Presentation is loading. Please wait.

Presentation is loading. Please wait.

All rights reserved © 2005, Alcatel Enhanced Security situational Awareness for (Enterprise) networks  Bertrand Marquet / François Cosquer  Alcatel.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "All rights reserved © 2005, Alcatel Enhanced Security situational Awareness for (Enterprise) networks  Bertrand Marquet / François Cosquer  Alcatel."— Presentation transcript:

1 All rights reserved © 2005, Alcatel Enhanced Security situational Awareness for (Enterprise) networks  Bertrand Marquet / François Cosquer  Alcatel

2 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 2 Agenda The security challenge Situational awareness by Security Assurance measurement How can security assurance be measured Addressing complexity Illustrations Conclusion / questions

3 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 3 Security challenge  Deploying new technologies, businesses are faced with challenge of : Reducing possible associated risks With increasing productivity based on confidence in current security functions deployed Security Assurance = confidence / (residual) risks Risks Confidence in counter measures Manage it in an acceptable range (ratio cost/loss) Cost too high Loss too high

4 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 4 Situational awareness by security assurance measurement  Assurance Measurement is characterized by : Effectiveness of the security countermeasure versus Likelihood of a risk occurrence Security Assurance = confidence / (residual) risks Risks Confidence in counter measures Measurement Cost too high loss too high Effectiveness Likelihood

5 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 5 How can assurance be measured ?  Mainly, using two systems, sometimes combined, Intrusion Detection System  Measure lack of effectiveness of security function  Generate too much (security) noise Vulnerability assessment / patch management  Measure likelihood of an potential vector of risk based on combination of several thousands identified vulnerabilities  Scalability challenging  Main challenge is to address complexity

6 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 6 Addressing complexity (1/2): Concepts Ability to assure in operation = F (1/Complexity)  Reduce the complexity to measure the assurance  Selection of points of measurement of the assurance

7 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 7 Addressing complexity (2/2): One implementation  Reduce selectively the complexity to measure the assurance  Phase 2 Deploy and Calibrate intelligent “probes”  Phase 2 Provide (near) real time associated indicators During operation (require light process)  Phase 1 Spot top 10(-20) “problems” in the topology Before operation (compatible with heavy process)

8 All rights reserved © 2005, Alcatel (Simplified) Illustration  Wireless / Mobile

9 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 9 Risk / Topology base station fixed nomadic access controller NMS billing system IP Backbone WiMAX Internet fixed nomadic WiFi Access Points AAA server mobile SIP phone access controller Fixed Threat level High Medium Low

10 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 10 Low level of security assurance base station fixed nomadic access controller NMS billing system Gateway IP Backbone WiMAX Internet fixed nomadic WiFi Access Points AAA server mobile SIP phone access controller Fixed Assurance Level High = A+B+C Medium = A +B Low = A A A A

11 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 11 Increased level of assurance + SOX base station fixed nomadic access controller NMS billing system Gateway IP Backbone WiMAX Internet fixed nomadic WiFi Access Points AAA server mobile SIP phone access controller Fixed Assurance Level High = A+B+C Medium = A +B Low = A Regulation specific = R B A A A B B B R

12 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 12 Security assurance topology B A A A B B R B A A A Metric - Successful / failed auths Calibration Statistics Metric Calibration Metric Calibration Low assurance Higher assurance

13 All rights reserved © 2005, Alcatel Conclusion

14 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 14 Conclusion  Security assurance as, a confidence factor, needs to be measured when securing (enterprise) network  Complexity of data and voice networks is a major obstacle to measure the security assurance  We are working on complementary approaches to guaranty effective security in order to protect Intellectual property (Confidentiality, Integrity) Continuity of business (Availability) But also, Justify security (investments) Provide proofs (Regulation/law compliance)  Alcatel has initiated and is involved in several research projects to address those topics Funded Canadian Defense project Funded European Consortium

15 All rights reserved © 2005, Alcatel

16 Toronto, May 19th, 2005 Page 16 Security  Reducing risks to an Enterprise Network  “Strategic, Technical” Protection of the intellectual property of the enterprise Business continuity  “Legal” Regulation and legal compliance

17 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 17 Countermeasures (1/2)   Giving countermeasures of potential threats to assets of the enterprise Incidentals Deliberate Internal/external  Necessary (mandatory) response for regulations compliance SOX, GLBA HIPAA, More to come ….

18 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 18 Countermeasures (2/2)  Protection mechanisms deployed to guaranty fundamental properties: Confidentiality, Integrity, Availability.  Of data flows through diverse and combined types of measures Preventive, Detective, Reactive.

19 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 19 Losses vs. costs Manage it in an acceptable range Situational awareness Security assurance $ “security level” Risk costs Risk losses Risk losses + costs

20 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 20 Phase 1 “Security Reduced” topology One solution is Topology overlay to spot most critical devices, based on vulnerabilities research  So the reduced topology become the top 10- 20 critical devices or functions  Heavy process as a decision support not operation Regulations explicitly describe point of measurement  Traceability from requirements  Assurance required on the identified security enforcing component

21 All rights reserved © 2005, Alcatel Toronto, May 19th, 2005 Page 21 Phase 2:  Challenges: Define Metrics Heavy process results can be used  to validate metrics and calibrate measurement  To limit false positive / retroaction Visualization with simple indicators Association of security Assurance level  Increase/decrease the requested level of assurance – Change metrics of indicators – Increase/decrease the numbers of indicators

Download ppt "All rights reserved © 2005, Alcatel Enhanced Security situational Awareness for (Enterprise) networks  Bertrand Marquet / François Cosquer  Alcatel."

Similar presentations

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.
Www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most.

© QinetiQ North America, Inc QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 © 2002 Carnegie.

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Developing Information Security Policy. Why is Developing Good Security Policy Difficult? Effective Security/IA Policy is more than locking doors and.

Developing Information Security Policy. Why is Developing Good Security Policy Difficult? Effective Security/IA Policy is more than locking doors and.
Lisa Farmer, Cedo Vicente, Eric Ahlm

Lisa Farmer, Cedo Vicente, Eric Ahlm
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.
Chapter 12 Network Security.

Chapter 12 Network Security.
The Way Ahead for Information Systems Security: What You Don’t Know Can Hurt You Christopher Baum Research Vice President Global Government NYSCIO Conference.

The Way Ahead for Information Systems Security: What You Don’t Know Can Hurt You Christopher Baum Research Vice President Global Government NYSCIO Conference.
Term Project Pick a system (discuss choice with me)  Want simple functionality, security issues, whole system (e. g., client and server side) Submit a.

Term Project Pick a system (discuss choice with me)  Want simple functionality, security issues, whole system (e. g., client and server side) Submit a.
Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.

Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen Dr. Mark Stamp SJSU - CS 265 Spring 2003 STEM is proposed as a solution to network vulnerabilities,

Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen Dr. Mark Stamp SJSU - CS 265 Spring 2003 STEM is proposed as a solution to network vulnerabilities,
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Vulnerability Management Dimension Data – Tom Gilis 24 November 2011.

Vulnerability Management Dimension Data – Tom Gilis 24 November 2011.
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

Chapter 2 Information Security Overview The Executive Guide to Information Security manual.

Similar presentations

Ads by Google