SlideShare a Scribd company logo

Ccie security 01

Download as PPT, PDF
Peter Cheong
Peter Cheong
Technology
1 of 23
CISCO Security Solution Peter Cheong
Fundament al Questions for Network Security ? 1. What areyou trying to protect or maintain? 2. What areyour businessobjectives? 3. What doyou needto accomplish these objectives? 4. What technologies or solutions arerequiredto support theseobjectives? 5. Areyour objectives compatiblewith your security infrastructure, operations, and tools?
Fundament al Questions for Network Security ? 6. What risks areassociated with inadequatesecurity? 7. What arethe implications ofnot implementing security? 8. Will you introducenew risks not coveredby your current security solutionsor policy? 9. How do you reduce that risk? 10. What is your tolerancefor risk? YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Transformation of the Security Paradigm • Security is no longer about “products” • Scalability demands are increasing • Legacy endpoint security Total Cost of Ownership (TCO) is a challenge • Day zero damage YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Principles of Security— The CIA Model YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Policies, Standards, Procedures, Baselines, Guidelines YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012 A security policy is a set ofrules, practices, and procedures dictating how sensitiveinformation is managed, protected, and distributed. In the network securityrealm, policies areusuallypoint specific, which means they cover a singlearea. A security policy is a document that expressesexactly what the securitylevel shouldbeby setting thegoals of what the security mechanisms are toaccomplish. Security policy is written by higher management and is intended to describethe “whats” ofinformation security.
YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012 Thesamplelist that follows covers somecommon policies that an organization shouldconsider. •Acceptable use. •Ethics •Information sensitivity •E-mail •Password •Risk assessment Examples of Security Policies
Relationships Among Security Policies, Standards, Procedures, Baselines, and Guidelines YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Security Models An important element in thedesign andanalysis of securesystemsisthe securitymodel, becauseit integratesthesecurity policy that should be enforcedin the system. A securitymodel is a symbolic portrayal ofa security policy. It maps therequirements ofthepolicy makers into a set ofrules and regulations that aretobefollowed by a computer system or a network system. A security policy is a set of abstract goals and high-level requirements, and thesecurity model is thedo’s and don’tsto makethis happen. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Security Models • The Bell-LaPadula Model (BLM), also calledthe multilevelmodel, wasintroducedmainly to enforce access controlingovernment andmilitary applications.BLM protectsthe confidentiality of the informationwithina system. • The Biba model is a modificationof the Bell-LaPadula model that mainly emphasizes the integrity of the information withina system. • The Clark-Wilson model prevents authorizedusers frommaking unauthorized modification to the data.This model introducesa systemof triples: a subject, a program, and anobject. • The AccessControl Matrix is a general model of access control that is basedonthe concept of subjects and objects. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Security Models • The InformationFlow model restricts information inits flow so that it moves only to and fromapprovedsecurity levels. • The Chinese Wallmodel combines commercialdiscretionwithlegally enforceable mandatory controls.It is required inthe operationof many financial services organizations. • The Lattice model deals withmilitary information.Lattice-basedaccesscontrol models were developedin the early 1970s to deal with the confidentiality of militaryinformation.Inthe late 1970s and early 1980s, researchers applied these models to certain integrity concerns. Later, applicationof the modelsto the Chinese Wall policy, a confidentiality policy unique to the commercialsector, was developed.A balancedperspective onlattice-basedaccess controlmodels is provided. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Perimeter Security YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012 Opinions on perimeter security have changed a great deal over the past few years. Part of that change is that the very nature of perimeter security is becoming increasingly uncertain, and everyone has a different view of just what it is. The limits of the perimeter itself are becoming broad and extensive, with no geographic boundaries, and remote access is becoming part of the integral network.
A Solid Perimeter Security Solution • A comprehensiveperimeter security solution enables communications acrossit as defined by thesecurity policy, yet protects thenetwork resources from breaches, attacks, or unauthorized use. It controls multiplenetwork entry and exit points. It alsoincreases user assurance by implementing multiplelayersofsecurity. • TheCisco widerangeof Ciscoperimeter security solutionsprovides several levels ofperimeter security that can be deployed throughout your network as defined by your security policy. These solutions are highly flexible andcan betailoredto your securitypolicy. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Security in Layers As discussedearlier, security in layers is thepreferred andmost scalable approach tosafeguarda network. Onesinglemechanismcannot be relied on for thesecurity of asystem. Toprotect your infrastructure, you must apply security in layers. This layered approach is also called defensein depth. The idea is that you createmultiple systems sothat afailurein onedoes not leaveyou vulnerable, but iscaught in thenext layer. Additionally, in alayered approach, thevulnerability can belimited and contained to theaffected layer becauseoftheappliedsecurity at varyinglevels YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Multilayer Perimeter Solution Asstatedpreviously, today’s solutions areshifting toward theapproach of placing safeguard mechanisms at various layers ofthenetwork, not just at theboundary or edgedevices. Today, it isrecommendedto deploy Intrusion Prevention System (IPS) devices on both the insideand outside boundaries of private networks. Firewalls, on theother hand, are placed between various business segments or departmentswithin the sameorganization, dividing the network into logical groupings andapplyingperimeter defenseat each segment or department. In thismultiperimeter model, each segment can have different layersof defensewithin it. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Multilayer Perimeter Solution Effective perimeter security has become increasingly important over recent years. Perimeter security cannot be trusted to only the traditional defense mechanisms of firewalls and IDS. Web applications, wireless access, network interconnectivities, and VPNs have made the perimeter a much more complicated concept than it was a couple of years ago. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Multilayer Perimeter Solution A layered approach requires implementing security solutions at different spectrums of the network. Another similar concept is islandsof security. To implement islands of security, do not restrict your thinking to perimeter security. Do not depend on just one method for your security. You should, instead, have layers of protection—perimeter, distribution, core, and access layer. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Security Applied Across All Layers of the System YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
The Domino Effect The OSI reference model was built to enable different layers to work independently of each other. The layered approach was developed to accommodate changes in the evolving technology. Each OSI layer is responsible for a specific function within the networking stack, with information flowing up and down to the next subsequent layer as data is processed. Unfortunately, this means that if one layer is hacked, communications are compromised without the other layers being aware of the problem. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
The Domino Effect YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Security Wheel YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
Summary • This chaptergave anoverview ofnetworksecurity and discussed the challenges ofmanagingasecured networkinfrastructure. The chapter discussed how the security paradigmischangingand that securitysolutionstoday arenolonger productbased.Instead,theyare moresolution oriented and designed with businessobjectives inmind. • Thechapteralso discussed the coreprinciplesofsecurity—the CIA triad of confidentiality,integrity,and availability—followed bybriefdiscussion ofaspects ofsecuritypolicies: standards,procedures, baselines,guidelines,and various security models.Thechapter takesadetailed lookattheperimeter securityissue and themultilayered securityapproach.Thechapterconcludeswith theCisco security wheelparadigminvolvingfivecyclical steps. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
References • Harris, Shon. CISSP All-in-OneExamGuide, SecondEdition. McGraw-Hill OsborneMedia, 2003. https://www2.sans.org/resources/policies/#template http://www.cisco.com/go/securityconsulting http://www.doc.ic.ac.uk/~ajs300m/security/CIA.htm http://portal.acm.org/citation.cfm?id=619980 http://www.gammassl.co.uk/topics/chinesewall.html http://www.devx.com/security/Article/20472 • Guel, Michele. “A Short Primer for Developing Security Policy,” Cisco Systems, http://www.sans.org/resources/policies/#primer YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012

