SlideShare a Scribd company logo

Security Risk Management- moeshesh

Download as PPTX, PDF
Mohamed Shishtawy
Mohamed Shishtawy
TechnologyBusiness
1 of 16
ePolicy Orchestrator 4.0 with Security Risk Management Mohamed A. Shishtawy © 2007 McAfee, Inc.
Security Risk Management with ePolicy Orchestrator
Module Topics • Security Risk Management with ePO – SRM Model – Centralized Security Management – Components & Architecture Security Risk Management with ePolicy Orchestrator Module 1 - 3 © 2009 McAfee, Inc. All rights reserved.
Security Risk Management  SRM Model • Centralized Management • Components & Architecture • Machine import Identify & • Machine discovery group assets • Rogue detection • Infection reporting • Measure Determine vulnerability risk • Notification • Configuration Protect and • Enforcement block • Maintenance • Coverage reporting • Compliance reporting Measure • System compliance compliance • McAfee NAC Security Risk Management with ePolicy Orchestrator Module 1 - 4 © 2009 McAfee, Inc. All rights reserved.
Protecting The Enterprise • The Challenge – Identify & group assets – Determine risk – Protect and block threats – Measure compliance Security Risk Management with ePolicy Orchestrator Module 1 - 5 © 2009 McAfee, Inc. All rights reserved.
Identify & Group Assets • Import known machines from a browse list • Synchronize with Active Directory • Detect Rogue Systems • Group machines according to management needs • Assign policies on a generic or granular level Security Risk Management with ePolicy Orchestrator Module 1 - 6 © 2009 McAfee, Inc. All rights reserved.
Determine Risk • Monitor threat events and propagation • Determine infection and outbreak source • Provide Automatic Responses to rule infringement Security Risk Management with ePolicy Orchestrator Module 1 - 7 © 2009 McAfee, Inc. All rights reserved.
Protect And Block Threats • Ensure correct configuration • Enforce security policy • Maintain and update protection • Respond to rule intrusion Security Risk Management with ePolicy Orchestrator Module 1 - 8 © 2009 McAfee, Inc. All rights reserved.
Measure Compliance • Report on coverage and protection levels • Determine compliance to anti-virus policy • Determine compliance to system policy • Roll-up reporting across multiple ePO servers Security Risk Management with ePolicy Orchestrator Module 1 - 9 © 2009 McAfee, Inc. All rights reserved.
Centralized System Security Management  SRM Model  Centralized Mgmt • Components/Architecture ePolicy Automatic Manage only Orchestrator McAfee one policy Server and Download Responses to Master Site Threats framework Repository Consolidate monitoring Product Updates Automatic DAT File Updates and reporting Responses / Threat Database Notification Server Scalability & Rogue Web-based Bandwidth System Consoles savings Remote Secure Detection Agent Bi-directional Sensor Handler Channel Update Repository Product Updates Product Updates DAT File Updates DAT File Updates Policy Updates Threat Events Policy Updates Threat Events Easily discover non-compliant systems Managed Systems with McAfee Agents Managed Systems with McAfee Agents Security Risk Management with ePolicy Orchestrator Module 1 - 10 © 2009 McAfee, Inc. All rights reserved.
Feature Management • ePolicy Orchestrator manages products through: – Product deployment – Configuration management – Update and task configuration – Coverage reporting – Threat Event reporting Security Risk Management with ePolicy Orchestrator Module 1 - 11 © 2009 McAfee, Inc. All rights reserved.
Architecture And Communication Agent Handler McAfee Agent APACHE Event Parser Service Service Framework Service HTTP 80 Master UDP 8081 Repository UDP 8082 TCP 8081 DAL HTTP 8080 ePO Server Application Server Network Database (TOMCAT) Console UI Rogue HTTPS 8443 Notification Sensor System Rogue System HTTPS 8444 Sensor Security Risk Management with ePolicy Orchestrator Module 1 - 12 © 2009 McAfee, Inc. All rights reserved.
Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect • Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 13 © 2009 McAfee, Inc. All rights reserved.
Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect  Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 14 © 2009 McAfee, Inc. All rights reserved.
ePolicy Orchestrator 4.0 with Security Risk Management Mohamed A. Shishtawy © 2007 McAfee, Inc.

