Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vulnerability Management Solutions

Published byOswin Percival Bridges Modified over 6 years ago

Similar presentations

Presentation on theme: "Vulnerability Management Solutions"— Presentation transcript:

1 Vulnerability Management Solutions
Harold Toomey Product Manager 13 August 2001

2 Agenda Importance of Security Security Policy Security Management
Web access management Vulnerability management Intrusion detection Symantec Products ESM – OS Security Web Server Security Database Security Symantec NetRecon – Network Security Questions and Answers

3 A transformation of the
Market Trends Company A A transformation of the Corporate enterprise Company B 20th Century Corporation 21st Century Corporation 20th Century Corporation Pyramid organization Self-Sufficient Strength: Stability Domestic reach Physical assets are primary resources Internal Focus 21st Century Corporation Web/Network Organization Interdependent Strength: Changeability Global reach Information is primary resource External Focus As technology has changed the way we do business, it changes the way we think about security No longer about keeping people out, but letting people in…. Source – Business Week August 28th 2000

4 Evolution of Network Intrusions
Wide-spread Denial-of-Service Attacks (Yahoo!, eBay) “Zombies” appear Microsoft hacked SATAN is released Morris Internet Worm Source: CERT, Carnegie Mellon University

5 Average Reported Losses
$4.42 M 2001 CSI/FBI Computer Crime and Security Survey $4.45 M $454K $322K $275K The reports are frightening: web sites are paralyzed for entire business days, unauthorized network penetration, lost information. Hacking is on the rise from pranksters to competitors to insiders. And there’s a cost associated with those break-ins. And sometimes its hard to establish cost -what is the price of an employee list given to recruiter, someone steals product plans, confidential information is altered. Security has rapidly escalated to a top priority as business become more networked to achieve their goals. Sabotage in conjunction with Denial of Services is the fastest growing-cyberterrorism. $266 BILLION - Estimated cost of damages caused by viruses and computer cracking in U.S. firms last year, representing 2.5 percent of the nation's gross national product (GNP). (InformationWeek) $1.6 TRILLION - Estimated worldwide loss last year due to downtime resulting from security breaches and virus attacks. (InformationWeek) 22,144 Attacks against unclassified U.S. DoD computers in 1999 up from 780 in (Financial Times, Oct 4, Dorothy Denning quoted) 94 PERCENT - Portion of surveyed companies that were aware of the I*LOVE*YOU worm; 18 percent said they received it, while 7 percent said it had a "major impact" on their operations. (Gallup Organization) 12:1 - Ratio of the number of times on-line merchants suffer credit card fraud compared to the off-line, bricks-and-mortar counterparts. (Gartner Group) Outside System Penetration Sabotage and Denial of Services Unauthorized Insider Access Financial Fraud Theft of Proprietary Information Mar 12, 2001

6 Risk Remains High $1.6 TRILLION - Estimated worldwide loss in 2000 due to downtime resulting from security breaches and virus attacks. (InformationWeek) $266 BILLION - Estimated cost of damages caused by viruses and computer cracking in U.S. firms in (InformationWeek) 42% of computers checked were still not running anti-virus software. 32% were infected. (Symantec SecurityCheck) 12:1 - Ratio of the number of times on-line merchants suffer credit card fraud compared to the off-line, bricks-and-mortar counterparts. (Gartner Group) InformationWeek - July 10, 2000 Financial Times - Oct 4, 1999 Dorothy Denning CNET News < Credit card and debit card fraud could cost online merchants billions of dollars over the next five years unless they implement the technology to detect it, a new report says. The report, released Friday by Meridien Research < warns that as more transactions are conducted over the Internet, online payment fraud will rise in tandem, increasing from $1.6 billion worldwide in 2000 to $15.5 billion in 2005. Although anti-fraud technology is not foolproof, the biggest factor in the projected increase is that only an estimated 30 percent of merchants use anti-fraud technology, Meridien analyst Jeanne Capachin said. Meridien, based in Newton, Mass., provides research on technologies tied to the financial services industry.

7

8 *

9 Web Server Security Threat
“Web Server Security has been at the forefront of the news throughout the last month, with the archive site attrition.org announcing that it had received a list of around 9,000 Microsoft-IIS sites that had been successfully been taken control of by attackers. Recently it has been receiving over 100 reports of successful attacks in a single day, more than for the entire years of 1995 & 1996.” Source: (Jun 2001)

10 Web Site Defacements Source: attrition.org

11 Policy is Key to Security
Standards Procedures, Guidelines & Practices Mandate to implement security Standard to measure security Basis for all security technology and procedures The first step toward information security is to formulate a security policy -- identify the key assets to secure, and which assets will be extended to whom. The role of the policy is to guide users in knowing what is allowed, and to guide administrators and managers in making choices about system configuration and use. This process will help you establish specific security goals and a plan to tackle them. Before you can manage security you have to have a way to measure how good it is. Your corporate security policy provides the acceptable baseline standards against which to measure compliance. Key Message: Information security is a business issue, not just a technology issue, and the reason organizations want to protect information is for sound business purposes.

