Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jim Allred—Vice President, Marketing NetVision

Published byTheodora Norton Modified over 7 years ago

Similar presentations

Presentation on theme: "Jim Allred—Vice President, Marketing NetVision"— Presentation transcript:

1 TUT 192 Security Essentials—Mandatory Best Practices for Securing Novell Environments
Jim Allred—Vice President, Marketing NetVision Todd Lawson—CEO and President, NetVision

2 The IT Security Landscape
In today's risk-intensive security environment, effective IT security stands on four pillars: Security policies and architecture Security infrastructure Security administration Business continuity planning. Mark Nicolett, Gartner Group

3 The Security Essentials For Novell Environments
Security policies and architecture Security administration

4 Security Best Practices
Select processes / tools that lower operating costs and reduce risk Develop end-to-end security processes Seek automation—reduce dependency on “human powered” systems Seek for integrated tools and fewer vendors Find security tools that leverage & extend current infrastructure Implement authoritative corporate security posture

5 Security Best Practices cont.
Manage security based on business policies and industry best practices technical standards Implement systems that provide guidance in complying with specific regulations (HIPAA, GLBA, SOX) & deliver methods to verify your compliance Implement & automate user awareness / training programs Use policies & standards to drive automated security administration tools

6 Security Best Practices cont.
Implement systems which enforce policies automatically—automated remediation Combine real-time monitoring and query-based reporting for comprehensive auditing Implement security for perimeter and the interior

7 NetVision—The Company
Founded in 1996, Over 600 Customers Worldwide Pioneer and innovator in multi-vendor directory integration and security management Value Proposition NetVision provides an enterprise risk management solution that integrates best-practice business policies, and IT security automation Results: Continuously enforced security policies yielding lower operating costs and minimizing risk associated with information assets

8 NetVision in Security Administration
NetVision’s Critical Role in Security Administration Perimeter Security, by itself, is not complete Control Layer Provides Identity based security management Defends against inside attacks if perimeter is breached Protects from the inside-out

9 Security Administration Framework
The Solution—What it Does NVPolicy Resource Center Policy Development, Deployment & Compliance NVMonitor Real-time Auditing & Change Management NVAssess Proactive Vulnerability & Configuration Management NVIdentity User Administration & Identity Management

10 NVPolicy Resource Center - Policy Development, Deployment & Compliance
Policy Creation & Management Robust portfolio of security best practices Complete pre-built policy framework Customizable policy templates Technical standards mapped to regulatory compliance (HIPAA, GLBA, ISO, SOX, FISMA) Documentation Assemble documents and get sign-off Document workflow and revision tracking Security Awareness, Compliance & Training Teach users their roles and responsibilities Track policy acceptance and compliance Vulnerability Alerting & Tracking Vulnerability notification and mitigation details (patches) Task/Workflow automation and tracking & reporting “Implementing security technology without policy guidance is analogous to having police, courts, judges, and jails, but no law” (Meta Group, July 19, 2002)

11 Inside NVPolicy Resource Center
Policy Creation/Deployment Technical Standards Awareness/Training Vulnerability Management Research & Security Tool kits

12 Security Policy “Framework”
A Policy Framework provides an organization a strategy to shape its tactical security solutions in relation to business objectives Clearly defines value of information assets Represents organization-wide priorities States business requirements that will drive security activities Hierarchical approach to link policies with risk mgt. strategies

13

14 Framework Components Top level governance document
Establish Formal Information Security Program Establish Risk-management objectives Establish Executive-level visibility & support Empower Security organization Establish organizational Governance & accountability Balance security costs with risk tolerance Dictates effective administration and enforcement

15 Framework Components NetVision information Security Policy Framework
Asset Identification & Classification Policy Asset Protection Policy Asset Management Policy Acceptable Use Policy Vulnerability Assessment & Management Policy Threat Assessment & Monitoring Policy Security Awareness Policy

16 Framework Components Technical Asset Protection Standards
Firewall Protection Standard Unix Protection Standard Web Server Protection Standard NetWare Protection Standard Windows 2000 Protection Wireless Ethernet Protection Standard IP Router Protection Standard

