Integrated Solutions Security Presentation


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Integrated Solutions Security Presentation

  1. 1. Intrusion Detection and Prevention
  2. 2. Security is one of the most important aspects of any network. You could have one of the most solid and sophisticated networks in the world, but without a secure network protecting your businesses critical data it would be considered stone-age by today's standards. Without awareness, policies, software, hardware and updated technologies to combat today's threats, you are leaving yourself and your business accessible and vulnerable to an endless possibility of nightmares. A network without security is like storing all your money under your pillow instead of the bank.
  3. 3. <ul><li>What is an Intrusion? </li></ul><ul><li>Any unauthorized access or attempted access to a computer or network System </li></ul><ul><li>Network Intrusions Come in Many Different Ways. </li></ul><ul><li>Virus (Such as an e-mail attachment) </li></ul><ul><li>Vulnerable Service (Such as Microsoft FTP) </li></ul><ul><li>Network Sniffing (Watching Traffic on the Net) </li></ul><ul><li>Physical Access to a computer </li></ul><ul><li>Many Many More </li></ul>
  4. 5. <ul><li>Some of the Ways to Secure your Investment </li></ul><ul><li>Firewalls </li></ul><ul><ul><li>Firewall protection security system is a must if you are connected to the world-wide-web. Without a professionally configure firewall you are allowing yourself to be wide open for unwanted hackers to port scan and enter your network and access your system and data without your knowledge. </li></ul></ul><ul><li>IDS Systems </li></ul><ul><ul><li>Monitoring network activity is an important responsibility for network administrators, and is key to any security program. Those responsible for network security must monitor their networks with their security policy in mind, so that any violation of the policy will be detected and some action initiated when violations are detected. Intrusion detection systems (IDS's) provide security administrators with tools to monitor, detect and respond to security related incidents on the network. </li></ul></ul>
  5. 6. <ul><li>Some of the Ways to Secure your Investment (Cont) </li></ul><ul><li>IPS Systems </li></ul><ul><ul><li>An IPS has the ability to block attacks in real time. Where traditional IDSs passively monitor traffic by sniffing packets off a switch port, IPSs sit inline and actively intercept and forward packets. Through inline deployment, IPSs can drop packets or deny connections based on policy settings. Traditional IDSs have limited response mechanisms, such as resetting TCP connections or requesting a firewall rule change. </li></ul></ul>
  6. 8. Basic Firewall System
  7. 9. Basic IDS System
  8. 10. Active IDS System
  9. 11. Wide Area Network IDS System
  10. 12. Basic IDP System
  11. 13. E-Commerce / Internet Banking IDS System
  12. 14. Integrated Solutions Hosted Intrusion Detection System
  13. 15. <ul><li>Where Should I Start? </li></ul><ul><li>Information Security Officer </li></ul><ul><ul><li>The first step is to assign one person to be your assigned Information Security Officer. Whether that person is a member of your organization or a contractor, you need to have on person to head up this task. One of the biggest security risks to many businesses currently is not having centralized information. </li></ul></ul>
  14. 16. <ul><li>Network Risk Assessment </li></ul><ul><ul><li>The second step is to evaluate your existing network. In most cases it is possible to design a security plan that will protect the network you already have in place. To do this you must understand how and why your network is configured the way that it is. You need to know where your critical data is stored, who and what should have access to this data. Most importantly, you need to know how this data can be accessed. This is usually done in three phases </li></ul></ul><ul><ul><ul><li>Information Gathering </li></ul></ul></ul><ul><ul><ul><li>Analyze Information </li></ul></ul></ul><ul><ul><ul><li>Prioritize Responses </li></ul></ul></ul>
  15. 17. <ul><li>Security Implementation </li></ul><ul><ul><li>Now that the assessment is done, it is time to start putting the pieces together. It is time to take the information that has been gathered and fit it to a solution that will compliment your current system. </li></ul></ul><ul><ul><li>This includes the following items: </li></ul></ul>
  16. 18. <ul><li>Security Implementation </li></ul><ul><li>Logical and Administrative Access Control </li></ul><ul><li>Access Rights Administration </li></ul><ul><li>Authentication </li></ul><ul><li>Network Access </li></ul><ul><li>Operating System Access </li></ul><ul><li>Application Access </li></ul><ul><li>Remote Access </li></ul><ul><li>Encryption </li></ul><ul><li>Encryption Key Management </li></ul><ul><li>Controls to Protect Against Malicious Code </li></ul><ul><li>Systems Development, Acquisition, and Maintenance </li></ul><ul><li>Host and User Equipment Acquisition and Maintenance </li></ul><ul><li>Training </li></ul><ul><li>Electronic Media Handling </li></ul><ul><li>Intrusion Detection and Response </li></ul><ul><li>Business Continuity Considerations </li></ul>
  17. 19. <ul><li>Security Testing </li></ul><ul><li>The next step in the process is security testing. As new vulnerabilities are constantly emerging with new technology, it is important to test your systems on a regular basis. This will allow you to verify that the system is working as designed as well as make sure you are on top of the newest exploit. </li></ul><ul><li>These test should include: </li></ul><ul><li>Penetration Testing </li></ul><ul><li>Audits </li></ul><ul><li>Assessments </li></ul>
  18. 20. Monitoring and Updating The last step in the process is Monitoring and Updating. This is a process that will need to be done ongoing to insure that your system works as it is supposed to. If you do not update the server to watch for the newest exploits and look at the information that it gives you, you are allowing access to your systems as if there is no security at all.
  19. 21. How can Integrated Solutions Help? Integrated Solutions, Inc. assists you to ensure that your network systems reliably support and execute mission-critical business operations. From network security infrastructure implementation to customized security solutions, Integrated Solutions, Inc. enhances network operations through proven, business-focused solutions. Integrated Solutions, Inc. can Plan, build, or maintain a robust, scalable, and reliable network security infrastructure solution that supports business initiatives and performance requirements. Integrated Solutions, Inc. can help you protect assets with security solutions tailored to your specific requirements. From state-of-the-art penetration testing to firewall and Intrusion Detection integration, Integrated Solutions, Inc. Consulting Services can design and implement a security solution for the financial industries requirements and your business model.
  20. 22. Integrated Solutions 5002 South 114 th Street Suite 100 Omaha, NE. 68137 [email_address]