This document summarizes eWON's defense-in-depth security approach for remote access. It discusses six layers of security: 1) the eWON device, 2) application filtering with Talk2M, 3) encryption, 4) user management and accountability, 5) the Talk2M network infrastructure, and 6) security policies and procedures. For each layer, it provides details on the specific security controls and countermeasures used, such as network segregation, user authentication, encryption standards, infrastructure monitoring, and compatibility with customer networks and policies. The goal is to protect data integrity, availability, and confidentiality using multiple overlapping security layers based on industry standards and best practices.
CNIT 123 8: Desktop and Server OS VulnerabilitiesSam Bowne
For a college class in Ethical Hacking and Network Defense at CCSF, by Sam Bowne. More info at https://samsclass.info/123/123_S18.shtml
Based on this book
Hands-On Ethical Hacking and Network Defense, Third Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610
In this presentation, we'll walk you through slides to help you understand what a firewall is and how to identify different types of firewalls, with images to help you comprehend.
CNIT 123 8: Desktop and Server OS VulnerabilitiesSam Bowne
For a college class in Ethical Hacking and Network Defense at CCSF, by Sam Bowne. More info at https://samsclass.info/123/123_S18.shtml
Based on this book
Hands-On Ethical Hacking and Network Defense, Third Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610
In this presentation, we'll walk you through slides to help you understand what a firewall is and how to identify different types of firewalls, with images to help you comprehend.
For a college class in Ethical Hacking and Network Defense at CCSF, by Sam Bowne. More info at https://samsclass.info/123/123_F17.shtml
Based on this book
Hands-On Ethical Hacking and Network Defense, Third Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610
Updated 11-22-17 12:15 PM
Identify and mitigate high risk port vulnerabilitiesGENIANS, INC.
With two thirds of Cyber Attacks occurring on three commonly enabled ports, active open Port Awareness is an essential feature. Without this knowledge it is impossible to assess the potential risk of exposure on a network.
With Genian NAC Sensor technology deployed, a separate vulnerability scanner is not required. Less systems to manage means more time and efficiency for IT staff.
Additionally, knowing that a network is at risk because these High Risk ports are enabled on various nodes is only half the battle. Being able to rapidly block nodes from the network if required without tracking down the location of a device is crucial.
Genian NAC provides real-time open Port Awareness, a means to quickly and easily block a node from network access, the ability to monitor any time a new device with High Risk ports enabled connects to the network and built-in reporting so Admins can mitigate the risk in a timely manner.
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Second Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 1133935613
Teacher: Sam Bowne
Website: https://samsclass.info/123/123_F16.shtml
CNIT 123: 8: Desktop and Server OS VulnerabilitesSam Bowne
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Second Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 1133935613
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/123/123_F16.shtml
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Second Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 1133935613
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/123/123_F16.shtml
Network Management is about monitoring and managing multi-protocol networks using the SNMP Protocol. The workshop reviews the SNMP Protocol structure, Network management applications, and query agents. There will be a detailed discussion on identifying objects, MIBs and SNMP devices.
WORKSHOP OBJECTIVES:
You will understand the structure and operation of SNMP
You will use SNMP to identify faulty devices
You will use RMON to analyse remote network information
You will interpret and explain MIB I and MIB II (Public/Private/Proprietary)
You will track the important variables on your network
You will install and configure a typical Network Management Package
MORE INFORMATION: http://www.idc-online.com/content/snmp-network-management-essentials-27
Implementing Cisco IOS Network Security (IINS). For a complete list of available network security training, visit the Security Training page.http://bit.ly/1Lgc2LW
Wireless Network Security is a topic in Cryptography and Network security Module. In this we will learn about how Security services/Parameters are used in Wireless Communications and also be studying about Wireless Transport Layer Security (WTLS).
This slide explains the design part as well as implementation part of the firewall. And also tells about the need of firewall and firewall capabilities.
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/123/123_S18.shtml
Ch 9: Embedded Operating Systems: The Hidden ThreatSam Bowne
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
For a college class in Ethical Hacking and Network Defense at CCSF, by Sam Bowne. More info at https://samsclass.info/123/123_F17.shtml
Based on this book
Hands-On Ethical Hacking and Network Defense, Third Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610
Updated 11-22-17 12:15 PM
Identify and mitigate high risk port vulnerabilitiesGENIANS, INC.
