Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong."— Presentation transcript:

1 Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong

2 2 Overview Security Management Security management is the process of protecting sensitive information Sensitive information is any data an organisations wants to secure It may include –Payroll data –Customer accounts –Research and development schedules

3 3 Overview Security Management Security management enables network engineers to protect sensitive data by –Limiting access to hosts and network devices –Notifying the engineer of actual breaches

4 4 Overview Security Management It consists of –Identifying the sensitive information to be protected –Finding the access points software services Hardware components Network media –Securing the access points –Maintaining the secure access points

5 5 Overview Security Management Should NOT be confused with –Application security –Operating system security –Physical security

6 6 Benefits of the Security Management Process Primary concern of users –Lack of security for sensitive information located on HOST One solution –Remove network access to host Whilst secure this method is not efficient and removes need for data network altogether Drawbacks of NOT having security management –All users have access to ALL information –What happen if network connects to a public network –Virus and worm attacks

7 7 Accomplishing Security Management Balance required between –Need to secure sensitive information –Needs of users to access information to do their job Security Management involves the following four steps –Identify the sensitive information –Find the access points –Secure the access points –Maintain the secure access points

8 8 Identify the Sensitive Information Determine which hosts on the network have sensitive information –Organisation may have polices on what is considered sensitive Information may relate to –Accounting –Financial –Customer –Market –Engineering –Employees What is defined as sensitive may vary depending on the specific environment Most difficult part may be identifying WHERE the information resides

9 9 Find the Access Points Once you know –What data is considered sensitive –Where the data is located Need to find out how network users access the information Access methods and points may be –Physical –Software

10 10 Find the Access Points Software that accesses the network can potentially access any data on the network Most networks allow for remote login –If remote login doesn’t Identify users uniquely and Limit their movements to authorised areas –This access point needs to be examined

11 11 Find the Access Points File transfer programs –If users cannot be uniquely identified Use needs to be examined or limited Restrict access to onsite DMZs Firewall anonymous FTP

12 12 Find the Access Points Other programs to examine may include –Email –Remote process execution –File and directory servers –Name servers –Web servers

13 13 Find the Access Points Security management can be accomplished by –Hiding information from client systems –Segmenting network into regions Apple zones

14 14 Find the Access Points Leaks may come from –Network analysers –Network management protocols –Network management system Policies may include –Hosts with sensitive information may not also allow anonymous FTP –Personal computer software packages MUST meet security standards before installation

15 15 Secure the Access Points Access points can be secured by –Using encryption at the data link layer –Secure traffic flow by using packet filters at the network layer –On every host use one or more of Host authentication User authentication Key authentication

16 16 Maintain the Secure Access Points Key to maintaining security is the location of actual or potential security breaches –May be done as part of the security audit –Hard to keep current with volume of networking software May use a program itself to check for known security problems May offer a cash prize to first to breach security –Generally offered by company who designed software/hardware

17 17 Attaching to a Public Network Three types of access from a public data network to an organisations network –No access Send and receive email Modem used –Full access –Limited access Small subset of hosts authorised to provide public access service These hosts should be separated with firewall from private zone

18 18 Security Management on a Network Management System Simple –Show where security measures have been set up –Show all security measures applicable to device or host –Query configuration database

19 19 Security Management on a Network Management System More Complex –Include real time application to monitor access points –Query number of breaches using network management tool –Produce reports on breaches –Automatic notification Advanced –Use data to guide network engineers –Examine types of security required –Alerts for repercussions

20 20 Reporting Security Events Audit trails that summarise and report on security Example –Key personnel leaving to go to competition –Remove physical access to network –Remove accounts, change passwords etc –Set up, or confirm, audit trails on device former employee had access to –Look for files application employee may have altered to gain future access

Download ppt "Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong."

Similar presentations

BalaBit Shell Control Box

BalaBit Shell Control Box
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Chapter 12 Network Security.

Chapter 12 Network Security.
N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.

N ETWORK S ECURITY Presented by: Brent Vignola. M ATERIAL OVERVIEW … Basic security components that exist in all networks Authentication Firewall Intrusion.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Accounting Management IACT 918 April 2005 Glenn Bewsell/Gene Awyzio SITACS University of Wollongong.

Accounting Management IACT 918 April 2005 Glenn Bewsell/Gene Awyzio SITACS University of Wollongong.
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Similar presentations

Ads by Google