SlideShare a Scribd company logo

Security Risk Management- moeshesh

Download as PPTX, PDF
Mohamed Shishtawy
Mohamed Shishtawy
TechnologyBusiness
1 of 16
ePolicy Orchestrator 4.0 with Security Risk Management Mohamed A. Shishtawy © 2007 McAfee, Inc.
Security Risk Management with ePolicy Orchestrator
Module Topics • Security Risk Management with ePO – SRM Model – Centralized Security Management – Components & Architecture Security Risk Management with ePolicy Orchestrator Module 1 - 3 © 2009 McAfee, Inc. All rights reserved.
Security Risk Management  SRM Model • Centralized Management • Components & Architecture • Machine import Identify & • Machine discovery group assets • Rogue detection • Infection reporting • Measure Determine vulnerability risk • Notification • Configuration Protect and • Enforcement block • Maintenance • Coverage reporting • Compliance reporting Measure • System compliance compliance • McAfee NAC Security Risk Management with ePolicy Orchestrator Module 1 - 4 © 2009 McAfee, Inc. All rights reserved.
Protecting The Enterprise • The Challenge – Identify & group assets – Determine risk – Protect and block threats – Measure compliance Security Risk Management with ePolicy Orchestrator Module 1 - 5 © 2009 McAfee, Inc. All rights reserved.
Identify & Group Assets • Import known machines from a browse list • Synchronize with Active Directory • Detect Rogue Systems • Group machines according to management needs • Assign policies on a generic or granular level Security Risk Management with ePolicy Orchestrator Module 1 - 6 © 2009 McAfee, Inc. All rights reserved.
Determine Risk • Monitor threat events and propagation • Determine infection and outbreak source • Provide Automatic Responses to rule infringement Security Risk Management with ePolicy Orchestrator Module 1 - 7 © 2009 McAfee, Inc. All rights reserved.
Protect And Block Threats • Ensure correct configuration • Enforce security policy • Maintain and update protection • Respond to rule intrusion Security Risk Management with ePolicy Orchestrator Module 1 - 8 © 2009 McAfee, Inc. All rights reserved.
Measure Compliance • Report on coverage and protection levels • Determine compliance to anti-virus policy • Determine compliance to system policy • Roll-up reporting across multiple ePO servers Security Risk Management with ePolicy Orchestrator Module 1 - 9 © 2009 McAfee, Inc. All rights reserved.
Centralized System Security Management  SRM Model  Centralized Mgmt • Components/Architecture ePolicy Automatic Manage only Orchestrator McAfee one policy Server and Download Responses to Master Site Threats framework Repository Consolidate monitoring Product Updates Automatic DAT File Updates and reporting Responses / Threat Database Notification Server Scalability & Rogue Web-based Bandwidth System Consoles savings Remote Secure Detection Agent Bi-directional Sensor Handler Channel Update Repository Product Updates Product Updates DAT File Updates DAT File Updates Policy Updates Threat Events Policy Updates Threat Events Easily discover non-compliant systems Managed Systems with McAfee Agents Managed Systems with McAfee Agents Security Risk Management with ePolicy Orchestrator Module 1 - 10 © 2009 McAfee, Inc. All rights reserved.
Feature Management • ePolicy Orchestrator manages products through: – Product deployment – Configuration management – Update and task configuration – Coverage reporting – Threat Event reporting Security Risk Management with ePolicy Orchestrator Module 1 - 11 © 2009 McAfee, Inc. All rights reserved.
Architecture And Communication Agent Handler McAfee Agent APACHE Event Parser Service Service Framework Service HTTP 80 Master UDP 8081 Repository UDP 8082 TCP 8081 DAL HTTP 8080 ePO Server Application Server Network Database (TOMCAT) Console UI Rogue HTTPS 8443 Notification Sensor System Rogue System HTTPS 8444 Sensor Security Risk Management with ePolicy Orchestrator Module 1 - 12 © 2009 McAfee, Inc. All rights reserved.
Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect • Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 13 © 2009 McAfee, Inc. All rights reserved.
Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect  Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 14 © 2009 McAfee, Inc. All rights reserved.
ePolicy Orchestrator 4.0 with Security Risk Management Mohamed A. Shishtawy © 2007 McAfee, Inc.

