The document discusses network security and intrusion prevention. It provides information on proxy firewalls, which act as intermediaries between internal clients and external servers and can examine entire network packets. Firewalls and proxy servers are both described as ways to manage network security, with firewalls controlling direct connections and proxy servers routing connections. The document also mentions network intrusion detection systems (NIDS) that monitor traffic for signs of attacks, and network intrusion prevention systems (NIPS) that can actively block intrusions.
Coming to this issue we have Network Security in Tool Gyan which will put light on how to set up a secured network, Who wants to be a Millionaire in Tool Gyan, check out yourself of what exactly its all about ;)TOR in Mom's guide for all those who thought 'It sounds very complicated to use, I’m not a hacker! I can’t use it!' by our Author- Federico from Italy.
Coming to this issue we have Network Security in Tool Gyan which will put light on how to set up a secured network, Who wants to be a Millionaire in Tool Gyan, check out yourself of what exactly its all about ;)TOR in Mom's guide for all those who thought 'It sounds very complicated to use, I’m not a hacker! I can’t use it!' by our Author- Federico from Italy.
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health MonitorNagios
Sean Falzon's presentation on Nagios as a PC Health Monitor.
The presentation was given during the Nagios World Conference North America held Oct 13th - Oct 16th, 2014 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/conference
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
Data leakage prevention is one of the key topics which we have been talking in present. Due to the organizations moving towards big data, financial systems.. which resides in cyber space, there is an increasing number of frauds associated with the technology revolution in the cyberspace.This post highlights the threats and the counter measures, so we can protect the sensitive personal data. I prefer the approach of “ Trust but verify model ”.
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
DLP is a technology that detects potential data breach incidents in timely manner and prevents them by monitoring data in-use (endpoints), in-motion (network traffic), and at-rest (data storage). It has been driven by regulatory compliances and intellectual property protection. This talk will introduce DLP models that describe the capabilities and scope that a DLP system should cover. A few system categories will be discussed accordingly with high-level system architecture. DLP is an interesting technology in that it provides advanced content inspection techniques. As such, a few content inspection techniques will be proposed and investigated in rigorous terms.
Symantec announced it is planning to offer Symantec Data Loss Prevention for Tablet, the first comprehensive data loss prevention (DLP) solution for the monitoring and protection of sensitive information on tablet computers. Available first for the Apple iPad, Symantec Data Loss Prevention for Tablet will help solve one of the most urgent problems facing security organizations today by providing content-aware protection for this remarkably popular new corporate endpoint. The solution is designed to maintain user productivity and protect an organization’s confidential data at the same time.
This presentation from the 2014 IPMA conference is intended to provide a framework for a print center manager to use when adding, upgrading or replacing software for the in-plant print center. Learn the questions to ask yourself, your IT department and your vendors, and ensure smooth implementations by choosing the best solution with minimal risk for your organization. Engage IT early for the best results.
Getting Better Security from Cloud Based Solutions
This white paper provides simple steps to securely leverage the cloud with examples of security services offered by SoftLayer, an IBM Company
Download the white paper and learn more about:
- Data privacy and protection in the cloud
- Five easy-to-implement practices for securely leveraging the cloud
- SoftLayer security services that strengthen your cloud security strategy
This project was a culmination of two years of study at ITT-Technical Institutes\'s Bessemer, AL campus for an Associates degree in ITCNS (Information Technology Computer Network Systems). It was a team project of 7 members with the goal of designing a network solution for a fictional medical practice consolidation of 5 doctors in a company named Radiant Medical Services.
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
The presentation provides the following:
- Symantec Corporate Overview
- Solution Portfolio of Symantec
- Symantec Data Loss Prevention - Introduction
- Symantec Data Loss Prevention - Components
- Symantec Data Loss Prevention - Features & Use Cases
- Symantec Data Loss Prevention - System Requirements
- Symantec Data Loss Prevention - Appendix (extra information)
This provides a brief overview of Symantec Data Loss Prevention (DLP). Please note all the information is based prior to May 2016 and the full integration of Blue Coat Systems's set of solutions.
