Your SlideShare is downloading. ×
0
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

[RakutenTechConf2013] [E-4] FUSION Forensics - A Critical Information Handling Method on Public Clouds -

361

Published on

Rakuten Technology Conference 2013 …

Rakuten Technology Conference 2013
"FUSION Forensics - A Critical Information Handling Method on Public Clouds -"
Isao Okazaki, FUSION Communications Corporation

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
361
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
3
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Good afternoon everyone!
    Thank you for coming to my presentation.
    My name is Isao Okazaki, from FUSION Communications Corporation.
    I’d like to talk to you today about FUSION Forensics, a critical information handling method on public clouds.
  • This is today’s Agenda.
  • So, let’s get started what is FUSION.
    In this part, I would like to talk about our company overview and our services.
  • Our company, FUSION Communications corporation, in short FUSION, was established in 2000 as an telecommunications carrier.
    Now FUSION is the subsidiary company of Rakuten and Marubeni, respectively.
  • Next, I would like to talk about our service line-ups.
    First, FUSION has provided Phone Service since 2001.
  • And we have Broadened B2B Telephony service such as call center solution, pay-per call service and Asterisk solution.
    Asterisk is one of the open source based IP-PBX and very special service in Japan.
  • Next, We have expanded service category to ISP and Mobile.
  • And now, Cloud Service is the newest category of FUSION.
    These are our service line-ups.
    Now, let’s focus on this cloud service.
  • We firstly started public cloud service, FUSION Cloud (IaaS) in 2012.
    One of the features is Carrier grade Service Quality of FUSION.
  • And after that, we have been launched PaaS for RMS, SaaS for File Sharing and SaaS for Log Audit since 2012.
    They are all our original and unique services and last one is the FUSION Forensics.
  • To sum up, I have talked about our company overview and our services.
    Especially, we are one of the Rakuten group company and we launched unique cloud services like FUSION Forensics.
  • The second item is about Digital Forensics.
    In this part, I would like to talk about Digital Forensics and to show you how to handle critical information on systems using Digital Forensics.
  • Let’s move on to the definition of Forensics.
    Forensic science is generally defined as the application of science to the law.
    For example, regarding criminal investigation, it is considered as follows:

    First, collect marks such as smell or fingerprint of a suspected person and make data.
    Next, examine the data and make information.
    Third, analyze the information and make evidence. Finally, report the evidence.
    So, Forensics can find or deduce who did the crime, and that’s why they contribute to deter crime.
  • The process of Digital Forensics is the same as in a criminal investigation.
    Generally, Digital Forensics is considered the application of science to the following process.
    First, collecting media and make data.
    Next, examine the data and make information.
    Third, analyze the information and make evidence. Finally, report the evidence.
    So, Digital Forensics can find or deduce who operate the information.
    That’s why they contribute to suppress security incident including information leakage.
  • Then let’s think about what happens if we don’t have the system for digital forensics and if security incident occurred.
    In these cases, a lot of problems occur in the process of digital forensics as shown in this page.
    Regarding collection, the problems are …., …..
    Regarding examination, the problems are …., …..
    Regarding analysis, the problems are …., …..
    And regarding reporting, the problems is …., …..
  • So, if we don’t have the system for digital forensics, security incident takes so much effort and time to solve the problem.
    Furthermore, the company would lose their customers’ trust.
    Therefore, we need the system for digital forensics to suppress security incident and to handle critical information on systems.
  • Actually, IPA, which is Information-technology Promotion Agency, Japan, announced that regarding technical side, introducing digital forensics is effective for attacking measures from inside the company.
  • Next, I will explain the methods of digital forensics.
    Generally, there are 3 collecting methods on Digital forensics.
    ①Jump Server
    Operators once log in to a jump server and re-log in to targeted servers.
    In this method, all the operation logs of the operators are captured in the jump server.
    ②Log Server
    All the record of operations are saved as “logs” in the servers or operator’s PC and a log server brings logs from them.
    ③Network Traffic Capturing
    A log server captures logs from network. All the operations on the network are captured in the log server.
    Actually, we adopted ①Jump Server for digital forensics because it can easily and correctly record all the commands and their responses of operations.
  • To sum up, I have talked about Digital Forensics and show you how to handle critical information on systems using Digital Forensics.
  • The third item is about FUSION Forensics.
    In this part, I would like to talk about FUSION Forensics and show you how to handle critical information on public clouds using FUSION Forensics.
  • So, let’s start by looking at the backgrounds.
    The trend from on-premises enterprise systems to public cloud has been growing sharply over the past few years due to advantages in cost effectiveness, system elasticity, BCP measures and more.
  • Therefore, the demand of handling critical information on public cloud has been increasing as well as on-premises enterprise systems.
  • In this part, I will explain FUSION Forensics and show you how to handle critical information on public clouds using FUSION Forensics.
  • FUSION developed and commercialized one of the solutions for digital forensics.
    Regarding Collection, FUSION Forensics supports Operation Log Capturing.
    Regarding Examination, they supports Archiving original logs.
    Regarding Analysis, they supports Searching Logs on Management Console.
    And regarding Reporting, they supports Reporting Audit Evidence Automatically.
    So, FUSION Forensics provides the environment to handle critical information.
  • And FUSION Forensics adopted ①Jump Server for collecting method because it can directory record all the commands and their responses of operations.
    That is to say, Operators once log in to a jump server and re-log in to targeted servers.
    All the operation logs of the operators are captured in the jump server.
  • Next, let’s move on to the system image of FUSION Forensics.
    First, FUSON Forensics supports various systems such as FUSION Cloud, other public clouds and on-premises enterprise systems.
  • Second, FUSION Forensics supports SSL and key pairs on both sides of users and servers for secure access to public clouds.
    This is one of the most important features of this system.
  • Third, FUSION Forensics supports various client software such as Tera Term, PuTTY and more.
    So, operators don’t need to install specific software.
  • Last, FUSION Forensics supports management console.
    So, administrators or auditors can manage and audit operators.

