Presentation is loading. Please wait.

Presentation is loading. Please wait.

Конференция IT Energy, 27 – 30 Ноября 2006 Предотвращение утечки Корпоративной Информации Сергей Кузнецов Представительство Citrix Systems International.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Конференция IT Energy, 27 – 30 Ноября 2006 Предотвращение утечки Корпоративной Информации Сергей Кузнецов Представительство Citrix Systems International."— Presentation transcript:

1 Конференция IT Energy, 27 – 30 Ноября 2006 Предотвращение утечки Корпоративной Информации Сергей Кузнецов Представительство Citrix Systems International GmbH В России и СНГ

2 Компания Citrix Systems Лидер в области Инфраструктуры Доступа ( Доля международного рынка 80%) Оборот 2005 $909m. (25% рост) Представлена в 35 странах мира 6200 партнеров в более 100 стран 180000 клиентов; 15М конк. лицензий 94% клиентская лойальность 75% ежедневного трафика Интрернета Стратегические партнеры Microsoft, IBM, HP, SAP and Oracle 1800 других индустриальных альянсов в области Оборудования,ПО, сетевых технологий, безопасности, и т.д.

3 Откуда идет угроза 75% всех инвестиций по безопасности сосредоточены здесь Сетевые атакиАтаки на приложения 75% всех атак сосредоточены здесь

4 Содержание Пассивная безопасность Citrix: Безопасность на уровне дизайна Использование Инфраструктуры Citrix

5 Пассивная безопасность Постоянные обновления патчей Разные зоны защиты Обновление СПД Безопасные Оконечные Устройства Сложные Пароли Пользователи Приложения

