Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Slides:



Advertisements
Similar presentations
Security Monitoring & Management Security Control Panel Sensors & Detection Devices $ $ $ $ $ $ Physical Security Monitoring.
Advertisements

 The Citrix Application Firewall prevents security breaches, data loss, and possible unauthorized modifications to Web sites that access sensitive business.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
The Case for Tripwire® Nick Chodorow Sarah Kronk Jim Moriarty Chris Tartaglia.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.
Access Control Chapter 3 Part 5 Pages 248 to 252.
IT security Are you protected against hackers?. Why are we in danger?  The Internet is worldwide, publicly accessible  More and more companies and institutes.
Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
1 Telstra in Confidence Managing Security for our Mobile Technology.
A Technical Overview of Microsoft Forefront Client Security (FCS) Howard Chow Microsoft MVP.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security+ Guide to Network Security Fundamentals
Chapter 12 Network Security.
Firewall Ercan Sancar & Caner Sahin. Index History of Firewall Why Do You Need A Firewall Working Principle Of Firewalls Can a Firewall Really Protect.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.
Implementing ISA Server Caching. Caching Overview ISA Server supports caching as a way to improve the speed of retrieving information from the Internet.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
IIS 7: The Next Generation Web Application Server Platform Michael Volodarsky Program Manager Web Platform and Tools Team Microsoft Corporation.
Understanding and Managing WebSphere V5
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.
Dynamic Firewalls and Service Deployment Models for Grid Environments Gian Luca Volpato, Christian Grimm RRZN – Leibniz Universität Hannover Cracow Grid.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
Honeypot and Intrusion Detection System
MANAGEMENT ANTIMALWARE PLATFORM Microsoft Malware Protection Center Dynamic Signature Svc Available only in Windows 8 Endpoint Protection Management.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Chapter 6 of the Executive Guide manual Technology.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
11 CONFIGURING TCP/IP ADDRESSING AND SECURITY Chapter 11.
Firewalls First notions. Breno de MedeirosFlorida State University Fall 2005 Types of outsider attacks Intrusions –Data compromise confidentiality, integrity.
Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.
 Chapter 14 – Security Engineering 1 Chapter 12 Dependability and Security Specification 1.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
A Networked Machine Management System 16, 1999.
Hands-On Microsoft Windows Server Implementing Microsoft Internet Information Services Microsoft Internet Information Services (IIS) –Software included.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
ISA Server 2004 Introduction Владимир Александров MCT, MCSE, MCSD, MCDBA Корус, Управител
Microsoft Management Seminar Series SMS 2003 Change Management.
PwC New Technologies New Risks. PricewaterhouseCoopers Technology and Security Evolution Mainframe Technology –Single host –Limited Trusted users Security.
Security fundamentals Topic 10 Securing the network perimeter.
© 2008 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. Cyber Security and the National.
Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.
Role Of Network IDS in Network Perimeter Defense.
Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.
Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos
HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,
Managing Windows Security
Top 5 Open Source Firewall Software for Linux User
Critical Security Controls
Backdoor Attacks.
Introduction to Networking
HTML Level II (CyberAdvantage)
Internet Service Provider Attack Scenario
Chapter 27: System Security
Exploiting sandbox backdoor it with one evil Nikolay Klendar bsploit gmail.com.
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
Designing IIS Security (IIS – Internet Information Service)
Securing web applications Externally
Presentation transcript:

Before: Servers Behind Firewalls

Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Servers Placed in DMZ

Holes Punched in Firewall…

Internet Facing Servers are at Risk

And Through Them - Entire Network

Why Are Web Servers Vulnerable? Complexity Mix of software from different vendors Web masters have administrative privileges

How Are Web Servers Attacked? Code injected through HTTP requests –Typically using a buffer-overflow vulnerability Attack used to: –Deface web site –Install Trojan horse –Plant backdoors –Attack deeper into the organization

Attack Scenario

Solution: WaveBreaker

File System NetworkRegistryProcesses OS Services IIS Applications WaveBreaker Architecture

WaveBreaker Interception Layer File System NetworkRegistryProcesses IIS Authorizer Admin console

WaveBreaker Architecture File System NetworkRegistryProcesses WaveBreaker Interception Layer IIS Authorizer Admin console

File System WaveBreaker Interception Layer WaveBreaker Architecture NetworkRegistryProcesses OK Authorizer IIS Admin console

WaveBreaker Architecture File System NetworkRegistryProcesses WaveBreaker Interception Layer IIS Authorizer OK Admin console

WaveBreaker Architecture File System NetworkRegistryProcesses WaveBreaker Interception Layer X X Authorizer IIS WaveBreaker’s performance overhead: Approximately 5% Admin console !

WaveBreaker: Product Highlights Intrusion-proof protection for Microsoft®-IIS based applications Prevents: –Opening backdoors –Planting Trojan horses – Web site defacement –Attacks deeper into the corporate network Attacks are blocked in real-time Out-of-the-box security schemes provide instant protection Easily configurable to support any web application Security logs alert security administrators of attack attempts

Simple Management

Full Event Monitoring

Conclusion Business drivers and competitive market no longer permit keeping mission critical servers behind firewalls. Internet-facing web applications are and will be vulnerable. WaveBreaker can provide the shielding needed to deploy internet-facing servers.

Thank you.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.