Capstone Presentation For Five Rivers Medical Centersdjackson134
This here is the final presentation of our Capstone project that team members Cheyenna Carson, Susan Worcester, and myself Dawonne D. Jackson completed to acquire our Associate Degree of Applied Science in Computer Networking Systems.
Nagios Conference 2014 - Sean Falzon - Nagios as a PC Health MonitorNagios
Sean Falzon's presentation on Nagios as a PC Health Monitor.
The presentation was given during the Nagios World Conference North America held Oct 13th - Oct 16th, 2014 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/conference
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
Data leakage prevention is one of the key topics which we have been talking in present. Due to the organizations moving towards big data, financial systems.. which resides in cyber space, there is an increasing number of frauds associated with the technology revolution in the cyberspace.This post highlights the threats and the counter measures, so we can protect the sensitive personal data. I prefer the approach of “ Trust but verify model ”.
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
DLP is a technology that detects potential data breach incidents in timely manner and prevents them by monitoring data in-use (endpoints), in-motion (network traffic), and at-rest (data storage). It has been driven by regulatory compliances and intellectual property protection. This talk will introduce DLP models that describe the capabilities and scope that a DLP system should cover. A few system categories will be discussed accordingly with high-level system architecture. DLP is an interesting technology in that it provides advanced content inspection techniques. As such, a few content inspection techniques will be proposed and investigated in rigorous terms.
Symantec announced it is planning to offer Symantec Data Loss Prevention for Tablet, the first comprehensive data loss prevention (DLP) solution for the monitoring and protection of sensitive information on tablet computers. Available first for the Apple iPad, Symantec Data Loss Prevention for Tablet will help solve one of the most urgent problems facing security organizations today by providing content-aware protection for this remarkably popular new corporate endpoint. The solution is designed to maintain user productivity and protect an organization’s confidential data at the same time.
This presentation from the 2014 IPMA conference is intended to provide a framework for a print center manager to use when adding, upgrading or replacing software for the in-plant print center. Learn the questions to ask yourself, your IT department and your vendors, and ensure smooth implementations by choosing the best solution with minimal risk for your organization. Engage IT early for the best results.
Getting Better Security from Cloud Based Solutions
This white paper provides simple steps to securely leverage the cloud with examples of security services offered by SoftLayer, an IBM Company
Download the white paper and learn more about:
- Data privacy and protection in the cloud
- Five easy-to-implement practices for securely leveraging the cloud
- SoftLayer security services that strengthen your cloud security strategy
This project was a culmination of two years of study at ITT-Technical Institutes\'s Bessemer, AL campus for an Associates degree in ITCNS (Information Technology Computer Network Systems). It was a team project of 7 members with the goal of designing a network solution for a fictional medical practice consolidation of 5 doctors in a company named Radiant Medical Services.
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
The presentation provides the following:
- Symantec Corporate Overview
- Solution Portfolio of Symantec
- Symantec Data Loss Prevention - Introduction
- Symantec Data Loss Prevention - Components
- Symantec Data Loss Prevention - Features & Use Cases
- Symantec Data Loss Prevention - System Requirements
- Symantec Data Loss Prevention - Appendix (extra information)
This provides a brief overview of Symantec Data Loss Prevention (DLP). Please note all the information is based prior to May 2016 and the full integration of Blue Coat Systems's set of solutions.
Capstone Presentation For Five Rivers Medical Centersdjackson134
This here is the final presentation of our Capstone project that team members Cheyenna Carson, Susan Worcester, and myself Dawonne D. Jackson completed to acquire our Associate Degree of Applied Science in Computer Networking Systems.
Network security architecture is the planning and design of the camp.pdfaquazac
Network security architecture is the planning and design of the campus network to reduce
security risks in accordance with the institution’s risk analysis and security policies. It focuses on
reduc-ing security risks and enforcing policy through the design and con-figuration of firewalls,
routers, and other network equipment.
