Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enterprise Security Management Franklin Tinsley COSC 481.

Published byLydia Kennedy Modified over 7 years ago

Similar presentations

Presentation on theme: "Enterprise Security Management Franklin Tinsley COSC 481."— Presentation transcript:

1 Enterprise Security Management Franklin Tinsley COSC 481

2 Overview Introduction Examples of PSP’s Point Solution Products What is ESM What ESM Does Purpose Desired Properties of ESM Conclusion

3 Introduction Given the important role of information technology in today’s enterprise, information security is a key component in modern planning and management. However as enterprises continue to grow larger security continues to become more challenging. To meet this challenge, security vendors began providing point solution products for known security problems.

4 Examples of PSP’s Firewalls control access to company network IDS monitor possible intrusions Sniffers analyze packets transmitted in and out of networks Antivirus Software mitigate risk of virus attacks

5 Point Solution Products Usually come from different vendors and run on different operating systems. This results in large complex environments, because of the different pieces of hardware, operating systems and application software. Each product performs the functions that is was designed to do. However as a whole the products are not usually compatible and often do not talk to each other.

6 What is ESM ? Enterprise Security Management involves creating enterprise wide security solutions and managing security information from an enterprise perspective. This occurs by creating a solution that determines the best way to design and configure the products to complement and enhance the security solution

7 What ESM Does ESM centralizes network information in one local place and has the ability to collect, process and report in real time the various types of security devices or applications deployed on a network ESM takes into account the business function of the network and the mission criticality of the information residing in the network device.

8 ESM Cont ESM must be flexible enough to provide efficiency in information transfer, filtration and transmission minimizing network congestion. While allowing peer to peer communication and continuous growth for future network expansion.

9 Purpose The purpose of ESM is to help reduce the amount of data that is forwarded to the analysts by only forwarding important events, reducing the number of false positives, leaving more time to deal with actual attacks. Allowing for more insightful decisions during the decision making process.

10 Holistic Approach Holistic Approach- Taking into account the nature of the business, the security information captured, and its relationship to the organization’s security policy. Ensuring that the solution chosen is relevant to the enterprise and serves the correct security need.

11 Event Correlation Event Correlation- Takes information from diverse sources and find relationships that are not immediately obvious. This results in improved incident response with relevant solutions to problems.

12 Centralized Management Centralized Management- ESM should allow for an enterprise view of security in the organization from a central location. Allowing for remote deployment of policies to multiple devices along with communication between the control point and remote devices.

13 Portability The ESM should be platform independent. This will ensure that deployment is not a costly process when the organization has to modify its business to a new environment when ESM is deployed

14 Conclusion As a result of the level of complexity that goes with capturing, classifying analyzing and correlating different types of data from a number of sources enterprise security management will remain a demanding task. However management will be able to make better decisions regarding the business and security based on the information gathered.

15 References http://www.sei.cmu.edu/news-at- sei/features/2005/1/feature-2-2005-1.htmhttp://www.sei.cmu.edu/news-at- sei/features/2005/1/feature-2-2005-1.htm http://www.giac.org/certified_profession als/practicals/gsec/2750.phphttp://www.giac.org/certified_profession als/practicals/gsec/2750.php Matunda Nyanchama, PhD, CISSP & Paul Sop, CISSP, CISA. “Enterprise Security Management: Managing Complexity” http://www.intellitactics.com/products/w hitepapers_form.htmlhttp://www.intellitactics.com/products/w hitepapers_form.html

Download ppt "Enterprise Security Management Franklin Tinsley COSC 481."

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
Managing Hardware and Software Assets

Managing Hardware and Software Assets
2 Introduction A central issue in supporting interoperability is achieving type compatibility. Type compatibility allows (a) entities developed by various.

2 Introduction A central issue in supporting interoperability is achieving type compatibility. Type compatibility allows (a) entities developed by various.
European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies Scalability.

European Research Network on Foundations, Software Infrastructures and Applications for large scale distributed, GRID and Peer-to-Peer Technologies Scalability.
COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.

COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.
Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.

Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.
ONE STOP THE TOTAL SERVICE SOLUTION FOR REMOTE DEVICE MANAGMENT.

ONE STOP THE TOTAL SERVICE SOLUTION FOR REMOTE DEVICE MANAGMENT.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Bring Your Own Device (BYOD) Understanding BYOD June 27, 2013 © 2013 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks.

Bring Your Own Device (BYOD) Understanding BYOD June 27, 2013 © 2013 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
Data - Information - Knowledge

Data - Information - Knowledge
Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.

Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
A Case Study for the Value of GSA protocol implementation The Canadian Experience.

A Case Study for the Value of GSA protocol implementation The Canadian Experience.
VENDORS, CONSULTANTS AND USERS

VENDORS, CONSULTANTS AND USERS
5205 – IT Service Delivery and Support

5205 – IT Service Delivery and Support
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Similar presentations

Ads by Google