6 Vulnerability in Server Service Could Allow Denial of Service (923414): MS06-063 Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191): MS06-061 Vulnerability in Windows Explorer Could Allow Remote Execution (923191): MS06-057 Vulnerability in ASP.NET 2.0 Could Allow Information Disclosure (922770): MS06-056 Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486): MS06-055 Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422): MS06-051 Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670): MS06-050 Vulnerability in HTML Help Could Allow Remote Code Execution (922616): MS06-046 Vulnerability in Windows Explorer Could Allow Remote Code Execution (921398): MS06-045 Vulnerability in Microsoft Windows Could Allow Remote Code Execution (920214): MS06-043 Cumulative Security Update for Internet Explorer (918899): MS06-042 Vulnerability in DNS Resolution Could Allow Remote Code Execution (920683): MS06-041 Vulnerability in Server Service Could Allow Remote Code Execution (921883): MS06-040 Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388): MS06-036 Vulnerability in Server Service Could Allow Remote Code Execution (917159): MS06-035 The update for the selected product has been replaced by the update in the following bulletin(s): MS06-063 Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537): MS06-034 Vulnerability in ASP.NET Could Allow Information Disclosure (917283): MS06-033 Vulnerability in TCP/IP Could Allow Remote Code Execution (917953): MS06-032 Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389): MS06-030 Vulnerability in Routing and Remote Access Could Allow Remote Code Execution (911280): MS06-025 Vulnerability in Windows Media Player Could Allow Remote Code Execution (917734): MS06-024 Vulnerability in Microsoft JScript Could Allow Remote Code Execution (917344): MS06-023 Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439): MS06-022 Cumulative Security Update for Internet Explorer (916281): MS06-021 The update for the selected product has been replaced by the update in the following bulletin(s): MS06-042 Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting (917627): MS06-017 Cumulative Security Update for Outlook Express (911567): MS06-016 Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531): MS06-015 Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562): MS06-014 Cumulative Security Update for Internet Explorer (912812): MS06-013 Vulnerability in the Korean Input Method Editor Could Allow Elevation of Privilege (901190): MS06-009 Vulnerability in Web Client Service Could Allow Remote Code Execution (911927): MS06-008 Vulnerability in TCP/IP Could Allow Denial of Service (913446): MS06-007 The update for the selected product has been replaced by the update in the following bulletin(s): MS06-032 Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564): MS06-006 Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565): MS06-005 The update for the selected product has been replaced by the update in the following bulletin(s): MS06-024 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919): MS06-001 Cumulative Security Update for Internet Explorer (905915): MS05-054 The update for the selected product has been replaced by the update in the following bulletin(s): MS06-013 Vulnerabilities in Graphics Rendering Engine Could Allow Code Executi on (896424): MS05-053 Cumulative Security Update for Internet Explorer (896688): MS05-052 Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400): MS05-051 Vulnerability in DirectShow Could Allow Remote Code Execution (904706): MS05-050 Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725): MS05-049 Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245): MS05-048 Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589): MS05-046 Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587): MS05-042 Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591): MS05-041 Vulnerability in Telephony Service Could Allow Remote Code Execution (893756): MS05-040 Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588): MS05-039 Cumulative Security Update for Internet Explorer (896727): MS05-038 Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214): MS05- 036 Vulnerability in Telnet Client Could Allow Information Disclosure (896428): MS05-033 Vulnerability in Microsoft Agent Could Allow Spoofing (890046): MS05-032 Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458): MS05-031 Vulnerability in Server Message Block Could Allow Remote Code Execution (896422): MS05-027 Vulnerability in HTML Help Could Allow Remote Code Execution (896358): MS05-026 Cumulative Security Update for Internet Explorer (883939): MS05-025 Security Update for Office 2003 (KB905645) Office 2003 Security Update: KB838905 Office 2003 Service Pack 1 Access 2003 Danish Update for MUI Pack: KB834013 Office 2003 Critical Update: KB828041 Security Update for Excel Viewer 2003 (KB918425) Security Update for Excel 2003 (KB918419) Security Update for Excel 2003 (KB905756) Security Update for Excel Viewer 2003 (KB914451) Security Update for Office 2003 (KB905645) Security Update for Office 2003 Multilingual User Interface Pack (KB905645) Security Update for Office 2003 Proofing Tools (KB905645) Office 2003 Security Update: KB838905 Office 2003 Service Pack 1 Outlook 2003 Junk E-mail Filter Update: KB921580 Outlook 2003 Junk E-mail Filter Update: KB920907 Outlook 2003 Junk E-mail Filter Update: KB919031 Outlook 2003 Junk E-mail Filter Update: KB917149 Outlook 2003 Junk E-mail Filter Update: KB916521 Update for Outlook 2003 (KB913807) Outlook 2003 Junk E-mail Filter Update: KB913161 Security Update for Office 2003 (KB905645) Security Update for Office 2003 Multilingual User Interface Pack (KB905645) Security Update for Office 2003 Proofing Tools (KB905645) Outlook 2003 Junk E-mail Filter Update: KB911961 Security Update for Outlook 2003 (KB892843) Outlook 2003 Junk E-mail Filter Update: KB905648 Outlook 2003 Junk E-mail Filter Update: KB907492 Outlook 2003 Junk E-mail Filter Update: KB906173 Outlook 2003 Junk E-mail Filter Update: KB904631 Outlook 2003 Junk E-mail Filter Update: KB902953 Outlook 2003 Junk E-mail Filter Update: KB895658 Business Contact Manager Update for Outlook 2003 Outlook 2003 Junk E-mail Filter Update: KB896999 Outlook 2003 Junk E-mail Filter Update: KB894384 Outlook 2003 Junk E-mail Filter Update: KB892236 Outlook 2003 Junk E-mail Filter Update: KB891067 Outlook 2003 Junk E-mail Filter Update: KB890854 Outlook 2003 Junk E-mail Filter Update: KB873362 Office 2003 Security Update: KB838905 Outlook 2003 Junk E-mail Filter Update: KB870765 Business Contact Manager for Outlook 2003 Security Update: KB842496 Outlook 2003 Junk E-mail Filter Update: KB835235 Outlook 2003 Junk E-mail Filter Update: KB832333 Security Update for Word 2003 (KB917334) Security Update for Word Viewer 2003 (KB917346) Security Update for Office 2003 (KB905645) Security Update for Office 2003 Multilingual User Interface Pack (KB905645) Security Update for Office 2003 Proofing Tools (KB905645) Security Update for Word 2003 (KB887979) Office 2003 Security Update: KB838905 Office 2003 Service Pack 1 Word 2003 Update: KB834702 for MUI Pack Word 2003 Update: KB830000 Office 2003 Critical Update: KB828041 Security Update for Visio 2003 Multilingual User Interface Pack (KB909115) Visio 2003 Service Pack 2 Visio 2003 Security Update: KB838345 Visio 2003 Service Pack 1 Обновляйте «патчи» своих приложений Миф #1 Разработчики пишут идеальное ПО! ОфисOracle 9i

7 Создавайте множественные зоны защиты Миф #2 Существует несколько и простых сценариев доступа!

8 Загрязнен источник? Обновите водопровод! Улучшайте Сеть Передачи Данных Миф #3 Утечка информации происходит на сетевом уровне

9 Безопасность конечного устройства Миф #4 Вы можете защитить оконечное устройство!

10 Используйте сильные пароли! Миф #5 Разные пароли – более безопасны

11 Увеличение возможностей для атак Растущее предприятие

12 Мифы и Реальности Программисты пишут идеальное ПО Ограниченное число простых сценариев Доступа Утечка данных происходит на Сетевом Уровне Вы можете защитить оконечные устройства Пользователи работают в безопасной среде Программисты пишут ПО с ошибками Существует много сценариев Доступа 75% Утечки Данных происходит на Уровне Приложений Безопасный Доступ - Существует Пользователи работают во враждебной среде VS

13 Citrix: Безопасность – неотъемлимая часть дизайна продуктов Контроль Доступа пользователя Единый Безопасный Путь Защита Приложений Пользователи Приложения