With two thirds of Cyber Attacks occurring on three commonly enabled ports, active open Port Awareness is an essential feature. Without this knowledge it is impossible to assess the potential risk of exposure on a network.
With Genian NAC Sensor technology deployed, a separate vulnerability scanner is not required. Less systems to manage means more time and efficiency for IT staff.
Additionally, knowing that a network is at risk because these High Risk ports are enabled on various nodes is only half the battle. Being able to rapidly block nodes from the network if required without tracking down the location of a device is crucial.
Genian NAC provides real-time open Port Awareness, a means to quickly and easily block a node from network access, the ability to monitor any time a new device with High Risk ports enabled connects to the network and built-in reporting so Admins can mitigate the risk in a timely manner.
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Second Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 1133935613
Teacher: Sam Bowne
Website: https://samsclass.info/123/123_F16.shtml
CNIT 123: 8: Desktop and Server OS VulnerabilitesSam Bowne
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Second Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 1133935613
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/123/123_F16.shtml
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Second Edition by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 1133935613
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/123/123_F16.shtml
Network Management is about monitoring and managing multi-protocol networks using the SNMP Protocol. The workshop reviews the SNMP Protocol structure, Network management applications, and query agents. There will be a detailed discussion on identifying objects, MIBs and SNMP devices.
WORKSHOP OBJECTIVES:
You will understand the structure and operation of SNMP
You will use SNMP to identify faulty devices
You will use RMON to analyse remote network information
You will interpret and explain MIB I and MIB II (Public/Private/Proprietary)
You will track the important variables on your network
You will install and configure a typical Network Management Package
MORE INFORMATION: http://www.idc-online.com/content/snmp-network-management-essentials-27
Implementing Cisco IOS Network Security (IINS). For a complete list of available network security training, visit the Security Training page.http://bit.ly/1Lgc2LW
Wireless Network Security is a topic in Cryptography and Network security Module. In this we will learn about how Security services/Parameters are used in Wireless Communications and also be studying about Wireless Transport Layer Security (WTLS).
This slide explains the design part as well as implementation part of the firewall. And also tells about the need of firewall and firewall capabilities.
CNIT 123: Ch 3: Network and Computer AttacksSam Bowne
Slides for a college course based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/123/123_S18.shtml
Ch 9: Embedded Operating Systems: The Hidden ThreatSam Bowne
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
Wireless Security Best Practices for Remote Monitoring Applicationscmstiernberg
Wireless network security continues to be an area of intense research and development, particularly in applications where wireless sensors are extending the reach of traditional monitoring and control systems. While the IT sector has embraced the IEEE 802.11i standard for corporate networks, engineers have many more options available to them for their industrial network designs. This presentation will provide an overview of IEEE 802.11i, IEEE 802.15.4, ZigBee, and other security protocols as they relate to measurement and automation applications. In addition, network design and commissioning best practices will provide attendees with a set of recommendations for guarding against the most common security attacks.
Understanding IT Network Security for Wireless and Wired Measurement Applicat...cmstiernberg
The line between the once mutually exclusive IT and engineering departments is beginning to blur as PC-based technologies familiar to the IT sector find their way into measurement applications. Learn how to create synergy between these two groups by understanding how enterprise security protocols apply to wireless/wired measurement systems.
A joint presentation of Gary Williams of Schneider Electric and Michael Coden of NextNine at the 10th Annual Conference of the American Petroleum institute. The presentation discusses benefits, disadvantages, and architectures for allowing 3rd party access.
Piotr Kędra – network consultant. Since 2007 Piotr has been working as Systems Engineer in Polish entity of Juniper Networks. He is responsible for network solutions for enterprise sector and technical support for channel. Previously he work in Solidex and NextiraOne as presales enginner. He participated in number of audits and many projects in area of LAN, WAN and network security.
Topic of Presentation: The role of information in modern security systems
Language: Polish
Abstract: TBD
Ransomware Attack: Best Practices to proactively prevent contain and respondAlgoSec
One of the biggest concerns for info security professionals and business executives right now is ransomware attacks. It has prompted many organizations urgently assess what they need to do to contain and limit their exposure to this threat.
Presented by renowned industry expert Prof. Avishai Wool, this new technical webinar will provide some best practices and tips to help organizations prevent, contain and respond to a ransomware attack.