Network security is important because it is one of the means to enforce the policies and
procedures developed by the institution to protect information. It is often referred to as the “front
door” in broader discussions of IT security. To the extent that you can block network access to a
computer, you “lock” the door and provide bet-ter protection for that computer and its contents.
Traditional network design has focused on creating a secure net-work perimeter around the
organization and strategically placing a firewall at the point where the network is connected to
the Inter-net. For higher education, this traditional design is problematic; our constituents need
access from off campus to a large number of machines and services on campus. In addition,
because we have many computers on our campus that we cannot implicitly trust, we also must be
concerned about security threats from inside the perimeter protected by a traditional firewall.
These design issues require a different approach to network security. Although it is impossible to
do justice to the topic of network design in a few pages, there are some best practices that I feel
universities should focus on in terms of network design.
Step 1: Eliminate Network Components That Still UseShared Ethernet
Shared Ethernet switches (or hubs) were developed more than a decade ago to interconnect
multiple computers and networks. These hubs retransmit all network traffic to all computers
connected to that hub. The security implication is that if one computer has its security
compromised it can be used to monitor network traffic com-ing from any other computer that
shares the same hub. This could expose passwords and other sensitive information. Today,
switched Ethernet, which isolates traffic intended for one computer from the view of others on
the same switch, is very inexpensive and, hence, it is worth the cost of replacing older hubs.
Step 2: Embrace and Implement the Concept of Defense and Use Multiple Firewalls Within
Your Network
Commercial and Linux-based firewalls are inexpensive enough that you can deploy these in
multiple locations as needed. It is still bene-ficial to have a firewall separating your institutional
network from the connection to the Internet. This firewall, called a border firewall, will provide a
minimal level of protection for all computers on your net-work. The major benefit of this firewall
is that it allows your network and security staff to quickly block external access should a threat
arise, such as when the “SQL worm” was launched in January 2003 In addition to the border
firewall, consider adding internal firewalls to protect areas that requi.
How Converged Access and Application Intelligence Let You Handle Complex Network Needs for Visibility, Protection and Productivity. Customers around the world frequently describe to me their visions of the arriving IT environment—an ecosystem that’s open, flexible, scalable and robust; that lets companies enhance their application intelligence, fortify security, and seize fast-arising business opportunities.
Cyberoam network security appliances offer next generation security features and deliver future-ready security to highly complex enterprise networks. The unique Layer 8 identity-based security gives enterprises complete visibility and control over user activity.
Cloud Security is critical to Data Security and Application Resilience against CyberAttacks. This talk looks at Security Best Practices that need to be practised.
This talk was presented at AWS Community Day Bengaluru 2019 by Amar Prusty, Cloud-Data Center Consultant Architect, DXC Technology
Make presence in a building or area a policy in accessing network resources by integrating physical and network access through the Trusted Computing Group's IF-MAP communications standard.
Book Formatting: Quality Control Checks for DesignersConfidence Ago
This presentation was made to help designers who work in publishing houses or format books for printing ensure quality.
Quality control is vital to every industry. This is why every department in a company need create a method they use in ensuring quality. This, perhaps, will not only improve the quality of products and bring errors to the barest minimum, but take it to a near perfect finish.
It is beyond a moot point that a good book will somewhat be judged by its cover, but the content of the book remains king. No matter how beautiful the cover, if the quality of writing or presentation is off, that will be a reason for readers not to come back to the book or recommend it.
So, this presentation points designers to some important things that may be missed by an editor that they could eventually discover and call the attention of the editor.
Dive into the innovative world of smart garages with our insightful presentation, "Exploring the Future of Smart Garages." This comprehensive guide covers the latest advancements in garage technology, including automated systems, smart security features, energy efficiency solutions, and seamless integration with smart home ecosystems. Learn how these technologies are transforming traditional garages into high-tech, efficient spaces that enhance convenience, safety, and sustainability.
Ideal for homeowners, tech enthusiasts, and industry professionals, this presentation provides valuable insights into the trends, benefits, and future developments in smart garage technology. Stay ahead of the curve with our expert analysis and practical tips on implementing smart garage solutions.