Recommended

HIPAA HITECH Compliance Assurance Template
HIPAA HITECH Compliance Assurance TemplateHIPAA HITECH Compliance Assurance Template
HIPAA HITECH Compliance Assurance Templatedata brackets
 
Mct summit na what's new in forefront endpoint protection 2012 beta
Mct summit na what's new in forefront endpoint protection 2012 betaMct summit na what's new in forefront endpoint protection 2012 beta
Mct summit na what's new in forefront endpoint protection 2012 betaPeter De Tender
 
SMS Manager Static Demo | Aviation Safety Management System
SMS Manager Static Demo | Aviation Safety Management SystemSMS Manager Static Demo | Aviation Safety Management System
SMS Manager Static Demo | Aviation Safety Management SystemUniversal Weather and Aviation, Inc.
 
Why do Hand-picked Cherries... (2009)
Why do Hand-picked Cherries... (2009)Why do Hand-picked Cherries... (2009)
Why do Hand-picked Cherries... (2009)Marc Jadoul
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Measured boot for embedded devices
Measured boot for embedded devicesMeasured boot for embedded devices
Measured boot for embedded devicesDmitry Baryshkov
 
Security Engineering 1 (CS 5032 2012)
Security Engineering 1 (CS 5032 2012)Security Engineering 1 (CS 5032 2012)
Security Engineering 1 (CS 5032 2012)Ian Sommerville
 
Mc afee conectando las piezas
Mc afee conectando las piezasMc afee conectando las piezas
Mc afee conectando las piezasSoftware Guru
 

Recommended

HIPAA HITECH Compliance Assurance Template
HIPAA HITECH Compliance Assurance TemplateHIPAA HITECH Compliance Assurance Template
HIPAA HITECH Compliance Assurance Templatedata brackets
 
Mct summit na what's new in forefront endpoint protection 2012 beta
Mct summit na what's new in forefront endpoint protection 2012 betaMct summit na what's new in forefront endpoint protection 2012 beta
Mct summit na what's new in forefront endpoint protection 2012 betaPeter De Tender
 
SMS Manager Static Demo | Aviation Safety Management System
SMS Manager Static Demo | Aviation Safety Management SystemSMS Manager Static Demo | Aviation Safety Management System
SMS Manager Static Demo | Aviation Safety Management SystemUniversal Weather and Aviation, Inc.
 
Why do Hand-picked Cherries... (2009)
Why do Hand-picked Cherries... (2009)Why do Hand-picked Cherries... (2009)
Why do Hand-picked Cherries... (2009)Marc Jadoul
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Measured boot for embedded devices
Measured boot for embedded devicesMeasured boot for embedded devices
Measured boot for embedded devicesDmitry Baryshkov
 
Security Engineering 1 (CS 5032 2012)
Security Engineering 1 (CS 5032 2012)Security Engineering 1 (CS 5032 2012)
Security Engineering 1 (CS 5032 2012)Ian Sommerville
 
Mc afee conectando las piezas
Mc afee conectando las piezasMc afee conectando las piezas
Mc afee conectando las piezasSoftware Guru
 
OER Talk @ University of Maryland #OAweek
OER Talk @ University of Maryland #OAweekOER Talk @ University of Maryland #OAweek
OER Talk @ University of Maryland #OAweekNicole Allen
 
Human environment-interactions
Human environment-interactionsHuman environment-interactions
Human environment-interactionsLexi34
 
Weather
WeatherWeather
WeatherИгорь Анатольевич
 
Foil insulation radiant barrier from sinolam
Foil insulation radiant barrier from sinolamFoil insulation radiant barrier from sinolam
Foil insulation radiant barrier from sinolamWWW.SINOLAM.COM WEBSITE
 
Represii. Deportari. Foamete
Represii. Deportari. FoameteRepresii. Deportari. Foamete
Represii. Deportari. FoameteAdela Negura
 
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...Azimut Yacht Club
 
экоблок презентация
экоблок презентацияэкоблок презентация
экоблок презентацияmusorabolshenet
 
Open Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for DevelopmentOpen Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for DevelopmentNicole Allen
 
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)Nicole Allen
 
Les données du Data Portal du Shift Project sur l'électricité britannique et ...
Les données du Data Portal du Shift Project sur l'électricité britannique et ...Les données du Data Portal du Shift Project sur l'électricité britannique et ...
Les données du Data Portal du Shift Project sur l'électricité britannique et ...The Shift Project
 
