Information Security


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Information Security

  1. 1. Information Security Taarak India Private Limited By Mohit Shukla – [email_address] Harsh Bhasin –
  2. 2. About Taarak India <ul><li>Founded in November 2001 </li></ul><ul><li>Committed to provide Information Security Solutions & Services </li></ul><ul><li>Certifications Cisco, Checkpoint, Nokia, RSA, McAfee, Microsoft </li></ul><ul><li>Customer Vertical Software, BPO, KPO, PSU, Automobile, </li></ul><ul><li>Finance, Media, Construction, Stock Trade and many more……. </li></ul><ul><li>Team size 35 </li></ul>
  3. 3. Our Solution Addresses <ul><ul><li>Confidentiality </li></ul></ul><ul><ul><ul><li>Ensuring that information is accessible only to those authorized to have access </li></ul></ul></ul><ul><ul><li>Integrity </li></ul></ul><ul><ul><ul><li>Safeguarding the accuracy and completeness of information and processing methods </li></ul></ul></ul><ul><ul><li>Availability </li></ul></ul><ul><ul><ul><li>Ensuring that authorized users have access to information and associated assets when required </li></ul></ul></ul>
  4. 4. Agenda <ul><li>Risk to Information </li></ul><ul><li>Information Security Management </li></ul><ul><li>Technology Challenges </li></ul><ul><ul><ul><ul><li>Attack Prevention </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Bandwidth Availability & Optimization </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Data Security </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Log Management & Correlation </li></ul></ul></ul></ul><ul><ul><ul><ul><li>System Management </li></ul></ul></ul></ul>
  5. 5. Risk to Information
  6. 6. Headlines
  7. 7. Protect Information “ Information is an asset which, like other important business assets, has value to an organization and consequently needs to be suitably protected .”
  8. 8. Information Security Management
  9. 9. What is Information Security <ul><ul><li>Confidentiality </li></ul></ul><ul><ul><ul><li>Ensuring that information is accessible only to those authorized to have access </li></ul></ul></ul><ul><ul><li>Integrity </li></ul></ul><ul><ul><ul><li>Safeguarding the accuracy and completeness of information and processing methods </li></ul></ul></ul><ul><ul><li>Availability </li></ul></ul><ul><ul><ul><li>Ensuring that authorized users have access to information and associated assets when required </li></ul></ul></ul>
  10. 10. Information Security Management System: ISO/IEC 27001
  11. 11. Attack Prevention Intrusion Prevention System
  12. 12. History and Future of Attacks <ul><li>Increased number and complexity </li></ul><ul><li>Targets are evolving: </li></ul><ul><ul><li>Consumers to… </li></ul></ul><ul><ul><li>Businesses to… </li></ul></ul><ul><ul><li>Nations </li></ul></ul>Source: IDC, ICSA, CERT, CSI/FBI 0 1.0 1.5 2.0 Malicious Infection Attempts Network Intrusion Attempts 0 25 50 75 100 125 150 Network Intrusion Attempts Malicious Infection Attempts (M) Polymorphic Viruses Zombies Mass Mailer Viruses (Love Letter/Melissa) Denial of Service (Yahoo!, eBay) Blended Threats (CodeRed, Nimda) Spam, Phishing, Spyware (MyDoom, Sasser) (K) . 5 1995 1995 1997 1998 1999 2000 2001 2002 2003 2004 Corporate Data Theft (CardSystems TitanRain) Data Theft is latest target
  13. 13. Vulnerabilities & Attack More vulnerabilities = higher likelihood of attack Faster attacks = less time to react