Recommended

HIPAA HITECH Compliance Assurance Template
HIPAA HITECH Compliance Assurance TemplateHIPAA HITECH Compliance Assurance Template
HIPAA HITECH Compliance Assurance Template
data brackets
 
Mct summit na what's new in forefront endpoint protection 2012 beta
Mct summit na what's new in forefront endpoint protection 2012 betaMct summit na what's new in forefront endpoint protection 2012 beta
Mct summit na what's new in forefront endpoint protection 2012 beta
Peter De Tender
 
SMS Manager Static Demo | Aviation Safety Management System
SMS Manager Static Demo | Aviation Safety Management SystemSMS Manager Static Demo | Aviation Safety Management System
SMS Manager Static Demo | Aviation Safety Management System
Universal Weather and Aviation, Inc.
 
Why do Hand-picked Cherries... (2009)
Why do Hand-picked Cherries... (2009)Why do Hand-picked Cherries... (2009)
Why do Hand-picked Cherries... (2009)
Marc Jadoul
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meeting
fcleary
 
Measured boot for embedded devices
Measured boot for embedded devicesMeasured boot for embedded devices
Measured boot for embedded devices
Dmitry Baryshkov
 
Security Engineering 1 (CS 5032 2012)
Security Engineering 1 (CS 5032 2012)Security Engineering 1 (CS 5032 2012)
Security Engineering 1 (CS 5032 2012)
Ian Sommerville
 
Mc afee conectando las piezas
Mc afee conectando las piezasMc afee conectando las piezas
Mc afee conectando las piezas
Software Guru
 

Recommended

HIPAA HITECH Compliance Assurance Template
HIPAA HITECH Compliance Assurance TemplateHIPAA HITECH Compliance Assurance Template
HIPAA HITECH Compliance Assurance Template
data brackets
 
Mct summit na what's new in forefront endpoint protection 2012 beta
Mct summit na what's new in forefront endpoint protection 2012 betaMct summit na what's new in forefront endpoint protection 2012 beta
Mct summit na what's new in forefront endpoint protection 2012 beta
Peter De Tender
 
SMS Manager Static Demo | Aviation Safety Management System
SMS Manager Static Demo | Aviation Safety Management SystemSMS Manager Static Demo | Aviation Safety Management System
SMS Manager Static Demo | Aviation Safety Management System
Universal Weather and Aviation, Inc.
 
Why do Hand-picked Cherries... (2009)
Why do Hand-picked Cherries... (2009)Why do Hand-picked Cherries... (2009)
Why do Hand-picked Cherries... (2009)
Marc Jadoul
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meeting
fcleary
 
Measured boot for embedded devices
Measured boot for embedded devicesMeasured boot for embedded devices
Measured boot for embedded devices
Dmitry Baryshkov
 
Security Engineering 1 (CS 5032 2012)
Security Engineering 1 (CS 5032 2012)Security Engineering 1 (CS 5032 2012)
Security Engineering 1 (CS 5032 2012)
Ian Sommerville
 
Mc afee conectando las piezas
Mc afee conectando las piezasMc afee conectando las piezas
Mc afee conectando las piezas
Software Guru
 
OER Talk @ University of Maryland #OAweek
OER Talk @ University of Maryland #OAweekOER Talk @ University of Maryland #OAweek
OER Talk @ University of Maryland #OAweek
Nicole Allen
 
Human environment-interactions
Human environment-interactionsHuman environment-interactions
Human environment-interactions
Lexi34
 
Weather
WeatherWeather
Weather
Игорь Анатольевич
 
Foil insulation radiant barrier from sinolam
Foil insulation radiant barrier from sinolamFoil insulation radiant barrier from sinolam
Foil insulation radiant barrier from sinolam
WWW.SINOLAM.COM WEBSITE
 