  • Next, let’s move on to the features of FUSION Forensics.
    FUSION Forensics fully supports collection process like this.
  • And supports examination, analysis and reporting process, respectively.
  • Next, let’s move on to the use cases of FUSION Forensics.
    First one is from internal to internal connection which means Internal operators access to their internal On-premises systems and network equipment through FUSION Forensics.
  • Second one is from internal to external connection which means Internal operators access to their external servers on Public Clouds including FUSION Cloud through FUSION Forensics.
  • Third one is from external to internal connection which means External Vendor Engineers access to customers’ internal on-premises servers and equipment through FUSION Forensics.
  • And fourth one is from external to external connection which means External Vendor Engineers access to customers’ external servers on Public Clouds including FUSION Cloud through FUSION Forensics.
    These are use cases of FUSION Forensics.
  • To sum up, I have talked about FUSION Forensics and show you how to handle critical information on public clouds using FUSION Forensics.
  • The fourth item is about Digital Forensics demo.
  • First demo is SSH with key pair.
    First, operators access to their external servers on FUSION Cloud through FUSION Forensics using SSH client and key pair.
    After that, administrators search and check the log through management console.
  • Second one is RDP.
    Operators access to their external servers on FUSION Cloud through FUSION Forensics using RDP.
    After that, administrators search and check the log through management console.
  • To sum up, Italked about FUSION Forensics demo using SSH and RDP.

  • The last item is about conclusion.
  • Thank you for listening!
  • Finally, for more information, we have 3 contact points:
    First one is our booth in this floor!
    Second one is our website.
    Third one is our e-mail.
    Please visit and contact us!
    Again, thank you for listening!
  • Transcript