Social media
Social mediaSocial media
Social mediaNorlela Alias
 
Una forma geométrica de medir irracionalidad
Una forma geométrica de medir irracionalidadUna forma geométrica de medir irracionalidad
Una forma geométrica de medir irracionalidadPedro Morales
 
духовные ценности волонтёра
духовные ценности волонтёрадуховные ценности волонтёра
духовные ценности волонтёраmusorabolshenet
 
Business in the future
Business in the futureBusiness in the future
Business in the futureryuuzaki Ghifari
 
үзүүлэн5
үзүүлэн5үзүүлэн5
үзүүлэн5munkhtuyagg
 
Warp9: reactive primitives
Warp9: reactive primitivesWarp9: reactive primitives
Warp9: reactive primitivesrystsov
 
Cleopatra
CleopatraCleopatra
Cleopatramj_aerox
 
managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...Tushar Upadhyay
 
Open access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSCOpen access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSCAdela Negura
 
OCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALESOCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALESInes Tazon
 
2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk ManagementPinewood
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerNovell
 

More Related Content

Viewers also liked

OER Talk @ University of Maryland #OAweek
OER Talk @ University of Maryland #OAweekOER Talk @ University of Maryland #OAweek
OER Talk @ University of Maryland #OAweekNicole Allen
 
Human environment-interactions
Human environment-interactionsHuman environment-interactions
Human environment-interactionsLexi34
 
Foil insulation radiant barrier from sinolam
Foil insulation radiant barrier from sinolamFoil insulation radiant barrier from sinolam
Foil insulation radiant barrier from sinolamWWW.SINOLAM.COM WEBSITE
 
Represii. Deportari. Foamete
Represii. Deportari. FoameteRepresii. Deportari. Foamete
Represii. Deportari. FoameteAdela Negura
 
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...Azimut Yacht Club
 
экоблок презентация
экоблок презентацияэкоблок презентация
экоблок презентацияmusorabolshenet
 
Open Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for DevelopmentOpen Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for DevelopmentNicole Allen
 
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)Nicole Allen
 
Les données du Data Portal du Shift Project sur l'électricité britannique et ...
Les données du Data Portal du Shift Project sur l'électricité britannique et ...Les données du Data Portal du Shift Project sur l'électricité britannique et ...
Les données du Data Portal du Shift Project sur l'électricité britannique et ...The Shift Project
 
Una forma geométrica de medir irracionalidad
Una forma geométrica de medir irracionalidadUna forma geométrica de medir irracionalidad
Una forma geométrica de medir irracionalidadPedro Morales
 
духовные ценности волонтёра
духовные ценности волонтёрадуховные ценности волонтёра
духовные ценности волонтёраmusorabolshenet
 
Warp9: reactive primitives
Warp9: reactive primitivesWarp9: reactive primitives
Warp9: reactive primitivesrystsov
 
managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...Tushar Upadhyay
 
Open access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSCOpen access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSCAdela Negura
 
OCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALESOCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALESInes Tazon
 

Viewers also liked (20)

OER Talk @ University of Maryland #OAweek
OER Talk @ University of Maryland #OAweekOER Talk @ University of Maryland #OAweek
OER Talk @ University of Maryland #OAweek
 
Human environment-interactions
Human environment-interactionsHuman environment-interactions
Human environment-interactions
 
Weather
WeatherWeather
Weather
 
Foil insulation radiant barrier from sinolam
Foil insulation radiant barrier from sinolamFoil insulation radiant barrier from sinolam
Foil insulation radiant barrier from sinolam
 
Represii. Deportari. Foamete
Represii. Deportari. FoameteRepresii. Deportari. Foamete
Represii. Deportari. Foamete
 
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
 
экоблок презентация
экоблок презентацияэкоблок презентация
экоблок презентация
 
Open Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for DevelopmentOpen Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for Development
 
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
 
Les données du Data Portal du Shift Project sur l'électricité britannique et ...
Les données du Data Portal du Shift Project sur l'électricité britannique et ...Les données du Data Portal du Shift Project sur l'électricité britannique et ...
Les données du Data Portal du Shift Project sur l'électricité britannique et ...
 