Represii. Deportari. Foamete
Represii. Deportari. FoameteRepresii. Deportari. Foamete
Represii. Deportari. Foamete
Adela Negura
 
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
Azimut Yacht Club
 
экоблок презентация
экоблок презентацияэкоблок презентация
экоблок презентация
musorabolshenet
 
Open Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for DevelopmentOpen Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for Development
Nicole Allen
 
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
Nicole Allen
 
Les données du Data Portal du Shift Project sur l'électricité britannique et ...
Les données du Data Portal du Shift Project sur l'électricité britannique et ...Les données du Data Portal du Shift Project sur l'électricité britannique et ...
Les données du Data Portal du Shift Project sur l'électricité britannique et ...
The Shift Project
 
Social media
Social mediaSocial media
Social media
Norlela Alias
 
Una forma geométrica de medir irracionalidad
Una forma geométrica de medir irracionalidadUna forma geométrica de medir irracionalidad
Una forma geométrica de medir irracionalidad
Pedro Morales
 
духовные ценности волонтёра
духовные ценности волонтёрадуховные ценности волонтёра
духовные ценности волонтёра
musorabolshenet
 
Business in the future
Business in the futureBusiness in the future
Business in the future
ryuuzaki Ghifari
 
үзүүлэн5
үзүүлэн5үзүүлэн5
үзүүлэн5
munkhtuyagg
 
Warp9: reactive primitives
Warp9: reactive primitivesWarp9: reactive primitives
Warp9: reactive primitives
rystsov
 
Cleopatra
CleopatraCleopatra
Cleopatra
mj_aerox
 
managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...
Tushar Upadhyay
 
Open access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSCOpen access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSC
Adela Negura
 
OCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALESOCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALES
Ines Tazon
 
2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management
Pinewood
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log Manager
Novell
 

More Related Content

Viewers also liked

Human environment-interactions
Human environment-interactionsHuman environment-interactions
Human environment-interactions
Lexi34
 
Represii. Deportari. Foamete
Represii. Deportari. FoameteRepresii. Deportari. Foamete
Represii. Deportari. Foamete
Adela Negura
 
Open Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for DevelopmentOpen Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for Development
Nicole Allen
 
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
Nicole Allen
 
Warp9: reactive primitives
Warp9: reactive primitivesWarp9: reactive primitives
Warp9: reactive primitives
rystsov
 
managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...
Tushar Upadhyay
 
Open access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSCOpen access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSC
Adela Negura
 
OCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALESOCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALES
Ines Tazon
 

Viewers also liked (20)

OER Talk @ University of Maryland #OAweek
OER Talk @ University of Maryland #OAweekOER Talk @ University of Maryland #OAweek
OER Talk @ University of Maryland #OAweek
 
Human environment-interactions
Human environment-interactionsHuman environment-interactions
Human environment-interactions
 
Weather
WeatherWeather
Weather
 
Foil insulation radiant barrier from sinolam
Foil insulation radiant barrier from sinolamFoil insulation radiant barrier from sinolam
Foil insulation radiant barrier from sinolam
 
Represii. Deportari. Foamete
Represii. Deportari. FoameteRepresii. Deportari. Foamete
Represii. Deportari. Foamete
 
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...
 
экоблок презентация
экоблок презентацияэкоблок презентация
экоблок презентация
 
Open Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for DevelopmentOpen Educational Resources and Capacity Building for Development
Open Educational Resources and Capacity Building for Development
 
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)
 
Les données du Data Portal du Shift Project sur l'électricité britannique et ...
Les données du Data Portal du Shift Project sur l'électricité britannique et ...Les données du Data Portal du Shift Project sur l'électricité britannique et ...
Les données du Data Portal du Shift Project sur l'électricité britannique et ...
 
