Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unify and Simplify: Security Management

Published byElmer Gaines Modified over 8 years ago

Similar presentations

Presentation on theme: "Unify and Simplify: Security Management"— Presentation transcript:

1 Unify and Simplify: Security Management http://www.sonofnights.com

2 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 2 Evolution of Security Management Time 1 st Generation Gates, Guns, Guards 2 nd Generation Reactive Security 3 rd Generation Security as an Enabler 4 th Generation Proactive Security Management Accountability Align Security With Business http://www.sonofnights.com

3 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 3 Imperatives for IT: The Challenge Technology Drivers -Growth in numbers e.g. storage, security threats -Proliferation of devices -Distributed enterprise -Cost control -Infrastructure change & complexity Business Drivers -Regulatory compliance -Responsiveness -Investment ROI -Business dependence -Outsourcing -Change in business process Manage Risk Improve Service Align IT Investments Manage Cost Goal: Unify & Simplify the Management of IT http://www.sonofnights.com

4 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 4 CA ’ s Vision Enterprise IT Management (EITM) is CA’s vision for how to unify and simplify the management of enterprise-wide IT Application Environments Assets Users Business Processes IT Services Manage and Secure UnifySimplify http://www.sonofnights.com

5 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 5 EITM – Unify and Simplify It All Business Service Optimization Security Management Storage Management Enterprise Systems Management Application Environments Assets Users Business Processes IT Services IT Processes & Best Practices Manage and Secure http://www.sonofnights.com

6 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 6 Security Challenges If most Analysts say that 80% of Attacks come from the inside and 20% from the outside, why is the CSI/FBI 2005 Study showing nearly similar values, constantly over 6 years ? Reason: No Security Sensors and Information Management on the inner perimeter, maybe also no inner perimeter ? http://www.sonofnights.com

7 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 7 Security Challenges It used to be “simple” - stop attacks  New challenge: -Understanding the impact of security to business  Service Continuity  Efficiently manage identities and their access to assets  Make applications more secure – deep within the application and across the transaction  Enforce business policies  Comply with industry and government regulations Security Needs to be Managed http://www.sonofnights.com

8 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 8 Security Challenges

9 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 9 Security Managed http://www.sonofnights.com

10 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 10 Security Needs to be Managed SSO Access Management Authentication Policy Management Reporting Web Services Password Management Authorization Provisioning Virus Protection Asset Discovery & Classification Event Collection Anti-Spam Spyware Prevention Gateway Protection Firewall Protection Malware Protection Scan & Clean Proactive Management Federation Forensics Compliance Mapping Correlation Vulnerability Assessment http://www.sonofnights.com

11 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 11 Security Needs to be Managed SSO Access Management Authentication Policy Management Reporting Web Services Password Management Authorization Provisioning Virus Protection Asset Discovery & Classification Event Collection Anti-Spam Spyware Prevention Gateway Protection Firewall Protection Malware Protection Scan & Clean Proactive Management Federation Forensics Compliance Mapping Correlation Vulnerability Assessment Asset Discovery & Classification Event Collection Vulnerability Assessment Correlation Forensics Compliance Mapping Policy Management Reporting Virus Prevention Spyware Prevention Anti-Spam Gateway Protection Authentication Authorization Federation Web Services Provisioning Password Management SSO Access Management Firewall Protection Scan and Clean Malware Protection Proactive Management http://www.sonofnights.com

12 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 12 Security Managed Complete Security Management http://www.sonofnights.com

13 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 13 Strategy for Success  Enables organizations to clearly understand: -Who has access to what within their IT environment? -What is happening in that environment? -What actions need to be taken based on this information? Security Management http://www.sonofnights.com

14 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 14 Strategy for Success Our goal is to deliver complete, integrated and open solutions for: – Identity and Access Management – Security Information Management – Threat Management To enable organizations to achieve: – Risk Management – Asset Protection – Business Enablement – Regulatory Compliance – Service Continuity – Cost Management Security Management http://www.sonofnights.com

15 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 15 Our Vision To Unify and Simplify It All Security Management Enterprise Systems Management Business Service Optimization Storage Management Application Environments Assets Users Business Processes IT Services Manage and Secure IT Processes & Best Practices http://www.sonofnights.com

16 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 16 http://www.sonofnights.com

17 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 17 Finance Sector  A key to Basel II conformance is strong, effective internal IT controls, which can yield lower operational risk.  An complete, integrated identity management compliance infrastructure can improve IT controls, and can therefore have significant direct financial benefits.  Specifically, Basel II includes requirements for: -Access rights administration -Authentication -Network Access -Operating System Access -Remote Access -Logging and data collection http://www.sonofnights.com

18 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 18 Finance Sector Employees Contractors Customers Partners Supply chain Internet Intranet IdentityAdministrationProvisioningAccessManagementAuditing/Monitoring Help Desk HR System Physical Assets PlatformApplication Common roles, policies, reporting, workflow Enterprise Infrastructure Event Logs Directory Systems System Services Mainframes System files SCM ERP SAP Custom Mobile phone Badges PDA Telephone http://www.sonofnights.com