In this webinar Professor Wool will discuss:
• The different methods used by cyber criminals to penetrate the network security perimeter
• Best practices for reducing cyber criminals’ lateral movements across the network
• How to augment incident triage with critical business context to assess the severity, risk and potential business impact of an attack
• Prioritizing incident remediation efforts based on business risk, and neutralizing impacted systems through zero-touch automation
• The impact of a ransomware on regulatory compliance
how does the OSI Model relate to the seven domains of an IT infrastr.pdfmohammedfootwear
how does the OSI Model relate to the seven domains of an IT infrastructure?
Solution
Seven layers/domains of I.T Infrastructure are as follows:
1.The User Domain -This defines the people who access
an organization’s or Institution\'s information system.
2.The Workstation Domain - This is where most users
connect to the IT infrastructure. It can be a
desktop computer,laptop,i-pad or any device that connects
to your network.
3.the LAN Domain - is a collection of computers
connected to one another or to a common
connection medium (makes use of servers ,hub). Network connection
mediums can include wires, fiber optic cables, or
radio waves.
4.The LAN to WAN Domain - is where the IT
infrastructure links to a wide area network and
the Internet.(we make use of routers ,firewalls etc)
5.The WAN Domain -The Wide area network connects remote locations.
WAN services can include dedicated Internet
access and also managed services for customer’s
routers and firewalls .
7.The Remote Access Domain - This domain allows remote
users to connect to the organization’s IT infrastructure. The
scope of this domain is limited to remote access
via the Internet and IP communications.
8. The System/ Application Domain -This domain holds all the
mission-critical systems, applications, as well as data.
It is very important for businesses to protect each of these seven domains.
It only takes one unprotected domain for an attacker to gain access to private data of the users
connected to the network.
The OSI reference model has 7 layers .
7th layer:Application Layer
This layer is closest to the user.
• It provides network services to the user’s applications.
Examples of application layer functionality include:
• gives Support for file transfers
• provides Ability to print on a network
• allows Electronic mail
• allows Electronic messaging
• Allowing browsing the World Wide Web
6th layer:Presentation Layer
• Thislayer as the name suggests ensures that the information/data that the application
layer of one system sends out is readable by the application layer of
another system.
• If required , the presentation layer translates between multiple data
formats by using a common format.
• It provides encryption as well as compression of data.
• Examples include JPEG, MPEG, ASCII, EBCDIC, HTML.
In short the Presentation layer does the following:
• Encryption and decryption of a message for security reasons.
• Compression and expansion of a message so that it travels efficiently from one application to
another application.
• Graphics formatting service
• Content translation service
• System-specific translation service
5th layer:Session Layer
This layer performs various functions including tracking the number of bytes that each end of
the session has acknowledged receiving from the other end of the session. This session layer
allows applications
functioning on devices to establish, manage, and terminate a dialog through a network. Session
layer
functionality includes:
• Virtual conne.
2. • Ensuring a secure and reliable remote access
to your assets is vital for eWON business continuity
• Security VS Usability
• Needs of PLC technician & automation engineer
• Mandate of IT department
• Secure « by design », based on standards
VS
secure « by obscurity » …
Security
#1 PRIORITY @ eWON
3. • Mission of our Security Manager:
• Internal company security
• Services & products security
• Our duty is also to communicate and advise:
• https://ewon.biz/security
• https://ewon.biz/support/news/support
• News letters, white papers, …
• Assessment(s) by independant specialists
• Cyber security experts in Industry
Security
Our daily duty and commitment
4. What exactly we secure for You?
Quick overview of eWON remote access concept
5. Defense-in-depth approach
Layered security model
• Purpose is to protect integrity, availability & confidentiality
of data and information systems
• Coordinated use of multiple security
countermeasures, with several layers of security
controls
• Based on guidelines set forth by leading
security standards ( ISO27002, IEC 62443-2-4,
NIST Cyber security Framework 1.0) in addition to
other publications, guidelines and industry best practices
7. • Different credential with Talk2M
account login
• Different levels of users
• Several levels of access & security
• R&W, services, etc …
1st layer: eWON device
eWON authentication
8. • Network segregation between the
WAN factory network and the LAN
machine network.
