Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI.

Published byMegan Adams Modified over 8 years ago

Similar presentations

Presentation on theme: "How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI."— Presentation transcript:

1 How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI

2 Proactive Security Model Map Architecture Digital Asset ID Profile Model Identify Vulnerabilities Standardize Policies Incident Response Training Risk Assessment

3 Defense in Depth Strategy Multiple (overlapping) Layers Narrow “windows” of access per layers High Fault tolerance Always assume that the higher layer will fail

4 Defense in Depth Strategy Perimeter Defenses Network Defenses Host Defenses Application Defenses Data and Resources

5 Defense in Depth Strategy Perimeter Defenses Physical Access Control Remote video monitoring Essential personnel access only Network Defenses VLAN access control lists Firewall (Zones) Auditing Packet Inspection / Intrusion Detection Host Defenses Server hardening Auditing and host intrusion detection Packet filtering

6 Defense in Depth Strategy Application Defenses Validation Checks Verify HTML & Cookies source Secure Web Services Data and Resources Authentication method Data encryption Services Account

7 Securing Virtualization in Data Centers VMM or Hypervisor VMM or Hypervisor Hardware Integrated Security VM Integrated Security VM App OS Next-Generation Virtualization Security: Control virtual machine Control virtual machine management - Hypervisor Security VM Features: Centralized network protection VM NAC, assessment, and control Hypervisor Security: Hypervisor attestation (Trusted Platform Module, or TPM) VM attestation (vTPM) Guest VM Guest VM Guest VM Guest VM Mgmt Network Protection (IPS/FW) Host Protection (AV/HIPS) Policy-Based MAC NAC, Assessment & Control TPM Security APIs vTPM FinanceEngineering 7

8 Topological View

9 3-D Visualization

10 Role-Based Dashboard Situational Awareness Enterprise Focused

11 Top Five Recommendations 1.Vulnerability scans 2.Patch management 3.Multi-layered security 4.Policy refresh 5.Integration of logical and physical controls

12 Thought for the day Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away. Antoine De Saint-Exupery (1900-1944)

13 THANK YOU Rob Lara Robert.Lara@GTSI.com

Download ppt "How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI."

Similar presentations

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP, CCSK Principal Systems Engineer – Security.

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP, CCSK Principal Systems Engineer – Security.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
This paper states that one of the major problem to the adoption of cloud computing is that of security.  Existing cloud computing problem or concerns.

This paper states that one of the major problem to the adoption of cloud computing is that of security.  Existing cloud computing problem or concerns.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.

BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.
Information Security in Real Business

Information Security in Real Business
Controls for Information Security

Controls for Information Security
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
Virtualization for Cloud Computing

Virtualization for Cloud Computing
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
5205 – IT Service Delivery and Support

5205 – IT Service Delivery and Support
Microsoft delivers a complete datacenter solution with Windows Server 2012 R2 out-of-the-box Cloud OS Development Management Identity Virtualization.

Microsoft delivers a complete datacenter solution with Windows Server 2012 R2 out-of-the-box Cloud OS Development Management Identity Virtualization.
University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.

University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.
System Center 2012 Setup The components of system center App Controller Data Protection Manager Operations Manager Orchestrator Service.

System Center 2012 Setup The components of system center App Controller Data Protection Manager Operations Manager Orchestrator Service.
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.

Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Similar presentations

Ads by Google