17 Framework Components Technical Security Configuration Procedures
Windows NT Server Windows NT Workstation Solaris 2,6,7 and 8 How to set up a piece of equipment properly How to configure an operating system or Service How to Install a Security software Tool How to lock down a particular device or Server

18 Security Tool Kits NVPolicy Resource Center offers turnkey templates from which to build customized information security policies, including best practices for complying with HIPAA, GLBA, SOX, FERC, FISMA and much more

19 Vulnerability alerting & patch management
NVPRC automates vulnerability management process Industry’s most Complete vulnerability alerts database (14,000 product versions from 3,000 vendors) Profile-based alert system— No fire hose! Provides mitigation tactics and patch links Provides Task-management automation including role-based administration Provides Prioritized system for ranking & addressing vulnerabilities Provides metrics-based scoring system to gauge & report on your success

20 Profile-based vulnerability alerts (Interpreting/Aggregating)

21 Workflow/task Management

22 Measurement, Monitoring & Reporting

23 Managing HUMAN Vulnerabilities
The Problem: “Social Engineering” (Lying, tricking, deceiving, threatening, extorting users into revealing information to gain illicit access) The solution: User Awareness & Training is the only solution for managing Human Vulnerabilities

24 Security Awareness & Training
NVPRC automates policy distribution, awareness and tracking Assures everyone knows their roles and responsibilities in Security Reliable, track-able distribution system- based Built-in Training Modules/End-user Quizzes/Presentation Templates Secures against “Social engineering” threats Provides compliance data for legal and regulatory audits Prevents version-control issues associated with hard-copy manuals

25 NVPolicy Resource Center (Security Policy Creation & Deployment)
Methodology How to go about building a corporate policy infrastructure Building Blocks Best practices Documentation Assemble documents and get signoff Education Teach users their roles and responsibilities “Implementing security technology without policy guidance is analogous to having police, courts, judges, and jails, but no law” (Meta Group, July 19, 2002)

26 Product Demonstration
NVPolicy Resource Center NVAssess NVMonitor Syslog Manager NVIdentity

27 NVAssess – (Proactive Vulnerability & Configuration Management)
Vulnerability Scanning/Reporting Scan OS/Directory/File System/Applications to identify vulnerabilities Server Configuration Management passwords, reset configuration to known good standard Identify versions, service packs and hot fixes. Audit configurations & services Policy/Standards-based Assessment Query templates mapped to best practices, & specific regulations (HIPAA, GLBA) Disc Space Analysis & Remediation Identify use/misuse & availability, inappropriate files (MP3), old files, duplicate files Account/Rights Management Password violations, ACL violations, dormant accounts, group memberships Directory Structure Analysis Tree structure & partitions, documentation of directory for disaster recovery Automated Problem Resolution Pre-scripted responses to discovered vulnerabilities: Delete offending files, remove dormant accounts, modify weak

28 NVAssess – How It Works

29 Product Demonstration
Policy Resource Center NVAssess NVMonitor Syslog Manager NVIdentity

30 NVMonitor – (Real-time security & Access management)
Change Detection, Alerting & Reporting Identifies unauthorized changes or behaviors that violate policies, real-time alerts Response Automation & Remediation Detects unauthorized activity & reverses through automated controls: termination of access rights, reverse change to security setting, delete offending files Intrusion Protection Protects from the inside-out, pinpoints breach or unauthorized change whether initiated internally or externally Behavior Management Watches all user behavior and blocks any attempt to gain inappropriate privileges Applications Management Manages directory-aware applications (ZENworks, DirXML, GroupWise) Example: Tao Monitor detects when a DirXML driver has stopped Directory/Server Health Monitoring Improved visibility into tree structure, monitor partition activity, cut troubleshooting time, monitor upgrades to OS and directory Monitor extended schema & changes to OS, NLMs, Objects and Rights