Recommended

Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
The Future of Security Architecture Certification
The Future of Security Architecture CertificationThe Future of Security Architecture Certification
The Future of Security Architecture Certificationdanb02
 
Introduction to International Standardization
Introduction to International StandardizationIntroduction to International Standardization
Introduction to International StandardizationKris Kimmerle
 
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Craig Martin
 
Security architecture - Perform a gap analysis
Security architecture - Perform a gap analysisSecurity architecture - Perform a gap analysis
Security architecture - Perform a gap analysisCarlo Dapino
 
Ea Relationship To Security And The Enterprise V1
Ea Relationship To Security And The Enterprise V1Ea Relationship To Security And The Enterprise V1
Ea Relationship To Security And The Enterprise V1pk4
 
Security in Mergers and Acquisitions - NTT Security - Miriam Levenstein
Security in Mergers and Acquisitions - NTT Security - Miriam LevensteinSecurity in Mergers and Acquisitions - NTT Security - Miriam Levenstein
Security in Mergers and Acquisitions - NTT Security - Miriam LevensteinMiriam L
 
Conceptual security architecture
Conceptual security architectureConceptual security architecture
Conceptual security architectureMubashirAslam5
 

Recommended

Security architecture
Security architectureSecurity architecture
Security architectureDuncan Unwin
 
The Future of Security Architecture Certification
The Future of Security Architecture CertificationThe Future of Security Architecture Certification
The Future of Security Architecture Certificationdanb02
 
Introduction to International Standardization
Introduction to International StandardizationIntroduction to International Standardization
Introduction to International StandardizationKris Kimmerle
 
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Craig Martin
 
Security architecture - Perform a gap analysis
Security architecture - Perform a gap analysisSecurity architecture - Perform a gap analysis
Security architecture - Perform a gap analysisCarlo Dapino
 
Ea Relationship To Security And The Enterprise V1
Ea Relationship To Security And The Enterprise V1Ea Relationship To Security And The Enterprise V1
Ea Relationship To Security And The Enterprise V1pk4
 
Security in Mergers and Acquisitions - NTT Security - Miriam Levenstein
Security in Mergers and Acquisitions - NTT Security - Miriam LevensteinSecurity in Mergers and Acquisitions - NTT Security - Miriam Levenstein
Security in Mergers and Acquisitions - NTT Security - Miriam LevensteinMiriam L
 
Conceptual security architecture
Conceptual security architectureConceptual security architecture
Conceptual security architectureMubashirAslam5
 
CIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityCIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityBob Guimarin
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? PECB
 
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...NetworkCollaborators
 
Defense In-Depth
Defense In-DepthDefense In-Depth
Defense In-DepthWill Kelly
 
Reality of cybersecurity 11.4.2017
Reality of cybersecurity 11.4.2017Reality of cybersecurity 11.4.2017
Reality of cybersecurity 11.4.2017japijapi
 