Social media
Social mediaSocial media
Social media
 
Una forma geométrica de medir irracionalidad
Una forma geométrica de medir irracionalidadUna forma geométrica de medir irracionalidad
Una forma geométrica de medir irracionalidad
 
духовные ценности волонтёра
духовные ценности волонтёрадуховные ценности волонтёра
духовные ценности волонтёра
 
Business in the future
Business in the futureBusiness in the future
Business in the future
 
үзүүлэн5
үзүүлэн5үзүүлэн5
үзүүлэн5
 
Warp9: reactive primitives
Warp9: reactive primitivesWarp9: reactive primitives
Warp9: reactive primitives
 
Cleopatra
CleopatraCleopatra
Cleopatra
 
managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...
 
Open access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSCOpen access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSC
 
OCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALESOCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALES
 

Similar to Security Risk Management- moeshesh

2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk ManagementPinewood
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerNovell
 
Axxera Security Solutions Ver 2.0
Axxera Security Solutions Ver 2.0Axxera Security Solutions Ver 2.0
Axxera Security Solutions Ver 2.0Reddy Marri
 
Process Steps
Process StepsProcess Steps
Process StepsmfeKEG
 
Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersVenafi
 
Axxera Security Solutions
Axxera Security SolutionsAxxera Security Solutions
Axxera Security Solutionsakshayvreddy
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsRationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsBob Rhubart
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalArrow ECS UK
 
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...Amazon Web Services Korea
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesIşınsu Akçetin
 
241_ATD_TUE_1430_EagleRockEnergy_final
241_ATD_TUE_1430_EagleRockEnergy_final241_ATD_TUE_1430_EagleRockEnergy_final
241_ATD_TUE_1430_EagleRockEnergy_finalAnthony Hopkins
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDaniel P Wallace
 
Setting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSetting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSebastien Deleersnyder
 
DSS ITSEC Conference 2012 - Radware WAF Tech
DSS ITSEC Conference 2012 - Radware WAF TechDSS ITSEC Conference 2012 - Radware WAF Tech
DSS ITSEC Conference 2012 - Radware WAF TechAndris Soroka
 
SuprTEK Continuous Monitoring
SuprTEK Continuous MonitoringSuprTEK Continuous Monitoring
SuprTEK Continuous MonitoringTieu Luu
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012Symantec
 
Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012Symantec
 
Continuous Delivery using Release Management Automation
Continuous Delivery using Release Management AutomationContinuous Delivery using Release Management Automation
Continuous Delivery using Release Management AutomationPremkumar Veerakumar
 
Cybersecurity exchange briefing oct 2012 v2
Cybersecurity exchange briefing oct 2012 v2Cybersecurity exchange briefing oct 2012 v2
Cybersecurity exchange briefing oct 2012 v2Naba Barkakati
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012Nicolai Henriksen
 

Similar to Security Risk Management- moeshesh (20)

2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log Manager
 
Axxera Security Solutions Ver 2.0
Axxera Security Solutions Ver 2.0Axxera Security Solutions Ver 2.0
Axxera Security Solutions Ver 2.0
 
Process Steps
Process StepsProcess Steps
Process Steps
 
Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption Disasters
 
Axxera Security Solutions
Axxera Security SolutionsAxxera Security Solutions
Axxera Security Solutions
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsRationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_final
 
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
 
241_ATD_TUE_1430_EagleRockEnergy_final
241_ATD_TUE_1430_EagleRockEnergy_final241_ATD_TUE_1430_EagleRockEnergy_final
241_ATD_TUE_1430_EagleRockEnergy_final
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Setting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSetting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyder
 
DSS ITSEC Conference 2012 - Radware WAF Tech
DSS ITSEC Conference 2012 - Radware WAF TechDSS ITSEC Conference 2012 - Radware WAF Tech
DSS ITSEC Conference 2012 - Radware WAF Tech
 
SuprTEK Continuous Monitoring
SuprTEK Continuous MonitoringSuprTEK Continuous Monitoring
SuprTEK Continuous Monitoring
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012
 
Continuous Delivery using Release Management Automation
Continuous Delivery using Release Management AutomationContinuous Delivery using Release Management Automation
Continuous Delivery using Release Management Automation
 
Cybersecurity exchange briefing oct 2012 v2
Cybersecurity exchange briefing oct 2012 v2Cybersecurity exchange briefing oct 2012 v2
Cybersecurity exchange briefing oct 2012 v2
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012
 