Transforming Brand Perception and Boosting Profitabilityaaryangarg12
In today's digital era, the dynamics of brand perception, consumer behavior, and profitability have been profoundly reshaped by the synergy of branding, social media, and website design. This research paper investigates the transformative power of these elements in influencing how individuals perceive brands and products and how this transformation can be harnessed to drive sales and profitability for businesses.
Through an exploration of brand psychology and consumer behavior, this study sheds light on the intricate ways in which effective branding strategies, strategic social media engagement, and user-centric website design contribute to altering consumers' perceptions. We delve into the principles that underlie successful brand transformations, examining how visual identity, messaging, and storytelling can captivate and resonate with target audiences.
Methodologically, this research employs a comprehensive approach, combining qualitative and quantitative analyses. Real-world case studies illustrate the impact of branding, social media campaigns, and website redesigns on consumer perception, sales figures, and profitability. We assess the various metrics, including brand awareness, customer engagement, conversion rates, and revenue growth, to measure the effectiveness of these strategies.
The results underscore the pivotal role of cohesive branding, social media influence, and website usability in shaping positive brand perceptions, influencing consumer decisions, and ultimately bolstering sales and profitability. This paper provides actionable insights and strategic recommendations for businesses seeking to leverage branding, social media, and website design as potent tools to enhance their market position and financial success.
1. Dell - Internal Use - Confidential
,Network Security Consultant – Critical IncidentTeam
India
NTT DATA plans to acquire Dell Services as announced on 28th March 2016.
If you are selected for a Dell Services position and the transaction closes, your future employment will
be with NTT DATA. Dell recruiters can provide you with additional information about any applicable
changes upon request.
People make Dell – so wherever in the world they work, everyone is rewarded for their contribution.
Ready to develop your career in a truly global company? Within the Services at Dell, we are looking
for a Network Security Consultant – Critical Incident Team to join our team in India.
Dell provides end-to-end solutions that enable more affordable and accessible technology around the
world, empowering people everywhere to do more. You will be part of a collaborative team that
believes in honest communication, shares creativity and welcomes different perspectives. There is a
winning culture built on a platform of integrity and a spirit of innovation. We will also provide the
mentoring, training and opportunities for you to fulfil your ambitions and potential.
Key Responsibilities
The Critical Incident Consultant will be a member of a small elite team of highly trained and
experienced technical leaders who will form a SWAT team, consisting of senior engineers and critical
incident managers in the resolution of our most critical incidents across our portfolio of Dell Services
infrastructure customers. This is a 24x7 eyes-on-glass operation, ready to receive escalations and
quickly ramp up a team of experts at a moment’s notice, as well as escalate and communicate issues
to customer and Dell executives, as well as account and tower leaders. This is a new strategic
initiative with high visibility and executive expectations.
Support complex Network Security system configurations and standards for Network Security
platforms
Support complex business requirements to progressive design solutions; oversee the transition to
production
Present network related solutions to the client audience, develop detailed documentation
Perform service delivery skills in support of large scale Network Security projects
Respond to emergency calls when there are large Enterprise level issues
Essential Requirements
Higher education required, technical degree is an advantage
10+ years Network Security design, integration and operation experience
Experience in security auditing and compliance assurance
Knowledge of data networking protocols, Active Directory and experience with Identity
management tools and processes
High level knowledge of computer forensics tools, Firewalls and Proxies, SSH v2, IDS/IPS,
NIDS/NIPS, A/V, NAC and PNAC, PCI, SOX, HIPAA regulations and compliance
Ability to analyze, design and collaborate multiple layer protection architectures and to research,
recommend, and oversee implementation of new network security technology products
Excellent customer service skills, exceptional written and verbal skills including presentation skills
Desirable Requirements
Knowledge and experience with remediation and vulnerability management
2. Dell - Internal Use - Confidential
Multi-vendor security product knowledge
CISSP and/or other industry recongnized certifications
Network/Availability Management Systems knowledge
Experience with handling cyber attacks
Benefits
Our people are the most critical component of our long-term success and their health and wellbeing
are our priority. You will enjoy a comprehensive, locally competitive benefits package.