12 Security Objectives Who sees the data?
Confidentiality Who sees the data? Integrity Has the data been tampered with? Availability Can I access the server or data when I need it?

13 No Need to Start from Scratch
Rather than analyzing every risk, look at what others are doing Meet standard of due care Use existing standards and “Best Practices” Pay attention to regulations and requirements Government Industry Partner

14 Standards for Operational Security
BS7799 security requirements established by the British Government (ISO 17799) SAS 70 and SysTrust requirements established by the AICPA FISCAM requirements established by GAO for federal govt. COBIT requirements established by Information Systems Audit and Control Association (ISACA) IETF Site Security Handbook and User Security Handbook The Top Ten Internet Security Threats from SANS VISA's ten requirements for 21,000 organizations that carry the VISA logo Future – Minimum standards of due care from The Center for Internet Security, a new world-wide standards consortium AICPA - American Institute of Certified Public Accountants FISCAM - Federal Information Systems Control Audit Manual (originally developed to audit Federal financial systems. Now used to audit non-financial systems.) COBIT: Control Objectives for Information and Related Technology

15 Visa’s “Ten Commandments”
1. Install and maintain a working network firewall to protect data accessible via the Internet 2. Keep security patches up-to-date 3. Encrypt stored data accessible from the Internet 4. Encrypt data sent across networks 5. Use and regularly update anti-virus software 6. Restrict access to data by business "need to know" 7. Assign unique IDs to each person with computer access to data 8. Track access to data by unique ID 9. Don't use vendor-supplied defaults for system passwords and other security parameters 10. Regularly test security systems and processes DISTANCE BETWEEN TITLE AND TEXT IS .75” THROUGHOUT THE PRESENTATION EXCEPT IN SLIDE 9, BECAUSE THERE IS THE ABILITY TO INSERT AN OBJECT (CLIPART, CHART, OBJECT) BETWEEN THE TITLE THE TEXT. Source:

16 Regulations for Operational Security
FDIC and OCC regulations for banking industry HIPAA regulations for health care industry SEC regulations for brokerage industry DoD regulations for military commands and contractors FDA regulations for pharmaceutical companies NASA requirements for all its facilities and contractors 1974 Privacy Act with amendments

17 Metrics for Security Effectiveness
Measuring Policy Compliance Percent of organization following policy Number of exemptions granted Measuring Resistance and Response to Attack Number of holes found by vulnerability scan Percent of attacks detected during penetration test Percent of detected attacks with proper response/report Percent of attempted attacks that succeeded If you want to manage something, you have to be able to measure it.

18 Web Access Management Web Server Firewall Customers E-mail servers
Groupware Servers Database Servers File Servers Customers Partners Branch Office Wireless Device Web Server Telecommuters Modems Firewall servers

19 Traditional Web Access Management
Web Users & Internet Hacker Service Network (DMZ) Web Servers & Content Firewall Application Servers Application Servers Secure (Trusted) Network DB DB Auth. DB Auth. DB

20 Secure Web Access Management
Proxy Server NT Auth Agent Authentication Mechanism(s) Secure (Trusted) Network Service Network (DMZ) Web Users & Internet Firewall LDAPAuth Other Auth Agents Central Management Server Web Servers & Content PKI Auth

21 Authentication Username/password most common
Can be stolen or frequently cracked Use SSL or similar web technology Two-factor authentication is stronger Hardware token, smartcard, etc. Soft token, digital certificate Biometric

22 Vulnerability Management – Policy Compliance
Groupware Servers Database Servers File Servers Customers Partners Branch Office Wireless Device Web Server Telecommuters Modems Firewall

23 Some Typical Vulnerabilities
Password strength Out-of-date patch levels Account settings Network parameters NT RAS, NIS, UNIX .rhosts files, ftp, telnet File protections Improperly changed files O/S specific problems Windows NT registry, NetWare NDS, UNIX suid files, etc. Improper CGI and other web vulnerabilities Presence of DDoS “Zombie” code Password strength – easy to guess passwords, passwords that are too short, or don’t have to be changed. Account settings – improperly protected login scripts, excessive privileges, no password required. holes – UNIX sendmail vulnerabilities, improper file protections Startup files – improper startup file protections or links that allow non-privileged users to gain root Network parameters – NT RAS, NIS, UNIX .rhost files, ftp, telnet, and other network service problems File protections – improper file permissions that grant broader access than desirable Out-of-date patch levels – O/S files that contain security holes Improperly changed files – Critical files that no longer match required cryptographic signature O/S specific problems – Windows NT registry vulnerabilities, NetWare NDS problems, UNIX suid files, OpenVMS SYSUAF problems, etc. G. Mark Hardy