Enterprise Security Architecture
Enterprise Security ArchitectureEnterprise Security Architecture
Enterprise Security ArchitectureKris Kimmerle
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
Enterprise%20 security%20architecture%20 %20business%20driven%20security
Enterprise%20 security%20architecture%20 %20business%20driven%20securityEnterprise%20 security%20architecture%20 %20business%20driven%20security
Enterprise%20 security%20architecture%20 %20business%20driven%20securitywardell henley
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0Maganathin Veeraragaloo
 
SMi Group's Oil & Gas Cyber Security conference & exhibition
SMi Group's Oil & Gas Cyber Security conference & exhibitionSMi Group's Oil & Gas Cyber Security conference & exhibition
SMi Group's Oil & Gas Cyber Security conference & exhibitionDale Butler
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoTAmy Daly
 
" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "Bill Ross
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaLuca Moroni ✔✔
 
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesYet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesOlivier Busolini
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...Nur Shiqim Chok
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTAbdullahi Arabo Jr (MEng, MBCS, PhD)
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingPECB
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...Nur Shiqim Chok
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceChristian F. Nissen
 
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final ReportPhil Agcaoili
 
Web Servers: Architecture and Security
Web Servers: Architecture and SecurityWeb Servers: Architecture and Security
Web Servers: Architecture and Securitygeorge.james
 
Application architecture for the rest of us - php xperts devcon 2012
Application architecture for the rest of us - php xperts devcon 2012Application architecture for the rest of us - php xperts devcon 2012
Application architecture for the rest of us - php xperts devcon 2012M N Islam Shihan
 

More Related Content

What's hot

CIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityCIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityBob Guimarin
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? PECB
 
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...NetworkCollaborators
 
Defense In-Depth
Defense In-DepthDefense In-Depth
Defense In-DepthWill Kelly
 
Reality of cybersecurity 11.4.2017
Reality of cybersecurity 11.4.2017Reality of cybersecurity 11.4.2017
Reality of cybersecurity 11.4.2017japijapi
 
Enterprise Security Architecture
Enterprise Security ArchitectureEnterprise Security Architecture
Enterprise Security ArchitectureKris Kimmerle
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
Enterprise%20 security%20architecture%20 %20business%20driven%20security
Enterprise%20 security%20architecture%20 %20business%20driven%20securityEnterprise%20 security%20architecture%20 %20business%20driven%20security
Enterprise%20 security%20architecture%20 %20business%20driven%20securitywardell henley
 
SMi Group's Oil & Gas Cyber Security conference & exhibition
SMi Group's Oil & Gas Cyber Security conference & exhibitionSMi Group's Oil & Gas Cyber Security conference & exhibition
SMi Group's Oil & Gas Cyber Security conference & exhibitionDale Butler
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoTAmy Daly
 
" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "Bill Ross
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaLuca Moroni ✔✔
 
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesYet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesOlivier Busolini
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...Nur Shiqim Chok
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingPECB
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...Nur Shiqim Chok
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceChristian F. Nissen
 
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final ReportPhil Agcaoili
 

What's hot (20)

CIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurityCIO Review - Top 20 CyberSecurity
CIO Review - Top 20 CyberSecurity
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation?
 
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
Cisco Connect 2018 Thailand - Changing the security equation demetris booth_c...
 
Defense In-Depth
Defense In-DepthDefense In-Depth
Defense In-Depth
 
Reality of cybersecurity 11.4.2017
Reality of cybersecurity 11.4.2017Reality of cybersecurity 11.4.2017
Reality of cybersecurity 11.4.2017
 
Enterprise Security Architecture
Enterprise Security ArchitectureEnterprise Security Architecture
Enterprise Security Architecture
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Enterprise%20 security%20architecture%20 %20business%20driven%20security
Enterprise%20 security%20architecture%20 %20business%20driven%20securityEnterprise%20 security%20architecture%20 %20business%20driven%20security
Enterprise%20 security%20architecture%20 %20business%20driven%20security
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0
 
SMi Group's Oil & Gas Cyber Security conference & exhibition
SMi Group's Oil & Gas Cyber Security conference & exhibitionSMi Group's Oil & Gas Cyber Security conference & exhibition
SMi Group's Oil & Gas Cyber Security conference & exhibition
 
Cybersecurity in the Era of IoT
Cybersecurity in the Era of IoTCybersecurity in the Era of IoT
Cybersecurity in the Era of IoT
 
" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "" The Invisible Person ... the Security Architect "
" The Invisible Person ... the Security Architect "
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - LubianaISACA SLOVENIA CHAPTER October 2016 - Lubiana
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
 
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesYet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial Services
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoT
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud Computing
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
[Cisco Connect 2018 - Vietnam] Pauline hampshire changing the security equa...
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber Resilience
 
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
2011 FCC CSRIC WG2A Cyber Security Best Practices Final Report
 

Viewers also liked

Web Servers: Architecture and Security
Web Servers: Architecture and SecurityWeb Servers: Architecture and Security
Web Servers: Architecture and Securitygeorge.james
 
Application architecture for the rest of us - php xperts devcon 2012
Application architecture for the rest of us - php xperts devcon 2012Application architecture for the rest of us - php xperts devcon 2012
Application architecture for the rest of us - php xperts devcon 2012M N Islam Shihan
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityYnon Perek
 