31 NVMonitor – How It Works

32 Product Demonstration
Policy Resource Center NVAssess NVMonitor Syslog Manager NVIdentity

33 Syslog Manager (Flexible Syslog Monitoring & Reporting)
Syslog Message Viewing & Handling Receives, logs, displays and forwards syslog messages in real-time from multiple hosts Agentless Monitoring for Multiple Platforms & Devices Linux/Unix, routers, switches, firewalls, IDSs Real-Time Monitoring, Alerting & Scripting Filtering, Parsing, perform action when filter conditions are met ODBC Logging and Archiving Access, SQL, Oracle, MySQL Event Correlation & Summarization Consolidate messages from multiple systems Detect & Alert on Advanced Programmatic attacks Example: Track failed logons across multiple systems simultaneously Customized Reporting Customized view of collected syslog data Generate reports on ad-hoc or scheduled basis

34 Syslog Manager - How It Works

35 NVIdentity (User Administration & Identity Management)
User Account Provisioning/De-provisioning Automates life-cycle management of user accounts throughout the enterprise Manages group associations, rights/permissions, provides immediate secure access Password Synchronization Predictable, automated synchronization between eDirectory & Active Directory, NT Domains, Exchange, Lotus Notes & GroupWise Password Strengthening Enforces password policies throughout the enterprise; minimum length, upper/lower case, numbers, special characters, disallows easily cracked passwords Password Self-Service Reduces help desk costs, allows users to reset passwords from the Web, Directory Integration/Migration Facilitates co-existence, provides migration flexibility & protects against lost data, extends rather than replacing current infrastructure

36 NVIdentity - How It Works

37 Product Demonstration
Policy Resource Center NVAssess NVMonitor Syslog Manager NVIdentity

38 NSAF-How it works NSAF Solution Overview

39 NSAF-How it works NSAF Solution Overview
Real-time event data & queried audit data collection Lightweight architecture-Does not impact system operations

40 NSAF-How it works NSAF Solution Overview
Real-time event data and state-based audit data compared against policy standards Policy standards exported from Policy Resource Center

41 NSAF-How it works NSAF Solution Overview Flexible automated responses
Customizable according to severity of security breach Automated policy enforcement

42 The NetVision Difference – Security Best Practices
System level integration not an additional application Does not matter what application is used to manage the environment Leverage your existing infrastructure and training Policy and Process are integrated End to end policy management from conception to implementation Business level policies integrated with security process automation Regulatory compliance automation Policy Enforcement automation Authoritative Corporate Security Posture Automated user awareness/training Multiple security tools within a single integrated solution

43 Brainshare 2005 Gold Sponsor
See us in the BrainShare Sponsor Hall #G730 for outrageous prizes, contests and cool free stuff!

44 Section break slide

45

46

47 Yellow Palette Green Blue Gray Misc R 252 G 194 B 79 R 225 G 213 B 75
These gray lines show the margins that need to be adhered too. If your slide content extends beyond the margins you may need to move to a full screen slide layout. Most importantly keep this area under the “N” clear Yellow Palette Green Blue Gray Misc R 252 G 194 B 79 R 225 G 213 B 75 R 182 G 201 B 207 R 186 G 189 B 182 R 237 G 238 B 236 R 232 G 128 B R 157 G 176 B 41 R 100 G 132 B 164 R 107 G 108 B 105 R 224 G 0 B 0 R 201 G 86 B 22 R 115 G 126 B 31 R 77 G 68 B 102 R 46 G 52 B 54 R 204 G 0 B 0 © June 10, 2018 Novell Inc.

Download ppt "Jim Allred—Vice President, Marketing NetVision"

Similar presentations

The Threat Within September 2004. Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.

The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works

Security Controls – What Works
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE www.visible.com Holistic View of the Enterprise Business Development Operations.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
Information Security Policies and Standards

Information Security Policies and Standards
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
Network security policy: best practices

Network security policy: best practices
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Www.skyboxsecurity.com Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
A Balancing Act Between Risk Appetite and Risk Tolerance Federal Information Systems Security Educators’ Association Conference March 2005 Ezra Cornell.

A Balancing Act Between Risk Appetite and Risk Tolerance Federal Information Systems Security Educators’ Association Conference March 2005 Ezra Cornell.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Similar presentations

Ads by Google