Protecting Your Maps and Data when using ArcGIS Server

Slides:

Advertisements

Similar presentations

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Advertisements

1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

11 CONFIGURING AND MANAGING SHARED FOLDER SECURITY Chapter 8.

 The IP address and port combination at which the NetScaler appliance receives client requests for the associated web application.  A public endpoint.

5 Copyright © 2006, Oracle. All rights reserved. Securing Grid Control.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Web server security Dr Jim Briggs WEBP security1.

ArcGIS for Server Reference Implementations An ArcGIS Server’s architecture tour.

14 July CONFIGURING A PROXY SERVER IN LINUX BY ROHIT KAUL CS, BITS-PILANI.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.

Windows 2003 and 802.1x Secure Wireless Deployments.

1 Chapter Overview Creating Sites and Subnets Configuring Intersite Replication Troubleshooting Active Directory Replication.

Reconnaissance & Enumeration Baseline, Monitor, Detect, Analyze, Respond, & Recover Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago,

Microsoft ® Official Course Module 9 Configuring Applications.

1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

University of Kentucky Proxy Service Presentation By Kelly Vickery

Session 10 Windows Platform Eng. Dina Alkhoudari.

By : Himanshu Mishra Nimish Agarwal CPSC 624.  A system designed to prevent unauthorized access to or from a private network.  It must have at least.

Chapter 13 – Network Security

CIM6400 CTNW (04/05) 1 CIM6400 CTNW Lesson 6 – More on Windows 2000.

Copyright 2000 eMation SECURITY - Controlling Data Access with

Course ILT Internet/intranet support Unit objectives Use the Internet Information Services snap-in to manage IIS, Web sites, virtual directories, and WebDAV.

October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.

Denial-of-Service Attacks Justin Steele Definition “A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate.

Windows Small Business Server 2003 Setting up and Connecting David Overton Partner Technical Specialist.

Module 11: Implementing ISA Server 2004 Enterprise Edition.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.

ArcGIS Server for Administrators

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.

Building Secure Web Applications With ASP.Net MVC.

Turning Windows 7 into a Web Server Ch 28. Understanding Internet Information Services.

Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?

Module 10: Windows Firewall and Caching Fundamentals.

Firewalls. Intro to Firewalls Basically a firewall is a barrier to keep destructive forces away from your computer network.

SQL SERVER 2008 Installation Guide A Step by Step Guide Prepared by Hassan Tariq.

Windows Server 2003 群組原則設定與管理林寶森

Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.

IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.

NX Documentation Using Windows IIS (Internet Information Services) as a http server for NX documentation.

1 E-Site - FTP Services Setup / install guide. 2 About FTP services can run on any desired port(s) Runs as a windows service Works for all sites installed.

ArcGIS for Server Security: Advanced

Data Virtualization Tutorial… SSL with CIS Web Data Sources

NET 536 Network Security Firewalls and VPN

CONNECTING TO THE INTERNET

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.

Securing the Network Perimeter with ISA 2004

Home Computer Security

Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009

Big Picture How many ways can a system be attacked? What can we do about it?

6.6 Firewalls Packet Filter (=filtering router)

Unit 27: Network Operating Systems

Web Servers / Deployment

A Network Operating System Edited By Maysoon AlDuwais

APACHE WEB SERVER.

Firewall Installation

Designing IIS Security (IIS – Internet Information Service)

SBS 2008 – One year on David Overton

Presentation transcript:

Protecting Your Maps and Data when using ArcGIS Server July 14, 2011 Protecting Your Maps and Data when using ArcGIS Server David Cordes

Agenda Stopping Data Theft Stopping Unauthorized Use Q&A

Stopping Data Theft

What is Data Theft? Data Theft Either a violation of law (personal information) A violation of a license Can be your data or someone else’s Need to protect vendor data

What types of data theft occur? Violation of re-distribution clause for Features Cache tiles

What can you do about it? Prevention Communicate your policy and license Service security Cache security Throw in subtle errors for theft identification Keep query limit Monitor web server requests Look for excessive hits from a user, domain, or ip Responding Communicate – many apparent thefts are just mistakes Block ip or domains at router or web server level Remove account access to secured services

Stopping Unauthorized Use

What is unauthorized use? Unauthorized use is any violation of law or license Most common examples: Deleting data Service being accessed by unauthorized client Manager exposed to Internet Opening up “services directory” to cross-site scripting attack People can “sniff” my data

What can I do about data deletion? Every feature service with the edit capability should be secured.

Unauthorized client Use long-term token combined with monitoring Monitor and change

Manager Exposed to Internet Normally administration actions through DCOM, blocked by firewalls Manager secured by username/password Could be subject to brute force attack Java Manager on port 8399, usually safe Can be turned off .Net Manager, usually installed on port 80 (same as services) Instead don’t install Manager on default instance Run AddInstance.exe to add Manager to second instance http://bit.ly/nj69gP

Services Directory Cross-Site Scripting Upgrade to 10 SP2 Turn off services directory when exposed to Internet. Help for Java and .Net here: http://bit.ly/ngX0BD

Data Sniffing Make your folders encrypted in Manager Will require https and won’t allow http requests If you don’t check encrypted people can accidentally use http Doc: http://bit.ly/pzflyc

Evaluations http://www.esri.com/sessionevals

Q&A