Dell is committed to the principle of equal employment opportunity for all employees and to providing
employees with a work environment free of discrimination and harassment. All employment decisions
at Dell are based on business needs, job requirements and individual qualifications, without regard to
race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age,
physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or
expression, marital, civil union or domestic partnership status, past or present military service, family
medical history or genetic information, family or parental status, or any other status protected by the
laws or regulations in the locations where we operate. Dell will not tolerate discrimination or
harassment based on any of these characteristics.
Just like a proxy server or cache server, a proxy firewall acts as an
intermediary between in-house clients and servers on the Internet. The
difference is that in addition to intercepting Internet requests and
responses, a proxy firewall also monitors incoming traffic for layer
7 protocols, such as HTTP and FTP. In addition to determining which traffic
is allowed and which is denied, a proxy firewall uses stateful
inspection technology and deep packet inspection to analyze incoming
traffic for signs of attack.
Proxy firewalls are considered to be the most secure type of firewall
because they prevent direct network contact with other systems. (Because
a proxy firewall has its own IP address, an outside network connection will
never receive packets from the sending network directly.) Having the ability
to examine the entire network packet, rather than just the network address
and port number, also means that a proxy firewall will have extensive
logging capabilities -- a valuable resource for security administrators who
are dealing with security incidents. According to Marcus Ranum, who is
credited with conceiving the idea of a proxy firewall, the goal of the proxy
approach is to create a single point that allows a security-conscious
programmer to assess threat levels represented by
3. Dell - Internal Use - Confidential
application protocols and put error detection, attack detection and validity
checking in place.
The added security offered by a proxy firewall has its drawbacks, however.
Because a proxy firewall establishes an additional connection for each
outgoing and incoming packet, the firewall can become a bottleneck,
causing a degradation of performance or becoming a single point of failure.
Additionally, proxy firewalls may only support certain popular network
protocols, thereby limiting which applications the network can support.
Network intrusion can occur in a number of ways, and there are consequently a number of ways to
handle it. Firewalls are a typical security measure, good for on-point security on a computer-by-computer
basis. However, proxy servers can help manage networks on an entire network scale. Firewalls reflect a
direct management of connections, while proxy servers reflect a control and routing of connections. And
while both function in different ways, both can function separately or together as network security
solutions.
Handling Traffic
When working with a home or business network that handles personal data, a primary concern is
security, and this means controlling the flow of incoming and outgoing Web traffic. Two ways to maintain
network security are to block traffic coming from or going to specific Internet Protocoladdresses on the
Web. Another way is to set up a computer, or proxy, to intercept and handle particular types of
communications based on the protocol they're using, such as HTTP for Web pages and File Transfer
Protocol.
Proxy Servers
A proxy server is a computer situated at the access point between a local network and the Internet, or
between two different parts of a network. This means that traffic entering and leaving the network must go
through the proxy server. Furthermore, the proxy server might handle traffic using only certain
communication protocols, such as Web traffic (HTTP) or direct FTP. Home wired or wireless routers often
act, or can act, like primitive proxy servers.
Firewalls
A firewall enables you or the security administrator to set up rules that allow or disallow traffic from
specific communication protocols or even specific Web addresses. Furthermore, a firewall can block
certain ports, or points of connection, so that external computers can't connect to your computer without
your knowing. Firewalls can exist as software packages that run on your computer or as hardware
4. Dell - Internal Use - Confidential
installations in such devices as network routers. Unlike proxy servers, firewalls are designed more as
traffic controls than guidance.
Advantages and Implementations
Both a proxy server and a firewall can function as part of a network security solution. For a direct
security measure, either on a computer or on a network server, a firewall enables the highest level of
immediate security on the device. Firewalls also often come packaged with major operating systems such
as Mac OS, Linux and Windows. When managing a large network, a proxy server will enhance your
security by disallowing direct connection to the network. Working in tandem, you can secure your network
with a proxy server that controls traffic to computers with firewalls that maintain secure traffic on each
computer.
