• Like
  • Save
Information Security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Information Security

  • 1,116 views
Published

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,116
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Information Security Taarak India Private Limited By Mohit Shukla – [email_address] Harsh Bhasin – harsh@taarak.com
  • 2. About Taarak India
    • Founded in November 2001
    • Committed to provide Information Security Solutions & Services
    • Certifications Cisco, Checkpoint, Nokia, RSA, McAfee, Microsoft
    • Customer Vertical Software, BPO, KPO, PSU, Automobile,
    • Finance, Media, Construction, Stock Trade and many more…….
    • Team size 35
  • 3. Our Solution Addresses
      • Confidentiality
        • Ensuring that information is accessible only to those authorized to have access
      • Integrity
        • Safeguarding the accuracy and completeness of information and processing methods
      • Availability
        • Ensuring that authorized users have access to information and associated assets when required
  • 4. Agenda
    • Risk to Information
    • Information Security Management
    • Technology Challenges
          • Attack Prevention
          • Bandwidth Availability & Optimization
          • Data Security
          • Log Management & Correlation
          • System Management
  • 5. Risk to Information
  • 6. Headlines
  • 7. Protect Information “ Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected .”
  • 8. Information Security Management
  • 9. What is Information Security
      • Confidentiality
        • Ensuring that information is accessible only to those authorized to have access
      • Integrity
        • Safeguarding the accuracy and completeness of information and processing methods
      • Availability
        • Ensuring that authorized users have access to information and associated assets when required
  • 10. Information Security Management System: ISO/IEC 27001
  • 11. Attack Prevention Intrusion Prevention System
  • 12. History and Future of Attacks
    • Increased number and complexity
    • Targets are evolving:
      • Consumers to…
      • Businesses to…
      • Nations
    Source: IDC, ICSA, CERT, CSI/FBI 0 1.0 1.5 2.0 Malicious Infection Attempts Network Intrusion Attempts 0 25 50 75 100 125 150 Network Intrusion Attempts Malicious Infection Attempts (M) Polymorphic Viruses Zombies Mass Mailer Viruses (Love Letter/Melissa) Denial of Service (Yahoo!, eBay) Blended Threats (CodeRed, Nimda) Spam, Phishing, Spyware (MyDoom, Sasser) (K) . 5 1995 1995 1997 1998 1999 2000 2001 2002 2003 2004 Corporate Data Theft (CardSystems TitanRain) Data Theft is latest target
  • 13. Vulnerabilities & Attack More vulnerabilities = higher likelihood of attack Faster attacks = less time to react
  • 14. Purpose-built for Evolving Threat Environment Pre-2005
    • Worms
    • DoS/DDoS
    • Server Exploits
    2005 EMERGING
    • Spyware
    • Web Client Attacks
    • VoIP-based vulnerabilities
    • Sophisticated DoS attacks
    • P2P
    • Early Infrastructure vulnerability
    • Proactive
    • Broad attack prevention
    • Infrastructure protection
    • Prioritized blocking with Risk-Aware IPS
    • Known attack protection
    • Zero-day protection
    • DoS Protection
    • Built-in spyware protection
    • Built-in malware protection
    • VoIP vulnerability protection
    • Next-gen DoS
    • Unknown
    • Rapid
    • Prolific
    • Encrypted attacks?
    • VoIP attacks?
    • Distributed Botnet attacks
    • Advanced Botnet DoS/DDoD attacks
    • Spyware-based Root kits?
    • Evolving Infrastructure attacks?
