Presentation is loading. Please wait.

Presentation is loading. Please wait.

GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 Computer Emergency Response Teams Andy Bone JANET-CERT Manager

Similar presentations


Presentation on theme: "GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 Computer Emergency Response Teams Andy Bone JANET-CERT Manager"— Presentation transcript:

1 GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 Computer Emergency Response Teams Andy Bone JANET-CERT Manager © CERTs

2 GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 Whats in a name CERTS come in many shapes and sizes, they can have many names: Some of the more common are: CSIRT - Computer Security Incident Response Team SIRT - Security Incident Response Team IRT - Incident Response teams CERT is a registered trademark to CERT CC situated at Carnegie Melon University, Pittsburgh. The original CERT created by the US Government in 1988 after a major internet worm attack. INCIDENT RESPONSE

3 GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 Types of CERT Internal CERTs - Janet CERT provide services for their parent organisation. Co-ordination Centers – CERT CC coordinates across other CERTs tend to work on a bigger scale such as country, world stage. Analysis Centers focus on trends to provide early warning of attacks. Vendor Teams track and provide early warnings for vulnerabilities, they may also perform incident handling within their organisation. Incident Handling Providers Independent providing services for profit

4 GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 Why a CERT

5 GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 What can a CERT Offer Co-ordination of world wide as well as local incidents It is know and is trusted (vital) by its constituency Current specialist knowledge and resources Speedy response (in line with SLA) Triage of Incidents Protects its constituents, their reputation and the network Central point to gather and disseminate information Has access to internal/external sources and contacts Can tailor and distribute relevant information to its own constituency

6 GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 JANET-CERT Service Level Agreement through the JISC Response Receive and co-ordinate incident reports until completion. Offer advice to our constituents on corrective actions. Liaison with both internal/external sites/agencies including other CERTS and law enforcement to resolve differences. Protect the network Authorised to disconnect or block sites or equipment that pose a threat

7 GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 JANET-CERT Information We provide two mailing lists providing information (CERT Contacts) –UK-Security-Announce (Read only external to CERT) »CERT advisories of new threats/solutions or announcements –UK-Security (Cert Contacts and related recommended constituents) »Security related discussion and the information provided above. »Technical, policy and minor legal Support. Web site ( Papers, reports, articles, guides and notes. –In Paper and digital form at

8 GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 JANET-CERT Awareness Training courses Conferences & Workshops Presentations Liaison Other CERTS (UK-CERT, TF-CSIRT and FIRST) Law enforcement and the security services. External network operators and ISPs Anyone else that asks to share mutual information.

9 GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 JANET-CERT Resources Staffing Currently 8 personnel Manned From 0800 – 1800 Mon-Fri Oncall 1800 – 2359 weeknights and 0900 – 1700 weekends excluding UK bank holidays, Xmas day, boxing day and Easter Sunday. Communications Telephone: +44 (0) Fax: +44 (0)

10 GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 Questions


Download ppt "GRID Security Workshop, 5-6 December 2002©The JNT Association, 2002 Computer Emergency Response Teams Andy Bone JANET-CERT Manager"

Similar presentations


Ads by Google