    • 1. 1 FUSION Forensics - A Critical Information Handling Method on Public Clouds - Isao Okazaki FUSION Communications Corporation October 26 2013
    • 2. 2 Agenda 1) What is FUSION? 2) What are Digital Forensics? 3) What are FUSION Forensics? 4) FUSION Forensics Demo 5) Conclusion
    • 3. 3 1) What is FUSION? 2) What are Digital Forensics? 3) What are FUSION Forensics? 4) FUSION Forensics Demo 5) Conclusion Agenda Summary of this part:  I would like to talk about our company overview and our services.
    • 4. 4 What is FUSION? – Corporate Overview Name FUSION COMMUNICATIONS Corporation Established March 13 2000 President Takahito Aiki Business in brief Telecommunications carrier Major shareholders Rakuten Inc. (54.78%) Marubeni Corporation (38.00%) Our company, FUSION Communications corporation (FUSION) was established in 2000 as an telecommunications carrier. Now FUSION is a subsidiary company of Rakuten and Marubeni, respectively.
    • 5. 5 What is FUSION? – Service Line-ups Phone Service FUSION has provided Phone Service since 2001.
    • 6. 6 Telephony Service We have Broadened B2B Telephony Service. What is FUSION? – Service Line-ups
    • 7. 7 Mobile Service ISP Service We have expanded service category to ISP and Mobile. What is FUSION? – Service Line-ups Telephony Service
    • 8. 8 Cloud Service Cloud Service is the newest category of FUSION. What is FUSION? – Service Line-ups Mobile Service ISP Service Telephony Service
    • 9. 9 What is FUSION? – Cloud Service (IaaS) We firstly started Public Cloud Service, “FUSION Cloud” (IaaS) in 2012.  Carrier grade Service Quality of FUSION IaaS (Apr.2012)
    • 10. 10 What is FUSION? – Broadening Cloud Service We have launched New Cloud Services, PaaS & SaaS since October, 2012.  Original and unique services IaaS (Apr.2012) PaaS for RMS (Oct.2012) SaaS for File Sharing (Feb.2013) SaaS for Log Audit (May,2013)
    • 11. 11 1) What is FUSION? 2) What are Digital Forensics? 3) What are FUSION Forensics? 4) FUSION Forensics Demo 5) Conclusion Agenda Summary of this part:  I have talked about our company overview and our services.  We are one of the Rakuten group company and we launched unique cloud services like FUSION Forensics.
    • 12. 12 1) What is FUSION? 2) What are Digital Forensics? 3) What are FUSION Forensics? 4) FUSION Forensics Demo 5) Conclusion Agenda Summary of this part:  I would like to talk about Digital Forensics and to show you how to handle critical information on “systems” using Digital Forensics.
    • 13. 13 What are Digital Forensics? – Forensics Forensic science is generally defined as the application of science to the law (*). (*)NIST SP800-86 (http://csrc.nist.gov/publications/nistpubs/800-86/SP800-86.pdf) For example, regarding criminal investigation, it is considered as follows: Examine Data Analyze Information Report Evidence Forensic science can find or deduce who did the crime. That’s why they contribute to deter crimes. Collect Marks Smell Finger Print
    • 14. 14 What are Digital Forensics? – Digital Forensics The process of Digital Forensics is the same as in a criminal investigation. Generally, Digital Forensics is considered the application of science to the following process (*). (*)In reference to NIST SP800-86 (http://csrc.nist.gov/publications/nistpubs/800- 86/SP800-86.pdf), FUSION made this figure. Collect Media Examine Data Analyze Information Report Evidence Digital Forensics can find or deduce who operates the information. That’s why they contribute to suppress security incident including information leakage.
    • 15. 15 What happens if we don’t have the system for digital forensics and if security incident occurred? In these cases, a lot of problems occur in the process of digital forensics. C R A E  There aren’t enough information to report.  Are there any Logs?  Where are the Logs?  Which Log should I look at?  Is the Log correct?  How to analyze the Logs?  It takes for a long time. Security Incident What are Digital Forensics? – Handling Critical Information(1)
    • 16. 16 What are Digital Forensics? – Handling Critical Information(2) Therefore, we need the system for digital forensics to suppress security incident and to handle critical information on systems. System for Digital Forensics If we don’t have the system for digital forensics, security incident takes so much effort and time to solve the problem. Furthermore, the company would lose their customers’ trust. Security Incident System for Digital Forensics