24 Vulnerability Management – Vulnerability Scanning
Groupware Servers Database Servers File Servers Customers Partners Branch Office Wireless Device Web Server Telecommuters Modems Firewall Probe for Vulnerabilities Probe for Vulnerabilities

25 Detect Intruders IDS Hacker Web Server Firewall Customers File Servers
Groupware Servers Database Servers File Servers Customers Partners Branch Office Wireless Device Web Server Telecommuters Modems Hacker Firewall

26 Network and Host IDS Partnership
Network IDS Phase 1 Discover & Map Automated Scanning & Probing Phase 2 Penetrate Perimeter Denial of Service Spoofing Protocol exploits Web appl. attack Host IDS Phase 3 Attack/Control Resources Password attacks Privilege grabbing Theft Audit trail tampering Admin. changes Vandalism Trojan horses Internet

27 Enterprise Security Manager
VM and IDS Matrix Symantec provides all important components to comprehensive security Host-Based Network-Based Vulnerability Management Enterprise Security Manager Symantec NetRecon Intrusion Detection Intruder Alert NetProwler

28 Enterprise Security Manager
Comprehensive security “health check” of the enterprise from a central location. Automatically discovers and reports vulnerabilities, including areas that do not comply with security policy. Identify systems that are at risk or non-compliant. Consistent, automated, repeatable, on-demand mechanism. Provide baseline and measures by which to manage security. Enterprise Security Manager (ESM) is the worldwide leader in host-based Vulnerability Assessment with 68% market share according to IDC. Also, ESM has recently won Secure Computing Magazine’s Academy Award for Best Security Management product. Positioning / key points. Focus on core strengths and unique features of ESM. Comprehensive security health check. Provide graphical views and reports; manage and report on enterprise security health from a central console. Automatically discovers and reports vulnerabilities. Note on both of these points -- with the diversity and rapid change in today’s computing environment, it is virtually impossible to do this manually. The only other solution is a hodge-podge of home-grown or platform specific tools that can only provide a small part of the security picture. Identify systems that are a risk or non-compliant. Most organizations know they are vulnerable to attack, whether it’s from inside or outside of the organization. They need an assessment tool to identify those risks so that action can be taken to correct potential problems and prevent loss. Automation of repetitive tasks -- saves time, money, and valuable technical resources. Most organizations don’t have the time, the tools or the money to collect and collate all the necessary data from all the relevant systems to prove compliance. “If you want to manage security, you must be able to measure how good it is” Helps to focus attention on the critical systems that need it the most. ESM is the solution -- ESM is the market Leader with 68% market share G. Mark Hardy

29 ESM: Manager/Agent Architecture
GUI Code Code Code Network Code We’ve talked about WHAT ESM does…. Now let’s talk about HOW. ESM’s three-tiered architecture is unique in its market space. The three components are the console, the manager, and the agent. Console: Graphical User Interface for managing ESM and producing reports. A single Console can connect to multiple ESM managers. This gives ESM scalability for very large installations. The console also includes the ability to authorize different administration levels within the product. This is important for large implementations because a policy can be created centrally, deployed geographically, and be run without risk of being changed. AXENT does not charge for the Console, which can be set up at many different locations with different administration levels. Manager: Used to schedule and run reports. The manager sends the desired checks to the agent to run locally, and then collects and correlates the information upon completion. A manager can be administered by multiple security personnel with varying authority levels using a Console that sits on their desktop. Agent: The agent code contains the actual process that runs the checks on the local operating system. Network bandwidth is kept to a minimum, because only the exception data (changes since the last policy run) is sent back to the manager for processing and reporting. Information that travels between the various components is encrypted. Code Code Code Manager

30 ESM - Scales to Virtually any Enterprise
ESM Console ESM Managers with Agents Because of its 3-tier architecture, depth of security checks, and breadth of platform support, ESM is the most scalable and sophisticated security assessment solution on the market. ESM automatically collects and correlates the security assessment data from the entire network. Results are provided in a consolidated report format. These graphical reports (like the pie chart shown here) illustrate exactly how secure your information systems are. Detailed reporting options are also available. ESM Agents