users can only access authorized devices on LAN
• Security settings enable restriction of traffic between WAN & LAN
1st layer: eWON device
Network segregation
9. • Using eWON DI:
• enabling/disabling the eWON access to Internet
• VPN access can be controlled with
an external key switch
• Increase customer acceptance on the
whole RA solution
1st layer: eWON device
Physical switch
11. • 2 filtering levels
• No filtering in level “Standard”:
• All users access all devices on eWON LAN
• Filtering level “High”:
• Access to restricted list of Ethernet devices
connected on eWON LAN
2nd layer: Application
Filtering with Talk2M Free+
12. 2nd layer: Application
Filtering with Talk2M Pro (1)
• 4 Filtering levels
• User management
• Filtering level “Enforced” :
• Filter on gateways
• Access to restricted list of serial and USB
devices
13. 2nd layer: Application
Filtering with Talk2M Pro (2)
• Filtering level “Ultra”:
• Filter on services
• Access to restricted services ( ftp, http, …)
for a list of devices
15. • Used during authentication and on data for secure tunnel transport
• Both are SSL/TLS based:
• the X509 PKI (public key infrastructure)
for session authentication
• TLS protocol for key exchange
• Cipher-independent EVP (DES, 3DES, AES, BF)
interface for encrypting tunnel data,
• and the HMAC-SHA1 algorithm
for authenticating tunnel data
3rd layer: Encryption
17. • Password reinforcement policies:
• Minimum length, requiring letter, digit and special char.
• Expiration period
• Old password list
• Double factor authentication:
• Set up by the Talk2M administrator
• After regular login/password
… a second window pops up, requiring SMS key
4th layer: User Management & Accountability
User logging in Talk2M
18. • Only for Talk2M Pro account:
• Group of users
• Pool of routers ( = devices)
• Assigning different rights to users
to allow the access to specific routers
4th layer: User Management & Accountability
Device and user Management
19. • For the Administrator of a Talk2M account
• Details which user connects to which router, how long and when
4th layer: User Management & Accountability
Monthly connection report
20. • For each eWON unit of a Talk2M account
• Provides more details about eWON registration, connection, disconnection, SMS
sent, user messages, etc.
4th layer: User Management & Accountability
eWON logs
22. • Total devices ever connected: 100 000+
• 28 000+ routers simultaneously connected
• From 150+ countries
• 5 million eCatcher VPN connections
• 10+ million emails
• 55 TB of user traffic
• 25 physical dedicated servers in 11 datacenters across 5 continents
• Dedicated servers in the 4 largest hosting providers worldwide
• Rackspace, OVH, IBM SoftLayer, Amazon
• But also with local players in remote regions
5th layer: Talk2M Network Infrastructure
Talk2M: facts & figures (1)
23. • All our hosting providers are Tier 1 and compliant with:
• ISO 27001
• SSAE 16/ISAE 3402 (formerly SAS 70)
• Servers are globally redundant:
• On-site load balancing
• Across several providers
• And geographical spread (USA, UK, FR, JP, AUS, CN, ZA, …)
• Service Level Agreement provided to Talk2MPro customers with:
• 99,6 % availability services on 365 days
• 4 hours max. breakdown
• No congestion on servers with reserved bandwidth
5th layer: Talk2M Network Infrastructure
Talk2M: facts & figures (2)
27. 5th layer: Talk2M Network Infrastructure
Talk2M: infrastructure monitoring (2)
• Continuous automated health checks
• Server connectivity ( ping & TCP tests)
• Processes, heartbeats
• Disk space
• Possible signs of anormal activity, cyber attacks
• Amount of connected eWONs
• Status & health of each VPN connection
• Consistency of DB
• …
28. 5th layer: Talk2M Network Infrastructure
Talk2M: infrastructure monitoring (3)
• Alerts: SMS texts to 5 persons
• 1 dev engineer on duty 24/7/365
• Incident reporting:
• Each incident is reported into our tracking system
• Support, Sales, Marketing & Mgt are automatically notified
• Public notification: http://www.talk2m.com/status
30. • Enhanced compatibility with:
• Customer network due to our « Firewall friendly » approach
• Only “outbound” connections
• Use standard ports: 80 (Web access), 1194 (UDP), 443 (HTTPS)
• Compatible with most proxy servers
• Corporate security policies at customer’s
• No intrusive traffic
• Outgoing traffic can be « whitelisted » towards Talk2M servers IP only
• Talk2M administrator can:
• customize and reinforce the password policy to match corporate compliance
• restrict which user can access which device and service remotely
• monitor accurately all possible usage with monthly connection reports and logs
6th layer: Policies & Procedures