  14. 14. Purpose-built for Evolving Threat Environment Pre-2005 <ul><li>Worms </li></ul><ul><li>DoS/DDoS </li></ul><ul><li>Server Exploits </li></ul>2005 EMERGING <ul><li>Spyware </li></ul><ul><li>Web Client Attacks </li></ul><ul><li>VoIP-based vulnerabilities </li></ul><ul><li>Sophisticated DoS attacks </li></ul><ul><li>P2P </li></ul><ul><li>Early Infrastructure vulnerability </li></ul><ul><li>Proactive </li></ul><ul><li>Broad attack prevention </li></ul><ul><li>Infrastructure protection </li></ul><ul><li>Prioritized blocking with Risk-Aware IPS </li></ul><ul><li>Known attack protection </li></ul><ul><li>Zero-day protection </li></ul><ul><li>DoS Protection </li></ul><ul><li>Built-in spyware protection </li></ul><ul><li>Built-in malware protection </li></ul><ul><li>VoIP vulnerability protection </li></ul><ul><li>Next-gen DoS </li></ul><ul><li>Unknown </li></ul><ul><li>Rapid </li></ul><ul><li>Prolific </li></ul><ul><li>Encrypted attacks? </li></ul><ul><li>VoIP attacks? </li></ul><ul><li>Distributed Botnet attacks </li></ul><ul><li>Advanced Botnet DoS/DDoD attacks </li></ul><ul><li>Spyware-based Root kits? </li></ul><ul><li>Evolving Infrastructure attacks? </li></ul>Evolving Threat Landscape Evolving Protection IntruShield
  15. 15. McAfee IntruShield IPS—Proven Security Industry’s Most Comprehensive, Accurate and Scalable IPS Solution Most Accurate Proven Detection <ul><li>Multiple detection engines </li></ul><ul><li>Proven accuracy maximizes network availability </li></ul><ul><li>Complete protocol analysis for absolute protection </li></ul><ul><li>Intelligent blocking with Risk-Aware IPS </li></ul>Most Scalable Flexible & Manageable <ul><li>Out-of-the-box default blocking for ease-of-use </li></ul><ul><li>Virtual IPS + Firewall for flexible policy enforcement </li></ul><ul><li>Industry’s highest Gigabit port-density appliances </li></ul><ul><li>Compelling price/benefit and low TCO for all network environments </li></ul><ul><li>Proactively prevents known, zero-day & DDoS attacks </li></ul><ul><li>Built-in Spyware, malware & Botnet protection </li></ul><ul><li>VoIP vulnerability & infrastructure protection </li></ul><ul><li>Stops encrypted threats </li></ul>Most Comprehensive Broad Protection
  16. 16. McAfee Network Security Deployment IntruShield—Network IPS <ul><li>Deployed at network core, edge and remote office </li></ul><ul><li>Blocks attacks on the wire </li></ul><ul><li>Protects critical infrastructure </li></ul><ul><li>Blocks botnet, VoIP & encrypted threats </li></ul>Secure Web Gateway <ul><li>Comprehensive spyware </li></ul><ul><li>Blocks viruses & malware </li></ul><ul><li>URL filtering </li></ul><ul><li>Content policy enforcement </li></ul>Web Server Switch Database User Desktops INTERNET Mail Server
  17. 17. Technology Challenges Bandwidth Optimization & Availability
  18. 18. Bandwidth Challenges <ul><li>Today organizations have invested heavily on the bandwidth to connect offices which are spread over multiple geographical locations. </li></ul><ul><li>But at the same time it has been seen that they are unable to get maximum return out of this investment. </li></ul><ul><li>The biggest challenge to them is visibility and optimum usage of deployed bandwidth. </li></ul><ul><li>Bandwidth Visibility = Application, Users & Usage </li></ul>
  19. 19. Packteer PacketShaper <ul><li>Monitoring Module - Identify and classify applications with Layer 7 </li></ul><ul><li>Plus technology. Get the information you need to solve application </li></ul><ul><li>performance issues. </li></ul><ul><li>Shaping Module - Fix critical application performance issues by allocating </li></ul><ul><li>bandwidth to ensure applications perform. </li></ul><ul><li>Compression Module - Create more bandwidth from existing physical links </li></ul><ul><li>and enhance the user experience. </li></ul><ul><li>Acceleration Module </li></ul><ul><li>Speed the performance of applications slowed by WAN latency. </li></ul>
  20. 20. Bandwidth & Application Availability <ul><li>Business today rely on their Internet connections & applications. Problems such as connection outage and overloaded application servers can occur anywhere at anytime. </li></ul><ul><li>That's why most enterprises maintain multiple Internet connections & servers. At the same it increases the complexity of management and optimum usage. </li></ul>
  21. 21. F5 BIG-IP Platform <ul><li>F5 BIG-IP delivers </li></ul><ul><li>High Availability – Link Controller </li></ul><ul><li>Improved performance </li></ul><ul><li>Application Load Balancing – Local Traffic Manager </li></ul><ul><li> </li></ul>
