Presentation is loading. Please wait.

Presentation is loading. Please wait.

Separate Domains of IT Infrastructure

Published byEmmeline Newman Modified over 9 years ago

Similar presentations

Presentation on theme: "Separate Domains of IT Infrastructure"— Presentation transcript:

1 Separate Domains of IT Infrastructure
CS5493

2 7 Domains of IT User Domain Workstation Domain LAN Domain
LAN to WAN Domain WAN Domain Remote Access System Application Domain

3 Logical Grouping of IT Domains
User/Workstation Network LAN LAN-WAN interface WAN Remote (Brave new world) System/Application

4 User Domain The subjects: The people using the system.
This is the domain of the AUP

5 The AUP Acceptable usage policy – a contract between the system owner and system user outlining the acceptable usage parameters of the computing system.

6 User Domain Threats/Vulnerabilities Lack of user awareness
User apathy toward policies Security policy violations Disgruntled employee attacks Social engineering attacks Etc Mitigation strategies …

7 User Domain …Mitigation Strategies User awareness training Accountability through an AUP Implement personnel access controls

8 Workstation Domain Usually refers to the computer on your desk or workspace. This includes the staff supporting the workstations The AUP is a key document for this domain

9 Workstation Domain Risks/threats/vulnerabilities Unauthorized access
Malware Social engineering attacks Etc. Mitigation strategies…

10 Workstation Domain …Mitigation Strategies User awareness training logging anti-malware Accountability through an AUP

11 Network Service Domain
For the purpose of this course, we will combine the domains for LAN, LAN-to-WAN, and WAN into the Network Service Domain

12 Network Service Domain
Includes the equipment, cables, the wireless access, etc. Key document is the SLA

13 SLA: Service Level Agreement
An agreement between the system provider and system user. Outlines provider responsibilities and defines realistic expectations to the users.

14 Network Service Domain
Threats/Vulnerabilities/ Unauthorized access, physical or otherwise Malware attacks Hardware vulnerabilities Support staff threats/vulnerabilities Misuse of network resource by users Clear-text (unencrypted) data traffic DoS Wireless attacks

15 Network Service Domain
…Mitigation Strategies IDS – intrusion detection system, like SNORT. IPS – intrusion prevention system, like a firewall

16 Network Service Domain
…Mitigation Strategies drop malicious packets, reset connection, block traffic from offending IP addresses, etc. set up a DMZ, …

17 Remote Access Domain Accessing the computing services from outside the boundary of the computing system. Smart phones Laptop computers PDAs Remote usage Wireless access Access to cloud resources Social media access

18 Remote Access Domain The AUP is the governing document

19 Remote Access Domain threat/vulnerability
Theft or loss of electronic devices Theft or loss of data Unauthorized access (shoulder surfers) Clear-text data transfer Poor security on personal devices. Reliability of cloud services

20 Remote Domain …Mitigation Strategies User awareness training Accountability through an AUP reliable authentication (MFA?) Data Encryption, etc

21 System/Application Domain
The critical infrastructure of server systems, applications, and data. Payroll Accounting, purchasing, billing Sales Intellectual property, etc. Proprietary technology Personal information

22 System/Application Domain
Threat/vulnerability Unauthorized access Hardware failure Data loss Malware Failure to keep systems and software up-to-date. Social engineering attacks etc

23 System/Applications Domain
…Mitigation Strategies Awareness training Backup/RAID Physical security, Logging, Data/system integrity monitor Disaster recovery plan etc

24 System/Application Domain
The governing document is the SLA.

25 Domain Group Assignments
User/Workstation Green Group Network Blue Group Remote Red Group System/Application Gold Group

Download ppt "Separate Domains of IT Infrastructure"

Similar presentations

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works

Security Controls – What Works
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Group Presentation Design and Implementation of a company- wide networking & communication technologies strategy 9 th December 2003 Prepared By: …………

Group Presentation Design and Implementation of a company- wide networking & communication technologies strategy 9 th December 2003 Prepared By: …………
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Controls for Information Security

Controls for Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
ACCEPTABLE An acceptable use policy (AUP), also known as an acceptable usage policy or fair use policy, is a set of rules applied by the owner or manager.

ACCEPTABLE An acceptable use policy (AUP), also known as an acceptable usage policy or fair use policy, is a set of rules applied by the owner or manager.
By Edith Butler Fall 2008. Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.

By Edith Butler Fall Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
OCR Computing for GCSE © Hodder Education 2011

OCR Computing for GCSE © Hodder Education 2011
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

Similar presentations

Ads by Google