    Evolving Threat Landscape Evolving Protection IntruShield
  • 15. McAfee IntruShield IPS—Proven Security Industry’s Most Comprehensive, Accurate and Scalable IPS Solution Most Accurate Proven Detection
    • Multiple detection engines
    • Proven accuracy maximizes network availability
    • Complete protocol analysis for absolute protection
    • Intelligent blocking with Risk-Aware IPS
    Most Scalable Flexible & Manageable
    • Out-of-the-box default blocking for ease-of-use
    • Virtual IPS + Firewall for flexible policy enforcement
    • Industry’s highest Gigabit port-density appliances
    • Compelling price/benefit and low TCO for all network environments
    • Proactively prevents known, zero-day & DDoS attacks
    • Built-in Spyware, malware & Botnet protection
    • VoIP vulnerability & infrastructure protection
    • Stops encrypted threats
    Most Comprehensive Broad Protection
  • 16. McAfee Network Security Deployment IntruShield—Network IPS
    • Deployed at network core, edge and remote office
    • Blocks attacks on the wire
    • Protects critical infrastructure
    • Blocks botnet, VoIP & encrypted threats
    Secure Web Gateway
    • Comprehensive spyware
    • Blocks viruses & malware
    • URL filtering
    • Content policy enforcement
    Web Server Switch Database User Desktops INTERNET Mail Server
  • 17. Technology Challenges Bandwidth Optimization & Availability
  • 18. Bandwidth Challenges
    • Today organizations have invested heavily on the bandwidth to connect offices which are spread over multiple geographical locations.
    • But at the same time it has been seen that they are unable to get maximum return out of this investment.
    • The biggest challenge to them is visibility and optimum usage of deployed bandwidth.
    • Bandwidth Visibility = Application, Users & Usage
  • 19. Packteer PacketShaper
    • Monitoring Module - Identify and classify applications with Layer 7
    • Plus technology. Get the information you need to solve application
    • performance issues.
    • Shaping Module - Fix critical application performance issues by allocating
    • bandwidth to ensure applications perform.
    • Compression Module - Create more bandwidth from existing physical links
    • and enhance the user experience.
    • Acceleration Module
    • Speed the performance of applications slowed by WAN latency.
  • 20. Bandwidth & Application Availability
    • Business today rely on their Internet connections & applications. Problems such as connection outage and overloaded application servers can occur anywhere at anytime.
    • That's why most enterprises maintain multiple Internet connections & servers. At the same it increases the complexity of management and optimum usage.
  • 21. F5 BIG-IP Platform
    • F5 BIG-IP delivers
    • High Availability – Link Controller
    • Improved performance
    • Application Load Balancing – Local Traffic Manager
    • http://www.f5.com/products/big-ip/
  • 22. Technology Challenges Data Security
  • 23. IT Security Today
    • Risk is inevitable, but must be anticipated & mitigated
    • Computing devices are lost & stolen every day
    • Intrusions & breaches are on the rise
    • Passwords become weaker as code crackers proliferate
    • One laptop might contain:
    1,000 files 700 valuable documents 8 quarters of financial records 200 proprietary, confidential files 10,000 customer records
  • 24. PGP Solutions
    • A typical day at work…secured by PGP solutions
    In the back office
    • Batch process
    • FTP
    • Backups
    Customers
    • Email
    In the office
    • Email
    • IM
    • Send files
    On the road
    • Laptop
    • Send files
    Partners
    • Laptop
    • Email
    • IM
    • Send files
    PGP Universal Series PGP Whole Disk Encryption for Enterprises PGP Desktop Professional PGP Command Line PGP Global Directory PGP Universal Web Messenger
  • 25. Technology Challenges Log Collection , Correlation & Incident Management
  • 26. The Enterprise Today Mountains of data, many stakeholders How to collect & protect all the data necessary to build a platform for compliance and security operations How to analyze and manage all the data to transform the information into actionable knowledge and intelligence Router logs IDS/IDP logs VPN logs Firewall logs Switch logs Windows logs Client & file server logs Wireless access logs Windows domain logins Oracle Financial Logs San File Access Logs VLAN Access & Control logs DHCP logs Linux, Unix, Windows OS logs Mainframe logs Database Logs Web server activity logs Content management logs Web cache & proxy logs VA Scan logs Configuration Control Lockdown enforcement Access Control Enforcement Privileged User Management Malicious Code Detection Spyware detection Real-Time Monitoring Troubleshooting Unauthorized Service Detection IP Leakage False Positive Reduction User Monitoring SLA Monitoring