    • 17. 17 Actually, IPA (Information-technology Promotion Agency, Japan) announced that regarding technical side introducing digital forensics is effective for attacking measures from inside the company (*). (*)http://www.ipa.go.jp/security/fy23/reports/insider/documents/insider_report.pdf Security Incidents SecurityIncidents from Outside Company from Inside Company Conventional Information Security Confidentiality Availability integrity Technical Side: Introducing Digital Forensics Operation Side: Setting Appropriate Access Authority Information Security Measures IPA announced they are effective for attacking measures from inside the company. What are Digital Forensics? – Handling Critical Information(3)
    • 18. 18 Generally, there are 3 collecting methods on Digital Forensics. ①Jump Server ②Log Server ③Network Traffic Capturing Operators ②Log Server Network ①Jump Server ③ Network Traffic Capturing We adopted ①Jump Server because it can directory record all the commands and their responses of operations. LogLog Log Log What are Digital Forensics? – Handling Critical Information(4) Servers Log
    • 19. 19 1) What is FUSION? 2) What are Digital Forensics? 3) What are FUSION Forensics? 4) FUSION Forensics Demo 5) Conclusion Agenda Summary of this part:  I have talked about Digital Forensics and show you how to handle critical information on “systems” using Digital Forensics.
    • 20. 20 1) What is FUSION? 2) What are Digital Forensics? 3) What are FUSION Forensics? 4) FUSION Forensics Demo 5) Conclusion Agenda Summary of this part:  I would like to talk about FUSION Forensics and show you how to handle critical information on “public clouds” using FUSION Forensics.
    • 21. 21 What are FUSION Forensics? – Backgrounds(1) On-premises Enterprise Systems Advantages in - Cost Effectiveness - System Elasticity - BCP measures more… Public Cloud The trend from on-premises enterprise systems to public cloud has been growing sharply over the past few years.
    • 22. 22 What are FUSION Forensics? – Backgrounds(2) Public Cloud The demand of handling critical information on public cloud has been increasing as well as on-premises enterprise systems. Demand of Handling Critical Information On-premises Enterprise Systems Advantages - Cost Effectiveness - System Elasticity - BCP measures more… Demand of Handling Critical Information
    • 23. 23 What are FUSION Forensics? – Backgrounds(3) Public Cloud I will explain FUSION Forensics and show you how to handle critical information on “public clouds” using FUSION Forensics. On-premises Enterprise Systems Advantages - Cost Effectiveness - System Elasticity - BCP measures more… Demand of Handling Critical Information Demand of Handling Critical Information
    • 24. 24 What are FUSION Forensics? – Introduction(1) FUSION Forensics provide the environment to handle critical information.  Operation Log Capturing  Archiving original logs  Searching Logs on Management Console  Reporting Audit Evidence Automatically FUSION developed and commercialized one of the solution for digital forensics. C R A E
    • 25. 25 What are FUSION Forensics? – Introduction(2) Operators Servers Log FUSION Forensics adopted ①Jump Server for collecting method because it can directory record all the commands and their responses of operations. ①Jump Server All the operation logs of the operators are captured in the jump server.
    • 26. 26 What are FUSION Forensics? – System Image(1) VMs VMs Physical Servers On-premises Ent. Systems Clouds Public Cloud FUSION Operation SSH, etc. Admin Audit Operators Auditors Administrators Jump Servers Log Capturing Log Archive Servers Operation SSH, etc. Original PrivateLinesInternetVPC,etc. Collecting Servers Key for User Key for User Key for Server Key for Server Log User Original Log Reference Registration Client Software TeraTerm/PuTTY Supporting various systems. Management Console Web Servers
    • 27. 27 What are FUSION Forensics? – System Image(2) VMs VMs Physical Servers On-premises Systems Clouds Public Cloud FUSION Operation SSH, etc. Admin Audit Auditors Administrators Jump Servers Log Capturing Log Archive Servers Operation SSH, etc. Original PrivateLinesInternetVPC,etc. Collecting Servers Key for User Key for Server Key for Server Log User Original Log Reference Registration Supporting SSL and key pairs on both sides of users and servers for secure access to public clouds. . Management Console Web Servers Key for User Client Software TeraTerm/PuTTY Operators
    • 28. 28 What are FUSION Forensics? – System Image(3) VMs VMs Physical Servers On-premises Systems Clouds Public Cloud FUSION Operation SSH, etc. Admin Audit Auditors Administrators Jump Servers Log Capturing Log Archive Servers Operation SSH, etc. Original PrivateLinesInternetVPC,etc. Collecting Servers Key for User Key for Server Key for Server Log User Original Log Reference Registration Supporting various client software such as TeraTerm, PuTTY and more. So, operators don’t need to install specific software. Management Console Web Servers Key for User Operators Client Software TeraTerm/PuTTY
