NetGains Infrastructure Security

178
-1

Published on

NetGains Infrastructure Security provides rock solid email messaging platform

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
178
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

NetGains Infrastructure Security

  1. 1. NetGains Mail & Application Server Confidentiality & Security – Layered Approach Layered approach for securing NetGains Mail & Application Servers. It is a technical strategy, espousing adequate measures be put in place at different levels within the network infrastructure. It is also an organizational strategy, requiring participation from the clients, users, administrators & business owners. The layered-security approach centers on maintaining appropriate security measures and procedures at five different levels within the IT environment
  2. 2. NetGains Mail & Application Server Confidentiality & Security – Layered Approach Security level Applicable security measures 1. Perimeter • Firewall • Network-based anti-virus 2. Network • Intrusion detection /prevention system • Vulnerability management system • Endpoint security compliance • Access control /user authentication 3. Host Host 4. Application • Host IDS & Host VA • Access control/user authentication • Input validation 5. Data • Encryption • Access control/user authentication IDS & Host VA Endpoint security compliance Anti-virus Access control/user authentication
  3. 3. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 1: PERIMETER SECURITY    The perimeter is the first line of defense from outside, un-trusted networks. The perimeter acts as the first and last point of contact for security defenses protecting the network. It is the area where your network ends and the Internet begins. Sonic FireWALL PRO 3060      Real-Time Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention. Powerful Content Filtering. Deep Packet Inspection Firewall Real-Time Blacklist Spam Filtering Policy-based NAT
  4. 4. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 2: NETWORK SECURITY The network level of the layered-security model refers to internal LAN and WAN. • Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) • Vulnerability management - Vulnerability management systems perform two related functions: (1) they scan the network for vulnerabilities and (2) they manage the process of repairing the vulnerabilities found. • Endpoint security compliance (for VPN & RAS devices) • Access control/authentication (Network Level access) Answer: The Network level done administration is done by the ISP
  5. 5. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 3: HOST SECURITY In the layered-security model, the host level pertains to the servers configurable parameters that, when set inappropriately, can create exploitable security holes. These parameters include registry settings, services (applications) operating on the device, or patches to the operating system or important applications.  Host-based intrusion detection systems (IDSs)  Host-based vulnerability assessment (VA)  Endpoint security compliance  Anti-virus  Access control/authentication Answer: * For this we use Trend Micro Interscan Messaging Security Suite which gives protection against Viruses, Spam and FTP traffic.
  6. 6. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 4: APPLICATION SECURITY Application-level security is currently receiving a great deal of attention.      Poorly protected applications can provide easy access to confidential data and records. The hard truth is that most programmers don’t code with security in mind. Application shield - application-level firewall. Access control/authentication - only authorized users are able to access the application. Input validation - Input validation measures verify that application input traveling across your network is safe to process.
  7. 7. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 5: DATA SECURITY Data-level security entails a blend of policy and encryption. Encrypting data where it resides and as it travels across your network is a recommended best practice because, if all other security measures fail, a strong encryption scheme protects your proprietary data. Encryption Important Customer data is stored in the SQL Server Database and is completely encrypted. Access control / authentication There is a role based access to data. Eg  A programmer has access only to Application files.  Important Customer data & Profile is stored in Database and only DBA can access it.  An Administrator of the system can only administer the data and has no access to database & applications.  RAID 10 for Hard-disk redundancy.  TAPE backup
  8. 8. NetGains Mail & Application Server Confidentiality & Security – Layered Approach Thank You ! NetGains Technologies 708/709, Corporate Avenue, Sonawala Lane, Goregaon(E) Mumbai – 400 063. Sales: +91-22-6525 7000 / +91-22-6139 7000 Mobile : 9820089256 / 989200782

×