  22. 22. Technology Challenges Data Security
  23. 23. IT Security Today <ul><li>Risk is inevitable, but must be anticipated & mitigated </li></ul><ul><li>Computing devices are lost & stolen every day </li></ul><ul><li>Intrusions & breaches are on the rise </li></ul><ul><li>Passwords become weaker as code crackers proliferate </li></ul><ul><li>One laptop might contain: </li></ul>1,000 files 700 valuable documents 8 quarters of financial records 200 proprietary, confidential files 10,000 customer records
  24. 24. PGP Solutions <ul><li>A typical day at work…secured by PGP solutions </li></ul>In the back office <ul><li>Batch process </li></ul><ul><li>FTP </li></ul><ul><li>Backups </li></ul>Customers <ul><li>Email </li></ul>In the office <ul><li>Email </li></ul><ul><li>IM </li></ul><ul><li>Send files </li></ul>On the road <ul><li>Laptop </li></ul><ul><li>Send files </li></ul>Partners <ul><li>Laptop </li></ul><ul><li>Email </li></ul><ul><li>IM </li></ul><ul><li>Send files </li></ul>PGP Universal Series PGP Whole Disk Encryption for Enterprises PGP Desktop Professional PGP Command Line PGP Global Directory PGP Universal Web Messenger
  25. 25. Technology Challenges Log Collection , Correlation & Incident Management
  26. 26. The Enterprise Today Mountains of data, many stakeholders How to collect & protect all the data necessary to build a platform for compliance and security operations How to analyze and manage all the data to transform the information into actionable knowledge and intelligence Router logs IDS/IDP logs VPN logs Firewall logs Switch logs Windows logs Client & file server logs Wireless access logs Windows domain logins Oracle Financial Logs San File Access Logs VLAN Access & Control logs DHCP logs Linux, Unix, Windows OS logs Mainframe logs Database Logs Web server activity logs Content management logs Web cache & proxy logs VA Scan logs Configuration Control Lockdown enforcement Access Control Enforcement Privileged User Management Malicious Code Detection Spyware detection Real-Time Monitoring Troubleshooting Unauthorized Service Detection IP Leakage False Positive Reduction User Monitoring SLA Monitoring
  27. 27. Solution: RSA enVision An Information Management Platform … Compliance Operations Security Operations Access Control Configuration Control Malicious Software Policy Enforcements User Monitoring & Management Environmental & Transmission Security Access Control Enforcement SLA Compliance Monitoring False Positive Reduction Real-time Monitoring Unauthorized Network Service Detection More… All the Data Log Management Any enterprise IP device – Universal Device Support (UDS) No filtering, normalizing, or data reduction Security events & operational information No agents required … For Compliance & Security Operations Server Engineering Business Ops. Compliance Audit Application & Database Network Ops. Risk Mgmt. Security Ops. Desktop Ops. Report Alert/Correlation Incident Mgmt. Log Mgmt. Asset Ident. Forensics Baseline
  28. 28. RSA enVision A Platform for Security Operations = Most critical = Highly desired = Desired Security Objective Security Environment Product Capabilities <ul><li>Log Management </li></ul><ul><li>Asset Identification </li></ul><ul><li>Baseline </li></ul><ul><li>Report & Audit </li></ul><ul><li>Alert / Correlate </li></ul><ul><li>Forensic Analysis </li></ul><ul><li>Incident Management </li></ul><ul><li>Proof of delivery </li></ul><ul><li>Monitor against baselines </li></ul>SLA Compliance Monitoring <ul><li>Shutdown rogue services </li></ul><ul><li>Intellectual property leakage </li></ul>Unauthorized Network Service Detection <ul><li>External threat exposure </li></ul><ul><li>Internal investigations </li></ul>Watchlist Enforcement <ul><li>Watch remote network areas </li></ul><ul><li>Consolidate distributed IDS alerts </li></ul>Correlated Threat Detection <ul><li>Confirm IDS alerts </li></ul><ul><li>Enable critical alert escalation </li></ul>False Positive Reduction <ul><li>Troubleshoot network & security events </li></ul><ul><li>“ What is happening?” </li></ul>Real-time Monitoring <ul><li>Privileged user monitoring </li></ul><ul><li>Corporate policy conformance </li></ul>Access Control Enforcement Internal Systems & Applications eCommerce Operations Perimeter Network Operations
