Intrusion Detection and Prevention

1

• Intrusion Detection and Prevention

2
Security is one of the most important aspects of
any network. You could have one of the most
solid and sophisticated networks in the world,
but without a secure network protecting your
businesses critical data it would be considered
stone-age by today's standards. Without
awareness, policies, software, hardware and
updated technologies to combat today's threats,
you are leaving yourself and your business
accessible and vulnerable to an endless
possibility of nightmares. A network without
security is like storing all your money under
your pillow instead of the bank.
3

• What is an Intrusion?
• Any unauthorized access or attempted access to a
  computer or network System
• Network Intrusions Come in Many Different Ways.
• Virus (Such as an e-mail attachment)
• Vulnerable Service (Such as Microsoft FTP)
• Network Sniffing (Watching Traffic on the Net)
• Physical Access to a computer
• Many Many More

4
(No Transcript)
5

• Some of the Ways to Secure your Investment
• Firewalls
• Firewall protection security system is a must if
  you are connected to the world-wide-web. Without
  a professionally configure firewall you are
  allowing yourself to be wide open for unwanted
  hackers to port scan and enter your network and
  access your system and data without your
  knowledge.
• IDS Systems
• Monitoring network activity is an important
  responsibility for network administrators, and is
  key to any security program. Those responsible
  for network security must monitor their networks
  with their security policy in mind, so that any
  violation of the policy will be detected and some
  action initiated when violations are detected.
  Intrusion detection systems (IDS's) provide
  security administrators with tools to monitor,
  detect and respond to security related incidents
  on the network.

6

• Some of the Ways to Secure your Investment (Cont)
• IPS Systems
• An IPS has the ability to block attacks in real
  time. Where traditional IDSs passively monitor
  traffic by sniffing packets off a switch port,
  IPSs sit inline and actively intercept and
  forward packets. Through inline deployment, IPSs
  can drop packets or deny connections based on
  policy settings. Traditional IDSs have limited
  response mechanisms, such as resetting TCP
  connections or requesting a firewall rule change.

7
(No Transcript)
8
Basic Firewall System
9
Basic IDS System
10
Active IDS System
11
Wide Area Network IDS System
12
Basic IDP System
13
E-Commerce / Internet Banking IDS System
14
Integrated Solutions Hosted Intrusion Detection
System
15

• Where Should I Start?
• Information Security Officer
• The first step is to assign one person to be
  your assigned Information Security Officer.
  Whether that person is a member of your
  organization or a contractor, you need to have on
  person to head up this task. One of the biggest
  security risks to many businesses currently is
  not having centralized information.

16

• Network Risk Assessment
• The second step is to evaluate your existing
  network. In most cases it is possible to design
  a security plan that will protect the network you
  already have in place. To do this you must
  understand how and why your network is configured
  the way that it is. You need to know where your
  critical data is stored, who and what should have
  access to this data. Most importantly, you need
  to know how this data can be accessed. This is
  usually done in three phases
• Information Gathering
• Analyze Information
• Prioritize Responses

17

• Security Implementation
• Now that the assessment is done, it is time to
  start putting the pieces together. It is time to
  take the information that has been gathered and
  fit it to a solution that will compliment your
  current system.
• This includes the following items

18

• Security Implementation
• Logical and Administrative Access Control
• Access Rights Administration
• Authentication
• Network Access
• Operating System Access
• Application Access
• Remote Access
• Encryption
• Encryption Key Management
• Controls to Protect Against Malicious Code
• Systems Development, Acquisition, and Maintenance
• Host and User Equipment Acquisition and
  Maintenance
• Training
• Electronic Media Handling
• Intrusion Detection and Response
• Business Continuity Considerations

19

• Security Testing
• The next step in the process is security testing.
  As new vulnerabilities are constantly emerging
  with new technology, it is important to test your
  systems on a regular basis. This will allow you
  to verify that the system is working as designed
  as well as make sure you are on top of the newest
  exploit.
• These test should include
• Penetration Testing
• Audits
• Assessments

20
Monitoring and Updating The last step in the
process is Monitoring and Updating. This is a
process that will need to be done ongoing to
insure that your system works as it is supposed
to. If you do not update the server to watch for
the newest exploits and look at the information
that it gives you, you are allowing access to
your systems as if there is no security at all.
21
How can Integrated
Solutions Help? Integrated Solutions, Inc.
assists you to ensure that your network systems
reliably support and execute mission-critical
business operations. From network security
infrastructure implementation to customized
security solutions, Integrated Solutions, Inc.
enhances network operations through proven,
business-focused solutions. Integrated
Solutions, Inc. can Plan, build, or maintain a
robust, scalable, and reliable network security
infrastructure solution that supports business
initiatives and performance requirements.
Integrated Solutions, Inc. can help you protect
assets with security solutions tailored to your
specific requirements. From state-of-the-art
penetration testing to firewall and Intrusion
Detection integration, Integrated Solutions, Inc.
Consulting Services can design and implement a
security solution for the financial industries
requirements and your business model.
22
Integrated Solutions
5002 South 114th Street Suite 100 Omaha, NE.
68137 sales_at_integratedsolutions.net www.integrat
edsolutions.net