Traditional methods of security analysis - Fundamental Analysis
Traditional methods of security analysis - Fundamental Analysis Traditional methods of security analysis - Fundamental Analysis
Traditional methods of security analysis - Fundamental Analysis Shreya Agnihotri
 
Secure your cloud applications by building solid foundations with enterprise ...
Secure your cloud applications by building solid foundations with enterprise ...Secure your cloud applications by building solid foundations with enterprise ...
Secure your cloud applications by building solid foundations with enterprise ...Vladimir Jirasek
 
security fundamental analysis
security fundamental analysissecurity fundamental analysis
security fundamental analysisKumar Dhanwani
 
Cloud Delivery Model Considerations
Cloud Delivery Model ConsiderationsCloud Delivery Model Considerations
Cloud Delivery Model ConsiderationsMohammed Sajjad Ali
 
Practical microwave radio transmission training in Nigeria
Practical microwave radio transmission training in NigeriaPractical microwave radio transmission training in Nigeria
Practical microwave radio transmission training in NigeriaNeonetwireless
 
AWS Webinar: How to architect and deploy a multi tier share point server farm...
AWS Webinar: How to architect and deploy a multi tier share point server farm...AWS Webinar: How to architect and deploy a multi tier share point server farm...
AWS Webinar: How to architect and deploy a multi tier share point server farm...Amazon Web Services
 
Performance Evaluation Of IEEE 802.11p For Vehicular Communication Networks
Performance Evaluation Of IEEE 802.11p For Vehicular Communication NetworksPerformance Evaluation Of IEEE 802.11p For Vehicular Communication Networks
Performance Evaluation Of IEEE 802.11p For Vehicular Communication NetworksAmir Jafari
 
CCNA R&S-16-Analyzing Classful IPv4 Networks
CCNA R&S-16-Analyzing Classful IPv4 NetworksCCNA R&S-16-Analyzing Classful IPv4 Networks
CCNA R&S-16-Analyzing Classful IPv4 NetworksAmir Jafari
 
CCNA R&S-09-Configuring Ethernet Switching
CCNA R&S-09-Configuring Ethernet SwitchingCCNA R&S-09-Configuring Ethernet Switching
CCNA R&S-09-Configuring Ethernet SwitchingAmir Jafari
 
CCNA R&S-12-Spanning Tree Protocol Concepts
CCNA R&S-12-Spanning Tree Protocol ConceptsCCNA R&S-12-Spanning Tree Protocol Concepts
CCNA R&S-12-Spanning Tree Protocol ConceptsAmir Jafari
 
CCNA R&S-11-Troubleshooting Ethernet LANs
CCNA R&S-11-Troubleshooting Ethernet LANsCCNA R&S-11-Troubleshooting Ethernet LANs
CCNA R&S-11-Troubleshooting Ethernet LANsAmir Jafari
 
CCNA R&S-17-Analyzing Subnet Masks
CCNA R&S-17-Analyzing Subnet MasksCCNA R&S-17-Analyzing Subnet Masks
CCNA R&S-17-Analyzing Subnet MasksAmir Jafari
 
CCNA R&S-15-Perspectives on IPv4 Subnetting
CCNA R&S-15-Perspectives on IPv4 SubnettingCCNA R&S-15-Perspectives on IPv4 Subnetting
CCNA R&S-15-Perspectives on IPv4 SubnettingAmir Jafari
 
CCNA Voice 640-461- Part 4 historic voice-digital connectivity-part 2
CCNA Voice 640-461- Part 4 historic voice-digital connectivity-part 2CCNA Voice 640-461- Part 4 historic voice-digital connectivity-part 2
CCNA Voice 640-461- Part 4 historic voice-digital connectivity-part 2Amir Jafari
 

Viewers also liked (20)

Web Servers: Architecture and Security
Web Servers: Architecture and SecurityWeb Servers: Architecture and Security
Web Servers: Architecture and Security
 
Application architecture for the rest of us - php xperts devcon 2012
Application architecture for the rest of us - php xperts devcon 2012Application architecture for the rest of us - php xperts devcon 2012
Application architecture for the rest of us - php xperts devcon 2012
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Traditional methods of security analysis - Fundamental Analysis
Traditional methods of security analysis - Fundamental Analysis Traditional methods of security analysis - Fundamental Analysis
Traditional methods of security analysis - Fundamental Analysis
 
Information Security: Fundamental
Information Security: FundamentalInformation Security: Fundamental
Information Security: Fundamental
 
Secure your cloud applications by building solid foundations with enterprise ...
Secure your cloud applications by building solid foundations with enterprise ...Secure your cloud applications by building solid foundations with enterprise ...
Secure your cloud applications by building solid foundations with enterprise ...
 
iCode Security Architecture Framework
iCode Security Architecture FrameworkiCode Security Architecture Framework
iCode Security Architecture Framework
 
security fundamental analysis
security fundamental analysissecurity fundamental analysis
security fundamental analysis
 
Cloud Delivery Model Considerations
Cloud Delivery Model ConsiderationsCloud Delivery Model Considerations
Cloud Delivery Model Considerations
 
Fundamental Cloud Security
Fundamental Cloud SecurityFundamental Cloud Security
Fundamental Cloud Security
 
Practical microwave radio transmission training in Nigeria
Practical microwave radio transmission training in NigeriaPractical microwave radio transmission training in Nigeria
Practical microwave radio transmission training in Nigeria
 
AWS Webinar: How to architect and deploy a multi tier share point server farm...
AWS Webinar: How to architect and deploy a multi tier share point server farm...AWS Webinar: How to architect and deploy a multi tier share point server farm...
AWS Webinar: How to architect and deploy a multi tier share point server farm...
 