  29. 29. Advantages with RSA enVision <ul><li>RSA enVision is capable of providing monitoring features like: </li></ul><ul><li>Failed authentication activities at server, networking and security device level. </li></ul><ul><li>Configuration changes in devices like firewalls, windows account creation/deletion etc. </li></ul><ul><li>System Failures, </li></ul><ul><li>Top machines generating virus traffic. </li></ul><ul><li>Users utilizing maximum network Bandwidth </li></ul><ul><li>Unauthorized access of systems by partners for outsourced work. </li></ul><ul><li>Monitoring as specified in compliance standards like IS027002, SOX etc. </li></ul><ul><li>Changes/ access attempts to access home grown/custom applications. </li></ul><ul><li>Forensics of an old events </li></ul><ul><li>Trace of user activity </li></ul><ul><li>Network Traffic patters. </li></ul>
  30. 30. RSA enVision Transformation of Data into Actionable Intelligence Over 800 reports for regulatory compliance & security operations Dashboards
  31. 31. Technology Challenges System Management <ul><li>Inventory </li></ul><ul><li>Patch Management </li></ul><ul><li>Software Deployment </li></ul><ul><li>Configuration Management </li></ul>
  32. 32. IT Challenges <ul><li>IT Organizations face a challenging economic and technical environment. </li></ul><ul><li>The need to contain costs is an absolute necessity. Today, doing more with less </li></ul><ul><li>has become a necessity. </li></ul><ul><li>Yet the demand for continuous systems availability and reliability continues to </li></ul><ul><li>increase exponentially. </li></ul><ul><li>The reality continues to be limited IT Staff / limited IT Budget </li></ul><ul><ul><li>Gartner Group estimates that 78% of IT budgets are spent on maintaining existing systems </li></ul></ul><ul><ul><ul><li>Availability </li></ul></ul></ul><ul><ul><ul><li>Security </li></ul></ul></ul><ul><ul><ul><li>Performance </li></ul></ul></ul><ul><ul><ul><li>Problem and Change Management </li></ul></ul></ul><ul><li>The above environment can make the secure configuration management of the </li></ul><ul><li>IT Infrastructure complex and time consuming without the right tools for the </li></ul><ul><li>job. </li></ul>
  33. 33. System Management Challenges <ul><li>Count of Systems in use </li></ul><ul><li>Application deployed in the network </li></ul><ul><li>Operating System deployed & its count </li></ul><ul><li>System misuse by end user </li></ul><ul><li>Hardware inventory </li></ul><ul><li>System Vulnerabilities </li></ul>
  34. 34. Next Generation Configuration Management Software Management Streamlines software deployment, configuration, and remediation tasks Patch Management Eliminates software vulnerabilities to secure networked computers Asset Management View and manage the software and hardware assets Policy Management Monitor and enforce security policies automatically Dynamic Configuration Management
  35. 35. New Boundary Technologies CONFIDENTIAL INFORMATION New Boundary Prism Suite Gives administrators control through real-time, intelligent insight into the state of networked systems so they can create and enforce standard desktop configurations for their organization. A Real Benefit for an organization
  36. 36. Our Services <ul><li>Security Resident Engineer </li></ul><ul><li>Solution Implementation & Support </li></ul><ul><li>Network Security Trainings </li></ul><ul><li>Security Implementation </li></ul><ul><li>Information Assurance Services </li></ul><ul><li>(Vulnerability Assessment, Penetration Testing, ISO/IEC 27001 Implementation) </li></ul>
  37. 37. Question & Answer