Recently uploaded

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 

Recently uploaded (20)

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 

Security Risk Management- moeshesh

  • 1. ePolicy Orchestrator 4.0 with Security Risk Management Mohamed A. Shishtawy © 2007 McAfee, Inc.
  • 2. Security Risk Management with ePolicy Orchestrator
  • 3. Module Topics • Security Risk Management with ePO – SRM Model – Centralized Security Management – Components & Architecture Security Risk Management with ePolicy Orchestrator Module 1 - 3 © 2009 McAfee, Inc. All rights reserved.
  • 4. Security Risk Management  SRM Model • Centralized Management • Components & Architecture • Machine import Identify & • Machine discovery group assets • Rogue detection • Infection reporting • Measure Determine vulnerability risk • Notification • Configuration Protect and • Enforcement block • Maintenance • Coverage reporting • Compliance reporting Measure • System compliance compliance • McAfee NAC Security Risk Management with ePolicy Orchestrator Module 1 - 4 © 2009 McAfee, Inc. All rights reserved.
  • 5. Protecting The Enterprise • The Challenge – Identify & group assets – Determine risk – Protect and block threats – Measure compliance Security Risk Management with ePolicy Orchestrator Module 1 - 5 © 2009 McAfee, Inc. All rights reserved.
  • 6. Identify & Group Assets • Import known machines from a browse list • Synchronize with Active Directory • Detect Rogue Systems • Group machines according to management needs • Assign policies on a generic or granular level Security Risk Management with ePolicy Orchestrator Module 1 - 6 © 2009 McAfee, Inc. All rights reserved.
  • 7. Determine Risk • Monitor threat events and propagation • Determine infection and outbreak source • Provide Automatic Responses to rule infringement Security Risk Management with ePolicy Orchestrator Module 1 - 7 © 2009 McAfee, Inc. All rights reserved.
  • 8. Protect And Block Threats • Ensure correct configuration • Enforce security policy • Maintain and update protection • Respond to rule intrusion Security Risk Management with ePolicy Orchestrator Module 1 - 8 © 2009 McAfee, Inc. All rights reserved.
  • 9. Measure Compliance • Report on coverage and protection levels • Determine compliance to anti-virus policy • Determine compliance to system policy • Roll-up reporting across multiple ePO servers Security Risk Management with ePolicy Orchestrator Module 1 - 9 © 2009 McAfee, Inc. All rights reserved.
  • 10. Centralized System Security Management  SRM Model  Centralized Mgmt • Components/Architecture ePolicy Automatic Manage only Orchestrator McAfee one policy Server and Download Responses to Master Site Threats framework Repository Consolidate monitoring Product Updates Automatic DAT File Updates and reporting Responses / Threat Database Notification Server Scalability & Rogue Web-based Bandwidth System Consoles savings Remote Secure Detection Agent Bi-directional Sensor Handler Channel Update Repository Product Updates Product Updates DAT File Updates DAT File Updates Policy Updates Threat Events Policy Updates Threat Events Easily discover non-compliant systems Managed Systems with McAfee Agents Managed Systems with McAfee Agents Security Risk Management with ePolicy Orchestrator Module 1 - 10 © 2009 McAfee, Inc. All rights reserved.
  • 11. Feature Management • ePolicy Orchestrator manages products through: – Product deployment – Configuration management – Update and task configuration – Coverage reporting – Threat Event reporting Security Risk Management with ePolicy Orchestrator Module 1 - 11 © 2009 McAfee, Inc. All rights reserved.
  • 12. Architecture And Communication Agent Handler McAfee Agent APACHE Event Parser Service Service Framework Service HTTP 80 Master UDP 8081 Repository UDP 8082 TCP 8081 DAL HTTP 8080 ePO Server Application Server Network Database (TOMCAT) Console UI Rogue HTTPS 8443 Notification Sensor System Rogue System HTTPS 8444 Sensor Security Risk Management with ePolicy Orchestrator Module 1 - 12 © 2009 McAfee, Inc. All rights reserved.
  • 13. Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect • Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 13 © 2009 McAfee, Inc. All rights reserved.
  • 14. Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect  Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 14 © 2009 McAfee, Inc. All rights reserved.
  • 15.
  • 16. ePolicy Orchestrator 4.0 with Security Risk Management Mohamed A. Shishtawy © 2007 McAfee, Inc.