Extranet for Security Professionals Essential Services Analysis - PowerPoint PPT Presentation

About This Presentation
Title:

Extranet for Security Professionals Essential Services Analysis

Description:

ESP Services Overview. ESP Essential Services. Site Administration. Virtual Security Office (VSO) ... Virtual Security Office. Restricted Web Page. Function ... – PowerPoint PPT presentation

Number of Views:84
Avg rating:3.0/5.0
Slides: 23
Provided by: htk
Category:

less

Transcript and Presenter's Notes

Title: Extranet for Security Professionals Essential Services Analysis


1
Extranet for Security ProfessionalsEssential
Services Analysis
  • Heather T. Kowalski
  • Tong Xu
  • Ying Hao
  • Hui Huang
  • Bill Halpin
  • Oct. 31, 2000

2
Review
  • Business Mission - Central Repository of
    Security Information- Central Location for
    Information Sharing
  • - Secure Environment, Manageable Resource
  • System Requirements- SECURITY OVER RELIABILITY
  • - Exchange of Information- Responsible for
    Information Only While on ESP System- User
    Driven and Maintained
  • System Environment - Dell Power Edge Servers-
    Windows NT 4.0 (SP6)- SSL- Cold Fusion
    Middleware
  • - Only Minimal Options Activated
  • System Architecture

3
ESP Architecture
The Internet
Firewall
Router
Web Servers
To George Marty From Steve
Workstation
4
Topics of Today
  • ESP Services overview
  • Essential Services/Asset Analysis
  • Essential Services/Asset Usage Scenario
  • Essential Component Analysis

5
ESP Services Overview
6
ESP Essential Services
  • Site Administration
  • Virtual Security Office (VSO)
  • Collaboration Realm (CR)
  • Organizational Management
  • Library
  • Message Center

7
Users
  • ESP User
  • VSO CR Owners
  • Site Manager
  • Organizational Manager
  • Site Administrator

8
Site Administration
  • Maintain Hardware Assets
  • Implement Hardware Security Process
  • Database Management

9
DNS RedHat 6.2
Router Cisco 7200 128.237.144.1
IPchains
IDS-1 Windows NT 4.0 (SP6) Hot Fixes
Firewall-2 Windows NT 4.0 (SP6) Hot Fixes
IDS-2 Windows NT 4.0 (SP6) Hot Fixes
RealSecure 3.2
RealSecure 3.2
Guardian Pro V5
Web Server Windows NT 4.0 (SP6), Hot Fixes
Console
NES 3.63
Cold Fusion 4.5.1
Database
DNS RedHat 6.2
ActiveState Perl 5.5
Tripwire 2.2.1
IPchains
Visual FoxPro
10
Virtual Security Office
  • Restricted Web Page
  • Function- Information Sharing
  • - Information Dissemination
  • - Communication between Security Activity
    Groups
  • Security ConsiderationsPublic Site
  • - READ access for ALL users Private Site
  • - Access granted by VSO Owner to CERTAIN users
  • - Administrator Rights granted by VSO Owner to
    SPECIFIC users

11
Virtual Security Office
12
VSO Public View
13
VSO Private View
14
Collaboration Realm
  • Function- Provide Selected Users with Areas to
    Collaborate on Projects
  • Security Considerations- Owners have total
    control of access - View - Comment - Vote -
    Admin

15
Collaboration Realm
16
Organizational Management
  • Functions
  • Access Control to ESP website
  • Validate Users
  • Enforce ESP Policy
  • Create Further Push Down of Management
  • Security Considerations
  • Site Manager grants Administrative Rights to
    Organizational Manager
  • Organizational Manager controls Users in
    Organization ONLY

17
Organizational Management
18
Library
  • The Library Tool is used to make common reports
    and documentation available on-line to all ESP
    users.
  • The Library is Full Text Searchable.

19
Message Center
  • ESP Internal Post Office
  • Message never Leaves the Secure Web Server
  • Users can be Notified via an External Mail System

20
Primary Users
Router (FW1)
IPTCP/UDPSSL
Client WorkStation
IPTCP/UDPSSL
Firewall-2
DNS1
IDS
IPTCP/UDPSSL
Database
Web Server
DNS2
IDS
21
Primary Users
DNS RedHat 6.2
Router (FW1) Cisco 7200 128.237.144.1
Client WorkStation
IPchains
IDS-1 Windows NT 4.0 (SP6) Hot Fixes
Firewall-2 Windows NT 4.0 (SP6) Hot Fixes
IDS-2 Windows NT 4.0 (SP6) Hot Fixes
RealSecure 3.2
RealSecure 3.2
Guardian Pro V5
Web Server Windows NT 4.0 (SP6), Hot Fixes
NES 3.63
Cold Fusion 4.5.1
Database
DNS RedHat 6.2
ActiveState Perl 5.5
Tripwire 2.2.1
IPchains
Visual FoxPro
22
Future Plans
  • Regular Saturday Team Meetings
  • Planned Meeting with Client
  • Goals
  • Find Vulnerabilities
  • Identify Compromisable Components
  • Simulate Intrusions Attacks
  • Survivability Analysis
Write a Comment
User Comments (0)
About PowerShow.com