need?The Answer is m-Protect!! • Easy to install and use. • Low memory requirements. • Detects worm activity on the wire . • Live updates from m-Protect database server that consists of a comprehensive list of all known worms. • Works passively to scan network traffic for worms. • Alerts you of a potential worm attack via synthesized voice warning and visual messages as well as sms and emails. • Pinpoints the source of the computer that is broadcasting the worm packets. • Works hand in hand with 3rd party anti – virus tools. • Able to detect worms with multiple signatures. • Detect inside/outside worm attacks.

  10. Why m-Protect? • m-Protect would alert everyone in the network regarding the worm attack • Locate source of the problem. • Provide possible solutions • Besides propagation via the internet connection, Worms can still reach the internal network by: • laptops. • external media (cd, thumbdrive). • wireless access points. • encrypted/ zipped emails. Border defenses is of no use if the worm is already inside the internal network.

  11. m-Protect in action WARNING WARNING WARNING WARNING Infected PC inside your LAN Border firewall Not Protected PC, now will originate the attack again INFECTED ALERT ALERT ALERT

  12. Infected Network m-Protect in action… • Computers without sufficient antivirus / patch will be infected. • Such computers will create unwanted traffic in its attempts to infect others. • All the network users will experience “network outage”

  13. Technology-Modules

  14. Technology-Framework

  15. Technology- Enterprise

  16. Technology- Enterprise…

  17. Technology- Enterprise…

  18. The Product…

  19. Thank You Q&A

More Related