Performance Evaluation Of IEEE 802.11p For Vehicular Communication Networks
Performance Evaluation Of IEEE 802.11p For Vehicular Communication NetworksPerformance Evaluation Of IEEE 802.11p For Vehicular Communication Networks
Performance Evaluation Of IEEE 802.11p For Vehicular Communication Networks
 
CCNA R&S-16-Analyzing Classful IPv4 Networks
CCNA R&S-16-Analyzing Classful IPv4 NetworksCCNA R&S-16-Analyzing Classful IPv4 Networks
CCNA R&S-16-Analyzing Classful IPv4 Networks
 
CCNA R&S-09-Configuring Ethernet Switching
CCNA R&S-09-Configuring Ethernet SwitchingCCNA R&S-09-Configuring Ethernet Switching
CCNA R&S-09-Configuring Ethernet Switching
 
CCNA R&S-12-Spanning Tree Protocol Concepts
CCNA R&S-12-Spanning Tree Protocol ConceptsCCNA R&S-12-Spanning Tree Protocol Concepts
CCNA R&S-12-Spanning Tree Protocol Concepts
 
CCNA R&S-11-Troubleshooting Ethernet LANs
CCNA R&S-11-Troubleshooting Ethernet LANsCCNA R&S-11-Troubleshooting Ethernet LANs
CCNA R&S-11-Troubleshooting Ethernet LANs
 
CCNA R&S-17-Analyzing Subnet Masks
CCNA R&S-17-Analyzing Subnet MasksCCNA R&S-17-Analyzing Subnet Masks
CCNA R&S-17-Analyzing Subnet Masks
 
CCNA R&S-15-Perspectives on IPv4 Subnetting
CCNA R&S-15-Perspectives on IPv4 SubnettingCCNA R&S-15-Perspectives on IPv4 Subnetting
CCNA R&S-15-Perspectives on IPv4 Subnetting
 
CCNA Voice 640-461- Part 4 historic voice-digital connectivity-part 2
CCNA Voice 640-461- Part 4 historic voice-digital connectivity-part 2CCNA Voice 640-461- Part 4 historic voice-digital connectivity-part 2
CCNA Voice 640-461- Part 4 historic voice-digital connectivity-part 2
 

Similar to Ccie security 01

4-lessons-of-security-leaders-for-2022.pdf
4-lessons-of-security-leaders-for-2022.pdf4-lessons-of-security-leaders-for-2022.pdf
4-lessons-of-security-leaders-for-2022.pdfJose R
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case StudyDigital Bond
 
Renewed Context for the Defense and Security Sector
Renewed Context for the Defense and Security SectorRenewed Context for the Defense and Security Sector
Renewed Context for the Defense and Security SectorCloudMask inc.
 
Sleeping well with cloud services
Sleeping well with cloud servicesSleeping well with cloud services
Sleeping well with cloud servicesComarch_Services
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxYoisRoberthTapiadeLa
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxVictoriaChavesta
 
Alfresco Virtual DevCon 2020 - Security First!
Alfresco Virtual DevCon 2020 - Security First!Alfresco Virtual DevCon 2020 - Security First!
Alfresco Virtual DevCon 2020 - Security First!Jason Jolley
 
Make things come alive in a secure way - Sigfox
Make things come alive in a secure way - SigfoxMake things come alive in a secure way - Sigfox
Make things come alive in a secure way - SigfoxSigfox
 
Revolutionize Your Security Strategy with White Label SOC Service
Revolutionize Your Security Strategy with White Label SOC ServiceRevolutionize Your Security Strategy with White Label SOC Service
Revolutionize Your Security Strategy with White Label SOC ServiceSingle Point of Contact
 
SaaS-based IT Security Market 2022 Analysis Key Trends, Growth Opportunities,...
SaaS-based IT Security Market 2022 Analysis Key Trends, Growth Opportunities,...SaaS-based IT Security Market 2022 Analysis Key Trends, Growth Opportunities,...
SaaS-based IT Security Market 2022 Analysis Key Trends, Growth Opportunities,...stringentdatalytics
 
Csa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del cisoCsa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del cisoCSA Argentina
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-securityskumartarget
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloudScalar Decisions
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloudpatmisasi
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked inJohn Masiliunas
 

Similar to Ccie security 01 (20)

4-lessons-of-security-leaders-for-2022.pdf
4-lessons-of-security-leaders-for-2022.pdf4-lessons-of-security-leaders-for-2022.pdf
4-lessons-of-security-leaders-for-2022.pdf
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
 
Renewed Context for the Defense and Security Sector
Renewed Context for the Defense and Security SectorRenewed Context for the Defense and Security Sector
Renewed Context for the Defense and Security Sector
 
Sleeping well with cloud services
Sleeping well with cloud servicesSleeping well with cloud services
Sleeping well with cloud services
 
SIEM Buyer's Guide
SIEM Buyer's GuideSIEM Buyer's Guide
SIEM Buyer's Guide
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
 
Alfresco Virtual DevCon 2020 - Security First!
Alfresco Virtual DevCon 2020 - Security First!Alfresco Virtual DevCon 2020 - Security First!
Alfresco Virtual DevCon 2020 - Security First!
 