    • 29. 29 What are FUSION Forensics? – System Image(4) VMs VMs Physical Servers On-premises Systems Clouds Public Cloud FUSION Operation SSH, etc. Admin Audit Auditors Administrators Jump Servers Log Capturing Management Console Web Servers Log Archive Servers Operation SSH, etc. Original PrivateLinesInternetVPC,etc. Collecting Servers Key for User Key for Server Key for Server Log User Original Log Reference Registration Supporting management console. So, administrators or auditors can manage and audit operators. Key for User Client Software TeraTerm/PuTTY Operators
    • 30. 30 What are FUSION Forensics? – Features (1)  Capturing Protocol: SSH, Telnet, FTP, SCP, SFTP, RDP(Coming in Nov.)  Client Software: Tera Term, PuTTy, OpenSSH, WinSCP, FileZilla, SFTP  Connecting to: public clouds, on-premises systems, network equipment  SSH Authentication Method: 2 step, menu C Collection (Media) Examination (Data) Analysis (Information) Reporting (Evidence)
    • 31. 31 What are FUSION Forensics? – Features(2)  User/Server Maintenance: User Maintenance, Server Maintenance, User/Server Access Control, Log Volume  Dashboard: Access Summary, Announcement  Log Type: Command Line, Command Response  Log Search: Time Interval, User Name, Server Name, User/Server IP Address, Protocol, Commands, Searching Option  Log reporting for Audit: Periodical Reporting of the specific format  Log Download: Generating CSV formatted Log, Log Compression with Password R A E Collection (Media) Examination (Data) Analysis (Information) Reporting (Evidence)
    • 32. 32 Internal operators access to their internal on-premises systems through FUSION Forensics. What are FUSION Forensics? – Use Cases(1) Operators Log  From Internal to Internal connection Internal Internal Critical Information ①Access ②Manage and audit operators Auditors Administrators On-premises Systems ①Access
    • 33. 33 What are FUSION Forensics? – Use Cases(2) Internal operators access to their external servers on Public Clouds through FUSION Forensics.  From Internal to External connection Operators Log Internal External Servers Public Clouds Critical Information Auditors Administrators ②Manage and audit operators ①Access①Access
    • 34. 34 What are FUSION Forensics? – Use Cases(3) External Vendor Engineers access to customers’ internal on-premises servers through FUSION Forensics. Engineers Vendor Log  From External to Internal connection External Internal Critical Information Auditors Administrators On-premises Systems ②Manage and audit operators ①Access①Access
    • 35. 35 What are FUSION Forensics? – Use Cases(4)  From External to External connection Log External Servers Public CloudsEngineers Vendor External External Vendor Engineers access to customers’ external servers on Public Clouds through FUSION Forensics. Critical Information Auditors Administrators ②Manage and audit operators ①Access①Access
    • 36. 36 1) What is FUSION? 2) What are Digital Forensics? 3) What are FUSION Forensics? 4) FUSION Forensics Demo 5) Conclusion Agenda Summary of this part:  I have talked about FUSION Forensics and show you how to handle critical information on “public clouds” using FUSION Forensics.
    • 37. 37 1) What is FUSION? 2) What are Digital Forensics? 3) What are FUSION Forensics? 4) FUSION Forensics Demo 5) Conclusion Agenda
    • 38. 38 FUSION Forensics Demo – SSH /w Key Pair Operators Log Servers Critical Information ①Access (SSH and Key Pair) ②Manage and audit operators Auditors Administrators First, operators access to their external servers on FUSION Cloud through FUSION Forensics using SSH client and key pair. After that, administrators search and check the log through management console. Internal External Start Demo Start Demo ①Access (SSH and Key Pair)
    • 39. 39 FUSION Forensics Demo – RDP Operators Log Servers Critical Information Auditors Administrators Second, operators access to their external servers on FUSION Cloud through FUSION Forensics using RDP. After that, administrators search and check the log through management console. Internal External Start Demo ①Access (RDP) ②Manage and audit operators ①Access (RDP)
    • 40. 40 1) What is FUSION? 2) What are Digital Forensics? 3) What are FUSION Forensics? 4) FUSION Forensics Demo 5) Conclusion Agenda Summary of this part:  I talked about FUSION Forensics Demo using SSH and RDP.
    • 41. 41 1) What is FUSION? 2) What are Digital Forensics? 3) What are FUSION Forensics? 4) FUSION Forensics Demo 5) Conclusion Agenda
    • 42. 42 In this presentation, we will introduce FUSION Forensics and show you how to handle the critical information on public cloud using FUSION Forensics. Conclusion Collection (Media) Examination (Data) Analysis (Information) Reporting (Evidence)
    • 43. 43 Thank you for listening!
    • 44. 44 For more information, Booth: RT1 13F Cafeteria Web Site: www.fusioncom.co.jp/forensics/ E-mail: cloud_plan@fusioncom.co.jp Please visit and contact us!

    ×