31 Symantec NetRecon Gain a hacker’s eye view of the network.
NetRecon, in conjunction with ESM, leads the Vulnerability Assessment space with 39% market share according to IDC. Secure Computing Magazine gave NetRecon a four-star overall rating, and recognized it as “capable of discovering more potential vulnerabilities than the competition in certain situations.” Gain a hacker’s eye view of the network. Vulnerability assessment with root cause analysis - leads you to the real problem, not the symptoms Unique path analysis illustrates exact sequence of steps to uncover vulnerability Progressive scanning technology uses information from part of the scan to search deeper for weaknesses. Shares information like a Tiger Team G. Mark Hardy

32 NetRecon w/ Progressive Scanning Technology
Holistic view of network Searches deeper for network weaknesses Correlates vulnerabilities across systems to demonstrate how related vulnerabilities can lead to attack Shows how low- and medium-risk problems combine to make high-risk problems Uncovers vulnerabilities that other scanners don’t find Enhanced performance provided by parallel objectives Runs faster by filtering out redundant risks

33 Key Features & Benefits
Progressive Scanning Scans entire network as a whole, not just each system in isolation to the others like other scanners Uses information found on one system to penetrate the other systems Path Analysis Illustrates the exact sequence of steps taken to uncover a vulnerability Helps the security administrator to pin-point the root cause of the vulnerabilities Live Update™ Incorporates Symantec’s renowned Live Update technology to deliver new vulnerability checks Integrated Password Cracking Actually cracks encrypted passwords as it scans Enterprise Support Is unique in that it also scans non-IP based networks, such as NetWare’s IPX/SPX and NetBEUI protocols Is tightly integrated with ESM

34 Integrated Host- & Network-Based Security Assessment
Security is an on-going process Assessment gives you a baseline from which to build Two approaches to vulnerability assessment Host-based (“privileged access”) Network-based (“hacker’s view”) Each has it’s own benefits and limits Comprehensive vulnerability assessment includes a combination of both approaches “…a combination of network- and host-based is critical. If you’re doing just one or the other, you’re missing half the elements." InformationWeek, May 29, 2000 Security is not a one-time event -- it’s a continuous process. Assessment is a good first step. It helps you determine where you are in terms of your security health and status. Implementing host and network security together offers powerful protection against the major types of risks. Each solution is suited to identify potential vulnerabilities that the other cannot see. A complete vulnerability assessment typically consists of a passive host assessment and an active network assessment. One without the other does not provide a complete picture of the security “health” of your systems.

35 ESM Application Security
ESM leads the market in OS-level security, vulnerability assessment and policy compliance Now it is addressing mission-critical e-business components: Integrate both host-based and network-based assessment for comprehensive coverage Firewalls Routers Web Servers Databases Applications (ERP, CRM)

36 ESM Application Security Modules Architecture
Application-level security NetRecon Databases Web Servers NAV Servers WAP Servers Components Network Firewalls Servers Applications Single integrated view The ESM API resides on the agent. The Software developers kit allows customers, third parties, software vendors, and AXENT to quickly develop new modules which check other security subsystems. For example, modules can be built to handle databases, applications, web server software, etc. By writing a new module according to the API, none of the other agent, module, manager, or GUI code needs to be changed. In fact, the new module automatically causes new dialog boxes to be displayed on the GUI (without any code changes), and automatically integrates the new security checks into ESM’s network-wide reports. Operating System security Operating Systems

37 Current ESM Modules Implementation Uses best of host-based and network-based technologies to provide complete assessment coverage Operating Systems ESM for Oracle ESM for WebServers NetRecon ESM for AntiVirus

38 Symantec NetRecon 3.5 Integration
Benefits Displays NetRecon scan data in ESM Console Provides a central view of both host-based and network-based assessment and vulnerability data Integrates NetRecon data into ESM reports ESM policies can launch NetRecon scans using ICE Provides trend analysis and other ESM features Each release gets more integrated with ESM .NRD file (v2.0) CLI / ESM Console using ICE (v3.5) Vulnerability correlation (future)

39 ESM for WebServers Features Network-based approach (hacker’s view)
Coverage of all major web servers and OSs Apache • NT, W2K, XP Microsoft IIS • Redhat Linux Netscape • Unix (Solaris, AIX, HP-UX) Addresses SANS / FBI Top 10 Internet Vulnerabilities Combination of ESM host OS agent + ESM for WebServers = Comprehensive coverage                                  

40 ESM for WebServers Policy

41 Assessment Methodology
Login Echo DNS SMTP Gateway Netstat Name POP3 Printer Whois Shell FTP (20, 21) CGI / HTTP (80, 8080) Web Server

