Nagios:Providing Value Throughout     the Organization             Jared Bird        jaredbird@gmail.com         Twitter: ...
Introduction      Who is Jared Bird?
Nagios
Providing ValueProvide knowledgeAssist other departmentsStrengthen inter-department relationshipsAchieve company wide ...
Understanding      What are the goals of the       other departments?
InfrastructureNetwork, Server, and Desktop TeamsConcerns include:    Availability    Capacity    Utilization    Func...
Security    Prevent data theft    Deter identity theft    Avoid legal issues    Protect brand    “CIA Triad”        ...
ThreatsDefault configurationsWebsite defacementMissing patchesDNS redirectionUnauthorized useMany, many more
Default ConfigurationsDefault passwordsblank sa account    Once password is set, monitor with new credentialsXI Auto-d...
Website   Monitor for defacement        check_http –H         www.yoursite.com –s         “sekret”            Checks fo...
Software InstalledCheck url for content (version)Ex: http://www.adobe.com/software/flash/about/    Check for string “11...
DNS Have DNS entries  changed? DNS hijacked High Impact
Unauthorized UseLDAP check for account creationSyslog output from infrastructureSNMP Alerts
Audit & CompliancePCISOXHIPPAAlmost every regulation*  * Note: Speaker will not be held responsible if Nagios does not...
PCI PCI DSS Any organization that  processes, stores, or  transmits credit card  data Requirements     12 overall requ...
PCIReqs 1&2: Build and Maintain a Secure Network    Auto-discovery to look for services    Checks to verify that vendor...
PCIReqs 7,8,& 9: Implement Strong Access Control Measures    LDAP checks to ensure LDAP server is functioning    Web Tr...
SOXSarbanes-Oxley or Public Company Accounting Reform and Investors Protection ActSection 404: Assessment of internal co...
HIPAA Headlines
HIPAA  Technical Safeguards:      Access Control      Audit Control      Integrity Controls      Transmission Security
Questions?     Jared Birdjaredbird@gmail.com Twitter: @jaredbird    Thank You
Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organization
Upcoming SlideShare
Loading in …5
×

Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organization

1,501 views

Published on

Jared Bird's presentation on providing value with Nagios.
The presentation was given during the Nagios World Conference North America held Sept 25-28th, 2012 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,501
On SlideShare
0
From Embeds
0
Number of Embeds
25
Actions
Shares
0
Downloads
23
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Nagios: Providing Value Throughout The Organization  This talk will discuss how Nagios can be used to provide value to several areas of an organization. Providing value to areas such as security, audit and compliance in additition to the traditional infrastructure teams including ways that Nagios can assist in achieving compliance with several standards/regulations such as PCI, SOX, HIPAA, etc. will be discussed.
  • Married 1yr old & 3yr old 10+ year experience Work as a Security Engineer for a large healthcare provider Jared Bird currently works during the day maintaining a respectable level of security at a large local healthcare organization in the Minneapolis/St Paul area. He has a passion for everything security related and in his spare time he enjoys breaking things, bending the rules, and developing a plot for world domination.
  • Flexibility allows endless possibilities Use these capabilities to provide value to other areas of the organization
  • Quote from FBI Director Robert Mueller ’s 2012 RSA Keynote
  • Infrastructure == vmserver
  • The PCI Data Security Standard represents a common set of industry tools and measurements to help ensure the safe handling of sensitive information.
  • Autodiscovery – find insecure services
  • SOX was enacted to ensure that financial reports were accurate. All annual financial reports must include an Internal Control Report stating that management is responsible for an "adequate" internal control structure, and an assessment by managemnt of the effectiveness of the control structure.  - sarbanes-oxley-101.com
  • Access control – Only allow authorized persons to access ePHI Audit control – Record and examine access to systems containing ePHI Integrity Controls – ePHI is not improperly altered or destroyed Trasmission Security – Guard against unauthroized access to ePHI
  • Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organization

    1. 1. Nagios:Providing Value Throughout the Organization Jared Bird jaredbird@gmail.com Twitter: @jaredbird
    2. 2. Introduction Who is Jared Bird?
    3. 3. Nagios
    4. 4. Providing ValueProvide knowledgeAssist other departmentsStrengthen inter-department relationshipsAchieve company wide goalsReduce costs
    5. 5. Understanding What are the goals of the other departments?
    6. 6. InfrastructureNetwork, Server, and Desktop TeamsConcerns include:  Availability  Capacity  Utilization  Functioning Properly
    7. 7. Security Prevent data theft Deter identity theft Avoid legal issues Protect brand “CIA Triad”  Confidentiality  Integrity  Availability
    8. 8. ThreatsDefault configurationsWebsite defacementMissing patchesDNS redirectionUnauthorized useMany, many more
    9. 9. Default ConfigurationsDefault passwordsblank sa account  Once password is set, monitor with new credentialsXI Auto-discovery check for insecure protocolsScheduled scans and output to Nagios
    10. 10. Website Monitor for defacement  check_http –H www.yoursite.com –s “sekret”  Checks for “sekret” string Check certificate  check_http –H www.mysite.com –C 21  Checks certificate for 21 days of validity
    11. 11. Software InstalledCheck url for content (version)Ex: http://www.adobe.com/software/flash/about/  Check for string “11.4.102.265”
    12. 12. DNS Have DNS entries changed? DNS hijacked High Impact
    13. 13. Unauthorized UseLDAP check for account creationSyslog output from infrastructureSNMP Alerts
    14. 14. Audit & CompliancePCISOXHIPPAAlmost every regulation* * Note: Speaker will not be held responsible if Nagios does not help achieve compliance with a specific regulation
    15. 15. PCI PCI DSS Any organization that processes, stores, or transmits credit card data Requirements  12 overall requirements  287 individual requirements
    16. 16. PCIReqs 1&2: Build and Maintain a Secure Network  Auto-discovery to look for services  Checks to verify that vendor defaults have been changedReqs 3&4: Protect Cardholder Data  Scan for insecure protocols  Check for expiration of SSL certificatesReqs 5&6: Maintain a Vulnerability Management Program  Check the anti-virus process to ensure it is running
    17. 17. PCIReqs 7,8,& 9: Implement Strong Access Control Measures  LDAP checks to ensure LDAP server is functioning  Web Transaction Monitoring can be used to check two factorReqs 10&11: Regularly Monitor and Test Networks  Check NTP  Event logs from serversReq 12: Maintain an Information Security Program  Use device listings as well as contact info (incident response plan)
    18. 18. SOXSarbanes-Oxley or Public Company Accounting Reform and Investors Protection ActSection 404: Assessment of internal controlNagios can help management show that controls for assuring the integrity of the financial reports are effective.
    19. 19. HIPAA Headlines
    20. 20. HIPAA Technical Safeguards:  Access Control  Audit Control  Integrity Controls  Transmission Security
    21. 21. Questions? Jared Birdjaredbird@gmail.com Twitter: @jaredbird Thank You

    ×