ePolicy Orchestrator 4.0 with Security RiskManagementMohamed A. Shishtawy© 2007 McAfee, Inc.
Security Risk Management withePolicy Orchestrator
Module Topics   • Security Risk Management with ePO           – SRM Model           – Centralized Security Management     ...
Security Risk Management                                                              SRM Model                          ...
Protecting The Enterprise   • The Challenge            –    Identify & group assets            –    Determine risk        ...
Identify & Group Assets   •   Import known machines from a browse list   •   Synchronize with Active Directory   •   Detec...
Determine Risk   • Monitor threat events and propagation   • Determine infection and outbreak source   • Provide Automatic...
Protect And Block Threats   •   Ensure correct configuration   •   Enforce security policy   •   Maintain and update prote...
Measure Compliance  •   Report on coverage and protection levels  •   Determine compliance to anti-virus policy  •   Deter...
Centralized System Security Management                                                                             SRM Mo...
Feature Management  • ePolicy Orchestrator manages products through:           – Product deployment           – Configurat...
Architecture And Communication                                                                                     Agent H...
Check Your Understanding  Choose the correct answer(s):  What are the four primary stages of the Security Risk   Managemen...
Check Your Understanding  Choose the correct answer(s):  What are the four primary stages of the Security Risk   Managemen...
ePolicy Orchestrator 4.0 with Security   RiskManagementMohamed A. Shishtawy© 2007 McAfee, Inc.
Security Risk Management- moeshesh
Upcoming SlideShare
Loading in …5
×

Security Risk Management- moeshesh

1,059 views
776 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,059
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security Risk Management- moeshesh

  1. 1. ePolicy Orchestrator 4.0 with Security RiskManagementMohamed A. Shishtawy© 2007 McAfee, Inc.
  2. 2. Security Risk Management withePolicy Orchestrator
  3. 3. Module Topics • Security Risk Management with ePO – SRM Model – Centralized Security Management – Components & Architecture Security Risk Management with ePolicy Orchestrator Module 1 - 3 © 2009 McAfee, Inc. All rights reserved.
  4. 4. Security Risk Management  SRM Model • Centralized Management • Components & Architecture • Machine import Identify & • Machine discovery group assets • Rogue detection • Infection reporting • Measure Determine vulnerability risk • Notification • Configuration Protect and • Enforcement block • Maintenance • Coverage reporting • Compliance reporting Measure • System compliance compliance • McAfee NAC Security Risk Management with ePolicy Orchestrator Module 1 - 4 © 2009 McAfee, Inc. All rights reserved.
  5. 5. Protecting The Enterprise • The Challenge – Identify & group assets – Determine risk – Protect and block threats – Measure compliance Security Risk Management with ePolicy Orchestrator Module 1 - 5 © 2009 McAfee, Inc. All rights reserved.
  6. 6. Identify & Group Assets • Import known machines from a browse list • Synchronize with Active Directory • Detect Rogue Systems • Group machines according to management needs • Assign policies on a generic or granular level Security Risk Management with ePolicy Orchestrator Module 1 - 6 © 2009 McAfee, Inc. All rights reserved.
  7. 7. Determine Risk • Monitor threat events and propagation • Determine infection and outbreak source • Provide Automatic Responses to rule infringement Security Risk Management with ePolicy Orchestrator Module 1 - 7 © 2009 McAfee, Inc. All rights reserved.
  8. 8. Protect And Block Threats • Ensure correct configuration • Enforce security policy • Maintain and update protection • Respond to rule intrusion Security Risk Management with ePolicy Orchestrator Module 1 - 8 © 2009 McAfee, Inc. All rights reserved.
  9. 9. Measure Compliance • Report on coverage and protection levels • Determine compliance to anti-virus policy • Determine compliance to system policy • Roll-up reporting across multiple ePO servers Security Risk Management with ePolicy Orchestrator Module 1 - 9 © 2009 McAfee, Inc. All rights reserved.
  10. 10. Centralized System Security Management  SRM Model  Centralized Mgmt • Components/Architecture ePolicy Automatic Manage only Orchestrator McAfee one policy Server and Download Responses to Master Site Threats framework Repository Consolidate monitoring Product Updates Automatic DAT File Updates and reportingResponses / Threat DatabaseNotification Server Scalability & Rogue Web-based Bandwidth System Consoles savings Remote Secure Detection Agent Bi-directional Sensor Handler Channel Update Repository Product Updates Product Updates DAT File Updates DAT File Updates Policy Updates Threat Events Policy Updates Threat Events Easily discover non-compliant systems Managed Systems with McAfee Agents Managed Systems with McAfee Agents Security Risk Management with ePolicy Orchestrator Module 1 - 10 © 2009 McAfee, Inc. All rights reserved.
  11. 11. Feature Management • ePolicy Orchestrator manages products through: – Product deployment – Configuration management – Update and task configuration – Coverage reporting – Threat Event reporting Security Risk Management with ePolicy Orchestrator Module 1 - 11 © 2009 McAfee, Inc. All rights reserved.
  12. 12. Architecture And Communication Agent HandlerMcAfee Agent APACHE Event Parser Service ServiceFramework Service HTTP 80 MasterUDP 8081 Repository UDP 8082 TCP 8081 DAL HTTP 8080 ePO Server Application Server Network Database (TOMCAT) Console UI Rogue HTTPS 8443 Notification Sensor System Rogue System HTTPS 8444 Sensor Security Risk Management with ePolicy Orchestrator Module 1 - 12 © 2009 McAfee, Inc. All rights reserved.
  13. 13. Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect • Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 13 © 2009 McAfee, Inc. All rights reserved.
  14. 14. Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect  Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 14 © 2009 McAfee, Inc. All rights reserved.
  15. 15. ePolicy Orchestrator 4.0 with Security RiskManagementMohamed A. Shishtawy© 2007 McAfee, Inc.

×