Social media
Social mediaSocial media
Social media
 
Una forma geométrica de medir irracionalidad
Una forma geométrica de medir irracionalidadUna forma geométrica de medir irracionalidad
Una forma geométrica de medir irracionalidad
 
духовные ценности волонтёра
духовные ценности волонтёрадуховные ценности волонтёра
духовные ценности волонтёра
 
Business in the future
Business in the futureBusiness in the future
Business in the future
 
үзүүлэн5
үзүүлэн5үзүүлэн5
үзүүлэн5
 
Warp9: reactive primitives
Warp9: reactive primitivesWarp9: reactive primitives
Warp9: reactive primitives
 
Cleopatra
CleopatraCleopatra
Cleopatra
 
managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...managerial accounting assignment - projected financial statements of maruti s...
managerial accounting assignment - projected financial statements of maruti s...
 
Open access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSCOpen access.2013 Biblioteca UPSC
Open access.2013 Biblioteca UPSC
 
OCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALESOCHO HERRAMIENTAS ESENCIALES
OCHO HERRAMIENTAS ESENCIALES
 

Similar to Security Risk Management- moeshesh

Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption Disasters
Venafi
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_final
Arrow ECS UK
 
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
Amazon Web Services Korea
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
Işınsu Akçetin
 
241_ATD_TUE_1430_EagleRockEnergy_final
241_ATD_TUE_1430_EagleRockEnergy_final241_ATD_TUE_1430_EagleRockEnergy_final
241_ATD_TUE_1430_EagleRockEnergy_final
Anthony Hopkins
 
Continuous Delivery using Release Management Automation
Continuous Delivery using Release Management AutomationContinuous Delivery using Release Management Automation
Continuous Delivery using Release Management Automation
Premkumar Veerakumar
 

Similar to Security Risk Management- moeshesh (20)

2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log Manager
 
Axxera Security Solutions Ver 2.0
Axxera Security Solutions Ver 2.0Axxera Security Solutions Ver 2.0
Axxera Security Solutions Ver 2.0
 
Process Steps
Process StepsProcess Steps
Process Steps
 
Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption Disasters
 
Axxera Security Solutions
Axxera Security SolutionsAxxera Security Solutions
Axxera Security Solutions
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the CloudsRationalization and Defense in Depth - Two Steps Closer to the Clouds
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_final
 
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
 
241_ATD_TUE_1430_EagleRockEnergy_final
241_ATD_TUE_1430_EagleRockEnergy_final241_ATD_TUE_1430_EagleRockEnergy_final
241_ATD_TUE_1430_EagleRockEnergy_final
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Setting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyderSetting up a secure development life cycle with OWASP - seba deleersnyder
Setting up a secure development life cycle with OWASP - seba deleersnyder
 
DSS ITSEC Conference 2012 - Radware WAF Tech
DSS ITSEC Conference 2012 - Radware WAF TechDSS ITSEC Conference 2012 - Radware WAF Tech
DSS ITSEC Conference 2012 - Radware WAF Tech
 
SuprTEK Continuous Monitoring
SuprTEK Continuous MonitoringSuprTEK Continuous Monitoring
SuprTEK Continuous Monitoring
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012
 
Continuous Delivery using Release Management Automation
Continuous Delivery using Release Management AutomationContinuous Delivery using Release Management Automation
Continuous Delivery using Release Management Automation
 
Cybersecurity exchange briefing oct 2012 v2
Cybersecurity exchange briefing oct 2012 v2Cybersecurity exchange briefing oct 2012 v2
Cybersecurity exchange briefing oct 2012 v2
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012
 

Recently uploaded

Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
FIDO Alliance
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
Srushith Repakula
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 

Recently uploaded (20)

ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Vector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxVector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptx
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 