14 Виртуализация Приложений Пользователи Приложения

15 Доставка Web Приложений Пользователи Приложения

16 Стриминг Приложений Пользователи Приложения

17 Единый Безопасный Путь Пользователи Приложения

18 Зоны Безопасности Зона Доверия Зоны Недоверия Данные и Приложения Пользователи Anti-spam Anti-virus Firewall VPN Проблема: Небезопасный пользователь (Вирус на Laptop) Пользователи Проблема: Разрешенный пользователь (Telecommuter)

19 Опеспечение безопасного доступа Зона Доверия Зоны Недоверия Пользователи Пользователь не прошел проверку по безопасности оконечного устройства Anti-spam Anti-virus Firewall Данные и Приложения Access Gateway WiFi

20 SmartAccess («Умный Доступ») Проверка Оконечного устройства AСценарий Доступа Какой пользователь Гранулированный Доступ Контроль правами доступа Edit View OnlyPrint Save

21 Управление паролями - Сильная Аутентификация - Повышение производительности - Возможности самостоятельного управления/обнуления 9X1CA523U KEVIN Single Sign-On

22 Пользователи Претворяем Видение Безопасности в жизнь Приложения Централизация Серверов, Приложений,Данных Подход ко всем пользователям, как к «внешним» Контроль Доступа к Приложениям Управление и кодирование информации, покидающей границы ЦОДа Прозрачность из конца в конец, аудит, статистика

23 CPS CSS Web Apps Application Firewall Access Gateway Advanced Access Control Password Manager Пользователи Приложения Citrix Инфраструктура

24 Best Access Experience. Anytime. Anywhere.

25 Представительство Citrix Systems в России и СНГ Сергей Борисович Кузнецов sergey.kuznetsov@eu.citrix.com +7 495 937 8249 Офис в Москве +7 985 761 3757 Мобильный Вопросы и Ответы

26 Интересный материал “ Citrix : Защита данных ” http://citrix.com/English/ps2/segments/h/docu ments_onecat.asp?contentid=23559&cid=W hite+Papers

Download ppt "Конференция IT Energy, 27 – 30 Ноября 2006 Предотвращение утечки Корпоративной Информации Сергей Кузнецов Представительство Citrix Systems International."

Similar presentations

Benefits of CA Technology & HVB Bank Romania Study Case Bucharest, May 31, 2005.

Benefits of CA Technology & HVB Bank Romania Study Case Bucharest, May 31, 2005.
. 15 Patches / 32 Vulns – 9 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS10-046 - Windows.

. 15 Patches / 32 Vulns – 9 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.
PREVIOUS GNEWS. 13 Patches – 5 Critical Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS10-003.

PREVIOUS GNEWS. 13 Patches – 5 Critical Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS
XP Browser and E-mail Basics1. XP Browser and E-mail Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.

XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
Origins of the Internet The Internet was started as a research project sponsored by the Advanced Research Projects Agency (ARPA) within the U.S. Dept.

Origins of the Internet The Internet was started as a research project sponsored by the Advanced Research Projects Agency (ARPA) within the U.S. Dept.
Introduction to Web Application Architectures Web Application Architectures 18 th March 2005 Bogdan L. Vrusias

Introduction to Web Application Architectures Web Application Architectures 18 th March 2005 Bogdan L. Vrusias
1 Computing for Todays Lecture 22 Yumei Huo Fall 2006.

1 Computing for Todays Lecture 22 Yumei Huo Fall 2006.
Interpret Application Specifications

Interpret Application Specifications
Chapter 4 Application Security Knowledge and Test Prep

Chapter 4 Application Security Knowledge and Test Prep
Browser and E-mail Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.

Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
Server 2008 Terminal Services and Remote Desktop Services Basic application access is possible without Citrix, and Server 2008 R2 adds on some key features.

Server 2008 Terminal Services and Remote Desktop Services Basic application access is possible without Citrix, and Server 2008 R2 adds on some key features.
SP2 Mikael Nystrom. Agenda Översikt Installation.

SP2 Mikael Nystrom. Agenda Översikt Installation.
Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.

Review of February 2013 Bulletin Release Information - 12 New Security Bulletins - One Updated Security Advisory - Microsoft Windows Malicious Software.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Application Architecture

Application Architecture
To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in Live Meeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
© 2005,2006 NeoAccel Inc. Training Access Modes. © 2005,2006 NeoAccel Inc. Agenda 2. Access Terminals 6. Quick Access Terminal Client 3. SSL VPN-Plus.

© 2005,2006 NeoAccel Inc. Training Access Modes. © 2005,2006 NeoAccel Inc. Agenda 2. Access Terminals 6. Quick Access Terminal Client 3. SSL VPN-Plus.
2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.
Microsoft October 2004 Security Bulletins Briefing for Senior IT Managers updated October 20, 2004 Marcus H. Sachs, P.E. The SANS Institute October 12,

Microsoft October 2004 Security Bulletins Briefing for Senior IT Managers updated October 20, 2004 Marcus H. Sachs, P.E. The SANS Institute October 12,
1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.

1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.

Similar presentations

Ads by Google