Sponsored Links
SSHprotocol, version 2 SSHprotocol, version 1
Separate transport, authentication, and
connection protocols
One monolithic protocol
Strong cryptographic integrity check
Weak CRC-32 integrity check; admits
an insertion attack in conjunction
with some bulk ciphers.
Supports password changing N/A
Any number of session channels per
connection (including none)
Exactly one session channel per
connection (requires issuing a remote
command even when you don't want
one)
Full negotiation of modular cryptographic
and compression algorithms, including
bulk encryption, MAC, and public-key
Negotiates only the bulk cipher; all
others are fixed
Encryption, MAC, and compression are
negotiated separately for each direction,
with independent keys
The same algorithms and keys are
used in both directions (although RC4
uses separate keys, since the
algorithm's design demands that keys
not be reused)
5. Dell - Internal Use - Confidential
Extensible algorithm/protocol naming
scheme allows local extensions while
preserving interoperability
Fixed encoding precludes
interoperable additions
User authentication methods:
publickey (DSA, RSA*, OpenPGP)
hostbased
password
(Rhosts dropped due to insecurity)
Supports a wider variety:
public-key (RSA only)
RhostsRSA
password
Rhosts (rsh-style)
TIS
Kerberos
Use of Diffie-Hellmankey agreement
removes the need for a server key
Server key used for forwardsecrecy
on the session key
Supports public-key certificates N/A
User authentication exchange is more
flexible, and allows requiring multiple
forms of authentication for access.
Allows for exactly one form of
authentication per session.
hostbased authentication is in principle
independent of client network address,
and so can work with proxying, mobile
clients, etc. (though this is not currently
implemented).
RhostsRSA authentication is
effectively tied to the client host
address, limiting its usefulness.
periodic replacement of session keys N/A
* Not all SSH-2 implementations support RSA yet for user authentication or host
keys, since it's a relatively recent addition. The RSA algorithm was originally
omitted from the protocol due to its patent status, but that patent has since expired.
etwork intrusion detection systems[edit]
Network intrusion detection systems (NIDS) are placed at a strategic point or points within the
network to monitor traffic to and from all devices on the network. It performs an analysis of
passing traffic on the entire subnet, and matches the traffic that is passed on the subnets to the
library of known attacks. Once an attack is identified, or abnormal behavior is sensed, the alert
6. Dell - Internal Use - Confidential
can be sent to the administrator. An example of an NIDS would be installing it on the subnet
where firewalls are located in order to see if someone is trying to break into the firewall. Ideally
one would scan all inbound and outbound traffic, however doing so might create a bottleneck that
would impair the overall speed of the network. OPNET and NetSim are commonly used tools for
simulation network intrusion detection systems. NID Systems are also capable of comparing
signatures for similar packets to link and drop harmful detected packets which have a signature
matching the records in the NIDS. When we classify the designing of the NIDS according to the
system interactivity property, there are two types: on-line and off-line NIDS. On-line NIDS deals
with the network in real time. It analyses the Ethernet packets and applies some rules, to decide
if it is an attack or not. Off-line NIDS deals with stored data and passes it through some
processes to decide if it is an attack or not.[1]
1. Network-based intrusion prevention system (NIPS): monitors the entire network for
suspicious traffic by analyzing protocol activity.
2. Wireless intrusion prevention systems (WIPS): monitor a wireless network for
suspicious traffic by analyzing wireless networking protocols.
3. Network behavior analysis (NBA): examines network traffic to identify threats that
generate unusual traffic flows, such as distributed denial of service (DDoS) attacks,
certain forms of malware and policy violations.
4. Host-based intrusion prevention system (HIPS): an installed software package which
monitors a single host for suspicious activity by analyzing events occurring within that
host.
NIDS and NIPS (Behavior based, signature based, anomaly based, heuristic)
An intrusion detection system (IDS) is software that runs on a server or network device to
monitor and track network activity. By using an IDS, a network administrator can
configure the system to monitor network activity for suspicious behavior that can indicate
unauthorized access attempts. IDSs can be configured to evaluate system logs, look at
suspicious network activity, and disconnect sessions that appear to violate security
settings.