42 Best Practice Configuration
Install an ESM Agent on each web server for host-based checks Covers ~80% of vulnerabilities Ensures proper policy compliance OS patches module most critical Install ESM for WebServers on a separate NT workstation, preferably on the same segment as the web server(s) Covers ~20% of remaining vulnerabilities ESM policy options One web server per policy for tight data correlation Multiple web servers per policy to assess a web server farm

43 ESM for Oracle Features
First host-based database vulnerability assessment product on the market Integrates into ESM at the application level Supports Oracle versions 7.3.x – 8.0.6 Supported host systems Sun Solaris 2.4 – 2.6 IBM AIX 4.1 – (RS6000) HP-UX – 11.x Digital Unix OSF1-AXP v4.0d Oracle only ESM for Oracle was originally released in 1997, and was the market’s first host-based vulnerability assessment solution for databases. An extremely important aspect of ESM for Oracle v1.1 is its seamless integration into the market’s leading enterprise vulnerability and policy compliance solution – e-business Security Manager (ESM). Integrated at the application level, ESM for Oracle populates its checks directly into the file tree, just as an agent does that is monitoring an operating system. Like all checks within ESM, the Oracle data base checks can be selected “on” or deselected for specific vulnerabilities, too. ESM for Oracle v1.1 supports the latest and most popular versions of Oracle, from versions 7.3x to on all of the major supported UNIX platforms, including SUN, IBM, HP and Digital Unix.

44 ESM for Oracle Benefits Extends policy compliance and management to critical systems Assesses database for known vulnerabilities Integrates database security into enterprise policy management picture

45 Securing Oracle Instances
Each Oracle instance may have different priority levels and different security vulnerabilities… dB Inst. 3 ESM for Oracle 2 1 ESM Console Oracle Server (Unix) ESM Manager ESM Agent

46 ESM for Oracle Database Checks
Coverage of key vulnerabilities associated with Oracle RDBMS Eight Oracle RDBMS assessment groups Access Group Accounts Group Auditing Group File Attributes Group Passwords Group Roles Group Startup Group Table Attributes Group Each group contains multiple key vulnerability checks

47 ESM for NAV Servers Benefits Best Practice policies to secure Norton Anti-Virus Corporate Edition servers Shows synergy and value between Symantec and AXENT product integration Free to maintenance paying ESM customers

48 ESM for NAV Servers Architecture
Client PC Client PC Client PC Client PC ESM Enterprise Console ESM Manager - ESM for NAV CE Server - ESM Agent - ESM for NAV Servers Best Practice Policy - Client PCs - ESM Agents

49 Security Updates SWAT Security Update Program What:
Team of Security Professionals conducting research on vulnerabilities and delivering detection and countermeasure capabilities to IDvA products. How: Security Updates are deployed via the web and Live Update. Frequency: ESM Security Updates are released quarterly. NetRecon Security Updates are released monthly. In emergencies (DDoS, Trin00, etc.), updates are available within several hours. Track Record (2000): ESM Security Updates added 260 new checks. NetRecon Security Updates added 350 new checks. ESM for WebServers added 246 new checks.

50 Final Thoughts The SANS' Top Ten list identified CGI vulnerabilities as the #2 issue Security analysts who conduct penetration studies indicate that 80% of break-ins occur because of: 1) Out-of-date, unpatched systems and applications 2) Easy-to-guess passwords “For cyber security, 47% of consumers would like enhanced Web site security measures, safeguards for credit card information and privacy policies.” (USA Today Snapshots – Nov. 27, 2000) Follow best practices to achieve due care Implement process to manage policy and incidents

51 Harold Toomey htoomey@symantec.com
Thank You Harold Toomey

Download ppt "Vulnerability Management Solutions"

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
The Threat Within September 2004. Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.

The Threat Within September Copyright © 2004 Q1 Labs. All Rights Reserved Agenda Customer Pain Industry Solutions Network Behavior Enforcement Example.
Current Security Threats WMO CBS ET-CTS Toulouse, France 26-30 May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.

Current Security Threats WMO CBS ET-CTS Toulouse, France May 2008 Allan Darling, NOAA’s National Weather Service WMO CBS ET-CTS Toulouse, France.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
Security Controls – What Works

Security Controls – What Works
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Network security policy: best practices

Network security policy: best practices
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Www.softwareassist.net Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
Information Systems Security Computer System Life Cycle Security.

Information Systems Security Computer System Life Cycle Security.
Chapter 9: Novell NetWare

Chapter 9: Novell NetWare
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

Similar presentations

Ads by Google