Make things come alive in a secure way - Sigfox
Make things come alive in a secure way - SigfoxMake things come alive in a secure way - Sigfox
Make things come alive in a secure way - Sigfox
 
Revolutionize Your Security Strategy with White Label SOC Service
Revolutionize Your Security Strategy with White Label SOC ServiceRevolutionize Your Security Strategy with White Label SOC Service
Revolutionize Your Security Strategy with White Label SOC Service
 
SaaS-based IT Security Market 2022 Analysis Key Trends, Growth Opportunities,...
SaaS-based IT Security Market 2022 Analysis Key Trends, Growth Opportunities,...SaaS-based IT Security Market 2022 Analysis Key Trends, Growth Opportunities,...
SaaS-based IT Security Market 2022 Analysis Key Trends, Growth Opportunities,...
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
 
Csa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del cisoCsa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del ciso
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital age
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​
 
Ravi i ot-security
Ravi i ot-securityRavi i ot-security
Ravi i ot-security
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
 
Keys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-CloudKeys-to-Success-and-Security-in-the-Cloud
Keys-to-Success-and-Security-in-the-Cloud
 
Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked in
 

Recently uploaded

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Recently uploaded (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Ccie security 01

  • 2. Fundament al Questions for Network Security ? 1. What areyou trying to protect or maintain? 2. What areyour businessobjectives? 3. What doyou needto accomplish these objectives? 4. What technologies or solutions arerequiredto support theseobjectives? 5. Areyour objectives compatiblewith your security infrastructure, operations, and tools?
  • 3. Fundament al Questions for Network Security ? 6. What risks areassociated with inadequatesecurity? 7. What arethe implications ofnot implementing security? 8. Will you introducenew risks not coveredby your current security solutionsor policy? 9. How do you reduce that risk? 10. What is your tolerancefor risk? YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 4. Transformation of the Security Paradigm • Security is no longer about “products” • Scalability demands are increasing • Legacy endpoint security Total Cost of Ownership (TCO) is a challenge • Day zero damage YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 5. Principles of Security— The CIA Model YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 6. Policies, Standards, Procedures, Baselines, Guidelines YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012 A security policy is a set ofrules, practices, and procedures dictating how sensitiveinformation is managed, protected, and distributed. In the network securityrealm, policies areusuallypoint specific, which means they cover a singlearea. A security policy is a document that expressesexactly what the securitylevel shouldbeby setting thegoals of what the security mechanisms are toaccomplish. Security policy is written by higher management and is intended to describethe “whats” ofinformation security.
  • 7. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012 Thesamplelist that follows covers somecommon policies that an organization shouldconsider. •Acceptable use. •Ethics •Information sensitivity •E-mail •Password •Risk assessment Examples of Security Policies
  • 8. Relationships Among Security Policies, Standards, Procedures, Baselines, and Guidelines YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 9. Security Models An important element in thedesign andanalysis of securesystemsisthe securitymodel, becauseit integratesthesecurity policy that should be enforcedin the system. A securitymodel is a symbolic portrayal ofa security policy. It maps therequirements ofthepolicy makers into a set ofrules and regulations that aretobefollowed by a computer system or a network system. A security policy is a set of abstract goals and high-level requirements, and thesecurity model is thedo’s and don’tsto makethis happen. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 10. Security Models • The Bell-LaPadula Model (BLM), also calledthe multilevelmodel, wasintroducedmainly to enforce access controlingovernment andmilitary applications.BLM protectsthe confidentiality of the informationwithina system. • The Biba model is a modificationof the Bell-LaPadula model that mainly emphasizes the integrity of the information withina system. • The Clark-Wilson model prevents authorizedusers frommaking unauthorized modification to the data.This model introducesa systemof triples: a subject, a program, and anobject. • The AccessControl Matrix is a general model of access control that is basedonthe concept of subjects and objects. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 11. Security Models • The InformationFlow model restricts information inits flow so that it moves only to and fromapprovedsecurity levels. • The Chinese Wallmodel combines commercialdiscretionwithlegally enforceable mandatory controls.It is required inthe operationof many financial services organizations. • The Lattice model deals withmilitary information.Lattice-basedaccesscontrol models were developedin the early 1970s to deal with the confidentiality of militaryinformation.Inthe late 1970s and early 1980s, researchers applied these models to certain integrity concerns. Later, applicationof the modelsto the Chinese Wall policy, a confidentiality policy unique to the commercialsector, was developed.A balancedperspective onlattice-basedaccess controlmodels is provided. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 12. Perimeter Security YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012 Opinions on perimeter security have changed a great deal over the past few years. Part of that change is that the very nature of perimeter security is becoming increasingly uncertain, and everyone has a different view of just what it is. The limits of the perimeter itself are becoming broad and extensive, with no geographic boundaries, and remote access is becoming part of the integral network.