Security Risk Management- moeshesh

  • 1. ePolicy Orchestrator 4.0 with Security Risk Management Mohamed A. Shishtawy © 2007 McAfee, Inc.
  • 2. Security Risk Management with ePolicy Orchestrator
  • 3. Module Topics • Security Risk Management with ePO – SRM Model – Centralized Security Management – Components & Architecture Security Risk Management with ePolicy Orchestrator Module 1 - 3 © 2009 McAfee, Inc. All rights reserved.
  • 4. Security Risk Management  SRM Model • Centralized Management • Components & Architecture • Machine import Identify & • Machine discovery group assets • Rogue detection • Infection reporting • Measure Determine vulnerability risk • Notification • Configuration Protect and • Enforcement block • Maintenance • Coverage reporting • Compliance reporting Measure • System compliance compliance • McAfee NAC Security Risk Management with ePolicy Orchestrator Module 1 - 4 © 2009 McAfee, Inc. All rights reserved.
  • 5. Protecting The Enterprise • The Challenge – Identify & group assets – Determine risk – Protect and block threats – Measure compliance Security Risk Management with ePolicy Orchestrator Module 1 - 5 © 2009 McAfee, Inc. All rights reserved.
  • 6. Identify & Group Assets • Import known machines from a browse list • Synchronize with Active Directory • Detect Rogue Systems • Group machines according to management needs • Assign policies on a generic or granular level Security Risk Management with ePolicy Orchestrator Module 1 - 6 © 2009 McAfee, Inc. All rights reserved.
  • 7. Determine Risk • Monitor threat events and propagation • Determine infection and outbreak source • Provide Automatic Responses to rule infringement Security Risk Management with ePolicy Orchestrator Module 1 - 7 © 2009 McAfee, Inc. All rights reserved.
  • 8. Protect And Block Threats • Ensure correct configuration • Enforce security policy • Maintain and update protection • Respond to rule intrusion Security Risk Management with ePolicy Orchestrator Module 1 - 8 © 2009 McAfee, Inc. All rights reserved.
  • 9. Measure Compliance • Report on coverage and protection levels • Determine compliance to anti-virus policy • Determine compliance to system policy • Roll-up reporting across multiple ePO servers Security Risk Management with ePolicy Orchestrator Module 1 - 9 © 2009 McAfee, Inc. All rights reserved.
  • 10. Centralized System Security Management  SRM Model  Centralized Mgmt • Components/Architecture ePolicy Automatic Manage only Orchestrator McAfee one policy Server and Download Responses to Master Site Threats framework Repository Consolidate monitoring Product Updates Automatic DAT File Updates and reporting Responses / Threat Database Notification Server Scalability & Rogue Web-based Bandwidth System Consoles savings Remote Secure Detection Agent Bi-directional Sensor Handler Channel Update Repository Product Updates Product Updates DAT File Updates DAT File Updates Policy Updates Threat Events Policy Updates Threat Events Easily discover non-compliant systems Managed Systems with McAfee Agents Managed Systems with McAfee Agents Security Risk Management with ePolicy Orchestrator Module 1 - 10 © 2009 McAfee, Inc. All rights reserved.
  • 11. Feature Management • ePolicy Orchestrator manages products through: – Product deployment – Configuration management – Update and task configuration – Coverage reporting – Threat Event reporting Security Risk Management with ePolicy Orchestrator Module 1 - 11 © 2009 McAfee, Inc. All rights reserved.
  • 12. Architecture And Communication Agent Handler McAfee Agent APACHE Event Parser Service Service Framework Service HTTP 80 Master UDP 8081 Repository UDP 8082 TCP 8081 DAL HTTP 8080 ePO Server Application Server Network Database (TOMCAT) Console UI Rogue HTTPS 8443 Notification Sensor System Rogue System HTTPS 8444 Sensor Security Risk Management with ePolicy Orchestrator Module 1 - 12 © 2009 McAfee, Inc. All rights reserved.
  • 13. Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect • Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 13 © 2009 McAfee, Inc. All rights reserved.
  • 14. Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect  Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 14 © 2009 McAfee, Inc. All rights reserved.
  • 15.
  • 16. ePolicy Orchestrator 4.0 with Security Risk Management Mohamed A. Shishtawy © 2007 McAfee, Inc.