  • 27. Solution: RSA enVision An Information Management Platform … Compliance Operations Security Operations Access Control Configuration Control Malicious Software Policy Enforcements User Monitoring & Management Environmental & Transmission Security Access Control Enforcement SLA Compliance Monitoring False Positive Reduction Real-time Monitoring Unauthorized Network Service Detection More… All the Data Log Management Any enterprise IP device – Universal Device Support (UDS) No filtering, normalizing, or data reduction Security events & operational information No agents required … For Compliance & Security Operations Server Engineering Business Ops. Compliance Audit Application & Database Network Ops. Risk Mgmt. Security Ops. Desktop Ops. Report Alert/Correlation Incident Mgmt. Log Mgmt. Asset Ident. Forensics Baseline
  • 28. RSA enVision A Platform for Security Operations = Most critical = Highly desired = Desired Security Objective Security Environment Product Capabilities
    • Log Management
    • Asset Identification
    • Baseline
    • Report & Audit
    • Alert / Correlate
    • Forensic Analysis
    • Incident Management
    • Proof of delivery
    • Monitor against baselines
    SLA Compliance Monitoring
    • Shutdown rogue services
    • Intellectual property leakage
    Unauthorized Network Service Detection
    • External threat exposure
    • Internal investigations
    Watchlist Enforcement
    • Watch remote network areas
    • Consolidate distributed IDS alerts
    Correlated Threat Detection
    • Confirm IDS alerts
    • Enable critical alert escalation
    False Positive Reduction
    • Troubleshoot network & security events
    • “ What is happening?”
    Real-time Monitoring
    • Privileged user monitoring
    • Corporate policy conformance
    Access Control Enforcement Internal Systems & Applications eCommerce Operations Perimeter Network Operations
  • 29. Advantages with RSA enVision
    • RSA enVision is capable of providing monitoring features like:
    • Failed authentication activities at server, networking and security device level.
    • Configuration changes in devices like firewalls, windows account creation/deletion etc.
    • System Failures,
    • Top machines generating virus traffic.
    • Users utilizing maximum network Bandwidth
    • Unauthorized access of systems by partners for outsourced work.
    • Monitoring as specified in compliance standards like IS027002, SOX etc.
    • Changes/ access attempts to access home grown/custom applications.
    • Forensics of an old events
    • Trace of user activity
    • Network Traffic patters.
  • 30. RSA enVision Transformation of Data into Actionable Intelligence Over 800 reports for regulatory compliance & security operations Dashboards
  • 31. Technology Challenges System Management
    • Inventory
    • Patch Management
    • Software Deployment
    • Configuration Management
  • 32. IT Challenges
    • IT Organizations face a challenging economic and technical environment.
    • The need to contain costs is an absolute necessity. Today, doing more with less
    • has become a necessity.
    • Yet the demand for continuous systems availability and reliability continues to
    • increase exponentially.
    • The reality continues to be limited IT Staff / limited IT Budget
      • Gartner Group estimates that 78% of IT budgets are spent on maintaining existing systems
        • Availability
        • Security
        • Performance
        • Problem and Change Management
    • The above environment can make the secure configuration management of the
    • IT Infrastructure complex and time consuming without the right tools for the
    • job.
  • 33. System Management Challenges
    • Count of Systems in use
    • Application deployed in the network
    • Operating System deployed & its count
    • System misuse by end user
    • Hardware inventory
    • System Vulnerabilities
  • 34. Next Generation Configuration Management http://www.newboundary.com Software Management Streamlines software deployment, configuration, and remediation tasks Patch Management Eliminates software vulnerabilities to secure networked computers Asset Management View and manage the software and hardware assets Policy Management Monitor and enforce security policies automatically Dynamic Configuration Management
  • 35. New Boundary Technologies CONFIDENTIAL INFORMATION New Boundary Prism Suite http://www.newboundary.com Gives administrators control through real-time, intelligent insight into the state of networked systems so they can create and enforce standard desktop configurations for their organization. A Real Benefit for an organization
  • 36. Our Services
    • Security Resident Engineer
    • Solution Implementation & Support
    • Network Security Trainings
    • Security Implementation
    • Information Assurance Services
    • (Vulnerability Assessment, Penetration Testing, ISO/IEC 27001 Implementation)
  • 37. Question & Answer