  • 13. A Solid Perimeter Security Solution • A comprehensiveperimeter security solution enables communications acrossit as defined by thesecurity policy, yet protects thenetwork resources from breaches, attacks, or unauthorized use. It controls multiplenetwork entry and exit points. It alsoincreases user assurance by implementing multiplelayersofsecurity. • TheCisco widerangeof Ciscoperimeter security solutionsprovides several levels ofperimeter security that can be deployed throughout your network as defined by your security policy. These solutions are highly flexible andcan betailoredto your securitypolicy. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 14. Security in Layers As discussedearlier, security in layers is thepreferred andmost scalable approach tosafeguarda network. Onesinglemechanismcannot be relied on for thesecurity of asystem. Toprotect your infrastructure, you must apply security in layers. This layered approach is also called defensein depth. The idea is that you createmultiple systems sothat afailurein onedoes not leaveyou vulnerable, but iscaught in thenext layer. Additionally, in alayered approach, thevulnerability can belimited and contained to theaffected layer becauseoftheappliedsecurity at varyinglevels YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 15. Multilayer Perimeter Solution Asstatedpreviously, today’s solutions areshifting toward theapproach of placing safeguard mechanisms at various layers ofthenetwork, not just at theboundary or edgedevices. Today, it isrecommendedto deploy Intrusion Prevention System (IPS) devices on both the insideand outside boundaries of private networks. Firewalls, on theother hand, are placed between various business segments or departmentswithin the sameorganization, dividing the network into logical groupings andapplyingperimeter defenseat each segment or department. In thismultiperimeter model, each segment can have different layersof defensewithin it. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 16. Multilayer Perimeter Solution Effective perimeter security has become increasingly important over recent years. Perimeter security cannot be trusted to only the traditional defense mechanisms of firewalls and IDS. Web applications, wireless access, network interconnectivities, and VPNs have made the perimeter a much more complicated concept than it was a couple of years ago. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 17. Multilayer Perimeter Solution A layered approach requires implementing security solutions at different spectrums of the network. Another similar concept is islandsof security. To implement islands of security, do not restrict your thinking to perimeter security. Do not depend on just one method for your security. You should, instead, have layers of protection—perimeter, distribution, core, and access layer. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 18. Security Applied Across All Layers of the System YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 19. The Domino Effect The OSI reference model was built to enable different layers to work independently of each other. The layered approach was developed to accommodate changes in the evolving technology. Each OSI layer is responsible for a specific function within the networking stack, with information flowing up and down to the next subsequent layer as data is processed. Unfortunately, this means that if one layer is hacked, communications are compromised without the other layers being aware of the problem. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 20. The Domino Effect YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 21. Security Wheel YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 22. Summary • This chaptergave anoverview ofnetworksecurity and discussed the challenges ofmanagingasecured networkinfrastructure. The chapter discussed how the security paradigmischangingand that securitysolutionstoday arenolonger productbased.Instead,theyare moresolution oriented and designed with businessobjectives inmind. • Thechapteralso discussed the coreprinciplesofsecurity—the CIA triad of confidentiality,integrity,and availability—followed bybriefdiscussion ofaspects ofsecuritypolicies: standards,procedures, baselines,guidelines,and various security models.Thechapter takesadetailed lookattheperimeter securityissue and themultilayered securityapproach.Thechapterconcludeswith theCisco security wheelparadigminvolvingfivecyclical steps. YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012
  • 23. References • Harris, Shon. CISSP All-in-OneExamGuide, SecondEdition. McGraw-Hill OsborneMedia, 2003. https://www2.sans.org/resources/policies/#template http://www.cisco.com/go/securityconsulting http://www.doc.ic.ac.uk/~ajs300m/security/CIA.htm http://portal.acm.org/citation.cfm?id=619980 http://www.gammassl.co.uk/topics/chinesewall.html http://www.devx.com/security/Article/20472 • Guel, Michele. “A Short Primer for Developing Security Policy,” Cisco Systems, http://www.sans.org/resources/policies/#primer YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012YOUR COMPANYNAME | LONGAND INTERESTING PRESENTATION TITLE | VERSION NO. XX | 06/06/2012