19 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 19 Finance Sector Platform Components Platform Category ProductCompliance Capabilities Identity Management & Provisioning Identity Manager  Delegated admin & self service of user identities  Centralized entitlement management  Approval & notification workflows  Immediate termination of access rights  Identifies and corrects “separation of duties” violations  Role-based allocation of resources Access Management SiteMinder Access Control ACF2, TopSecret CA-Cleanup  Authentication management  Centralized control of user access (authorization)  Role-based access control for protected files, and system services  Access control for Super-user privileges  Host intrusion prevention  Control of access to protected mainframe resources  Automated, continuous and unattended security file cleanup  Identifies user accounts (access rights) that are unused MonitoringSCC Audit  Centralized real-time collection and reporting of access control events from network, systems and applications  Asset value based vulnerability analysis and event correlations  Policy based filtering, correlation and alerting  Network, systems, and application level auditing and reporting http://www.sonofnights.com

20 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 20 Healthcare Sector  Has to protect clients (patients-) data  Conformance to HIPAA or similar Regulations  Specifically, these Regulations include requirements for: -Access rights administration -Authentication -Network Access -Operating System Access -Remote Access -Logging and data collection http://www.sonofnights.com

21 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 21 Healthcare Sector Employees Contractors Customers Partners Supply chain Internet Intranet IdentityAdministrationProvisioningAccessManagementAuditing/Monitoring Help Desk HR System Physical Assets PlatformApplication Common roles, policies, reporting, workflow Enterprise Infrastructure Event Logs Directory Systems System Services Mainframes System files SCM ERP SAP Custom Mobile phone Badges PDA Telephone http://www.sonofnights.com

22 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 22 Healthcare Sector Platform Components Platform Category ProductCompliance Capabilities Identity Management & Provisioning Identity Manager  Delegated admin & self service of user identities  Centralized entitlement management  Approval & notification workflows  Immediate termination of access rights  Identifies and corrects “separation of duties” violations  Role-based allocation of resources Access Management SiteMinder Access Control ACF2, TopSecret CA-Cleanup  Authentication management  Centralized control of user access (authorization)  Role-based access control for protected files, and system services  Access control for Super-user privileges  Host intrusion prevention  Control of access to protected mainframe resources  Automated, continuous and unattended security file cleanup  Identifies user accounts (access rights) that are unused MonitoringSCC Audit  Centralized real-time collection and reporting of access control events from network, systems and applications  Asset value based vulnerability analysis and event correlations  Policy based filtering, correlation and alerting  Network, systems, and application level auditing and reporting http://www.sonofnights.com

23 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 23 Oil & Gas Sector  Are belonging worldwide to the critical Infrastructure.  An complete, integrated identity management compliance infrastructure is a must in IT controls as they are targets in several ways (physically & digital).  Specifically, this includes requirements for: -Access rights administration -Authentication -Network Access -Operating System Access -Remote Access -Logging and data collection http://www.sonofnights.com

24 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 24 Oil & Gas Sector Employees Contractors Customers Partners Supply chain Internet Intranet IdentityAdministrationProvisioningAccessManagementAuditing/Monitoring Help Desk HR System Physical Assets PlatformApplication Common roles, policies, reporting, workflow Enterprise Infrastructure Event Logs Directory Systems System Services Mainframes System files SCM ERP SAP Custom Mobile phone Badges PDA Telephone http://www.sonofnights.com

25 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 25 Oil & Gas Sector Platform Components Platform Category ProductCompliance Capabilities Identity Management & Provisioning Identity Manager  Delegated admin & self service of user identities  Centralized entitlement management  Approval & notification workflows  Immediate termination of access rights  Identifies and corrects “separation of duties” violations  Role-based allocation of resources Access Management SiteMinder Access Control ACF2, TopSecret CA-Cleanup  Authentication management  Centralized control of user access (authorization)  Role-based access control for protected files, and system services  Access control for Super-user privileges  Host intrusion prevention  Control of access to protected mainframe resources  Automated, continuous and unattended security file cleanup  Identifies user accounts (access rights) that are unused MonitoringSCC Audit  Centralized real-time collection and reporting of access control events from network, systems and applications  Asset value based vulnerability analysis and event correlations  Policy based filtering, correlation and alerting  Network, systems, and application level auditing and reporting http://www.sonofnights.com

26 Copyright ©2006 CA. All rights reserved. All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 26 Telco, Utilities, Transportation  All these sectors can use the Oil & Gas Slides, just exchange the Sector Title.  Utilities are: Power, Water, Gas Distribution Companies or Organisations who deliver Energy to the public and therefore belonging worldwide to the critical infrastructure.  Transportation on high scale also belongs to the critical infrastructure. http://www.sonofnights.com

Download ppt "Unify and Simplify: Security Management"

Similar presentations

THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.

THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.
BalaBit Shell Control Box

BalaBit Shell Control Box
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.

Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.
ETrust End to End Security Management Bernd Dultinger Sales Manager South CEE & Turkey.

ETrust End to End Security Management Bernd Dultinger Sales Manager South CEE & Turkey.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Enhancing Productivity & Lowering Costs with CA Management Software Case study Zürcher Kantonalbank (ZKB)

Enhancing Productivity & Lowering Costs with CA Management Software Case study Zürcher Kantonalbank (ZKB)
Security Controls – What Works

Security Controls – What Works
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.

Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Is Your IT Out of Alignment? Chargeback and Billing with Parallels Automation Brian Shellabarger, Chief Architect - SaaS.

Is Your IT Out of Alignment? Chargeback and Billing with Parallels Automation Brian Shellabarger, Chief Architect - SaaS.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.

Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
© 2004-2014. Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Similar presentations

Ads by Google