Editor's Notes

  1. Security is no longer about “products”: Security solutions must be chosen with business objectives in mind and integrated with operational procedures and tools. Scalability demands are increasing: With the increasing number of vulnerabilities and security threats, solutions must scale to thousands of hosts in large enterprises. Legacy endpoint security Total Cost of Ownership (TCO) is a challenge: Reactive products force deployment and renewal of multiple agents and management paradigms. Day zero damage: Rapidly propagating attacks (Slammer, Nimda, MyDoom) happen too fast for reactive products to control. Therefore, an automated, proactive security system is needed to combat the dynamic array of modern-day viruses and worms.With modern-day distributed networks, security cannot be enforced only at the network edge or perimeter. We will discuss perimeter security in more detail later in this chapter.Zero-day attacks or new and unknown viruses continue to plague enterprises and service provider networks.To attempt to establish protection against attacks, enterprises try to patch systems as vulnerabilities become known. This clearly cannot scale in large networks, and this situation can be addressed only with real-time proactive-based systems.
  2. The sample list that follows covers some common policies that an organization should consider. Acceptable use: This policy outlines the acceptable use of computer equipment. The rules are established to protect the employee and the organization. Inappropriate use exposes the company to risks including virus attacks, compromise of network systems and services, and legal issues. Ethics: This policy emphasizes the employee’s and consumer’s expectations to be subject to fair business practices. It establishes a culture of openness, trust, and integrity in business practices. This policy can guide business behavior to ensure ethical conduct. Information sensitivity: This policy is intended to help employees determine what information can be disclosed to nonemployees, as well as the relative sensitivity of information that should not be disclosed outside an organization without proper authorization. The information covered in these guidelines includes but is not limited to information that is either stored or shared via any means. This includes electronic information, information on paper, and information shared orally or visually (such as by telephone, video conferencing, and teleconferencing). E-mail: This policy covers appropriate use of any e-mail sent from an organization’s e-mail address and applies to all employees, vendors, and agents operating on behalf of the company. Password: The purpose of this policy is to establish a standard for creation of strong passwords, the protection of those passwords, and the frequency of change. Risk assessment: This policy is used to empower the Information Security (InfoSec) group to perform periodic information security risk assessments (RA) for the purpose of determining areas of vulnerability and to initiate appropriate remediation.
  3. As stated previously, today’s solutions are shifting toward the approach of placing safeguard mechanisms at various layers of the network, not just at the boundary or edge devices. Today, it is recommended to deploy Intrusion Prevention System (IPS) devices on both the inside and outside boundaries of private networks. Firewalls, on the other hand, are placed between various business segments or departments within the same organization, dividing the network into logical groupings and applying perimeter defense at each segment or department. In this multiperimeter model, each segment can have different layers of defense within it. Effective perimeter security has become increasingly important over recent years. Perimeter security cannot be trusted to only the traditional defense mechanisms of firewalls and IDS. Web applications, wireless access, network interconnectivities, and VPNs have made the perimeter a much more complicated concept than it was a couple of years ago. A layered approach requires implementing security solutions at different spectrums of the network. Another similar concept is islands of security . To implement islands of security, do not restrict your thinking to perimeter security. Do not depend on just one method for your security. You should, instead, have layers of protection—perimeter, distribution, core, and access layer. Figure 1-4 illustrates a basic multilayered security mechanism, which is designed to protect the data flow in the system.
  4. As stated previously, today’s solutions are shifting toward the approach of placing safeguard mechanisms at various layers of the network, not just at the boundary or edge devices. Today, it is recommended to deploy Intrusion Prevention System (IPS) devices on both the inside and outside boundaries of private networks. Firewalls, on the other hand, are placed between various business segments or departments within the same organization, dividing the network into logical groupings and applying perimeter defense at each segment or department. In this multiperimeter model, each segment can have different layers of defense within it. Effective perimeter security has become increasingly important over recent years. Perimeter security cannot be trusted to only the traditional defense mechanisms of firewalls and IDS. Web applications, wireless access, network interconnectivities, and VPNs have made the perimeter a much more complicated concept than it was a couple of years ago. A layered approach requires implementing security solutions at different spectrums of the network. Another similar concept is islands of security . To implement islands of security, do not restrict your thinking to perimeter security. Do not depend on just one method for your security. You should, instead, have layers of protection—perimeter, distribution, core, and access layer. Figure 1-4 illustrates a basic multilayered security mechanism, which is designed to protect the data flow in the system.
  5. As stated previously, today’s solutions are shifting toward the approach of placing safeguard mechanisms at various layers of the network, not just at the boundary or edge devices. Today, it is recommended to deploy Intrusion Prevention System (IPS) devices on both the inside and outside boundaries of private networks. Firewalls, on the other hand, are placed between various business segments or departments within the same organization, dividing the network into logical groupings and applying perimeter defense at each segment or department. In this multiperimeter model, each segment can have different layers of defense within it. Effective perimeter security has become increasingly important over recent years. Perimeter security cannot be trusted to only the traditional defense mechanisms of firewalls and IDS. Web applications, wireless access, network interconnectivities, and VPNs have made the perimeter a much more complicated concept than it was a couple of years ago. A layered approach requires implementing security solutions at different spectrums of the network. Another similar concept is islands of security . To implement islands of security, do not restrict your thinking to perimeter security. Do not depend on just one method for your security. You should, instead, have layers of protection—perimeter, distribution, core, and access layer. Figure 1-4 illustrates a basic multilayered security mechanism, which is designed to protect the data flow in the system.
  6. Network security is a continuous process built around the corporate security policy. The security wheel depicted in Figure 1-6 shows a recursive, ongoing process of striving toward perfection—to achieve a secured network infrastructure. The paradigm incorporates the following five steps: Step 1 Develop a security policy A strong security policy should be clearly defined, implemented, and documented, yet simple enough that users can easily conduct business within its parameters. Step 2 Make the network secure Secure the network by implementing security solutions (implement authentication, encryption, firewalls, intrusion prevention, and other techniques) to stop or prevent unauthorized access or activities and to protect information and information systems Step 3 Monitor and respond. This phase detects violations to the security policy. It involves system auditing and real-time intrusion detection and prevention solutions. This also validates the security implementation in Step 2. Step 4 Test. This step validates the effectiveness of the security policy through system auditing and vulnerability scanning and tests existing security safeguards. Step 5 Manage and improve. Use information from the monitor and test phases to make improvements to the security implementation. Adjust the corporate security policy as security vulnerabilities and risks are identified. Manage and improve corporate security policy.