IDSs can be sold with firewalls. Firewalls by themselves will prevent many common
attacks, but they don't usually have the intelligence or the reporting capabilities to
monitor the entire network. An IDS, in conjunction with a firewall,allows both a reactive
posture with the firewall and a preventive posture with the IDS.
In response to an event, the IDS can react by disabling systems, shutting down ports,
ending sessions, deception (redirect to honeypot), and even potentially shutting down
your network. Anetwork-based IDS that takes active steps to halt or prevent an intrusion
is called a network intrusion prevention system (NIPS). When operating in this mode, they
are considered active systems.
A few years ago, NAC solutions tried to accomplish goals for locking down networks.
Most of my customers hated NAC. It added a layer of complexity that made the network
7. Dell - Internal Use - Confidential
behave unnatural and harder to support. It used a variety of ports, protocols, and physical
boxes to implement. In short, it was complicated. NAC supported networks broke down
often, causing nightmares for those legitimate users trying to get access and the people
supporting those networks.
What are people doing to support port lockdown today at the Department of Defense and
other large enterprise organizations? Surprisingly, the solution has been around for a
long time to help secure wireless networks. It is called 802.1x. Historically, 802.1x has
worked great on wireless networks and has always been a little troublesome on the wired
ports. But things have changed with enterprise policy servers (Cisco Identity Services)
that make the connection more easily configurable on modern day operating systems
such as Mac OS X Mountain Lion and Windows 8.
How does 802.1x work? According to Wikipedia,IEEE 802.1X is an IEEE Standard for port-
based Network Access Control (PNAC) that provides an authentication mechanism to
devices wishing to attach to a LAN or WLAN. It is part of the IEEE 802.1 group of
networking protocols.
8. Dell - Internal Use - Confidential
PCI-DSS refers to the Payment Card Industry Data Security Standard,an information securitystandard for
organizations thathandle branded creditcards from the major creditcard companies (such as Visa,MasterCard,
American Express,and Discover). This standard is mandated bythe major creditcard companies and
administered through the PCISecurity Standards Council.The purpose ofthe standard was to increase security
controls in organizations to reduce credit card fraud and limitcardholder data through such exposure.Validation
of compliance atUTD is performed on annual basis through the use ofSelf-AssessmentQuestionnaires (SAQs)
to validate security controls are both in place and continue to maintain the PCI Standards.Because the University
acts as a “merchant” and departments and business do creditcard transactions from designated terminals and
software applications on computer systems,the Universityis required to be complaintwith this standard.
The Gramm Leach BlileyAct of 1999 applies to financial institutions,or companies thatdo business similar to
that of a financial institution,such as making loans.Since some business processes atUTD may fall under
definition of a “financial institution”,the University is required to follow the compliance statutes ofGLBA. The
compliance sections ofGLBA refer to both the Privacy Rules regarding protecting consumer information and
Safeguard Rules which dictates thatinformation securityprograms and securitycontrols be developed to protect
financial data.Since the University already complies with FERPA, the Federal Trade Commission has ruled that
the Privacy Rule does notapply, and only the Safeguard Rule applies.
The general difference between PCI-DSS and GLBA is that PCI is an industry standard setform by the credit
card industryfor compliance.While it is not a legal requirement,failure to comply with the standard when fraud or
breaches ofcard information occur maybring financial penalties to the University by the credit card industry.
GLBA is a Federal law that dictates that any business thatfalls under the definition ofa financial institution is
required to follow the Privacy and Safeguard rule stipulations when applicable.Failure to comply with GLBA may
resultin sanctions,fines and/or imprisonmentofofficials.
Which do I need to comply with?
Both PCI-DSS and GLBA apply to UT Dallas.Any departmentthatprocesses creditcards as a merchant is
subjectto PCI-DSS. Any departmentthat provides financial services similar to those ofa financial institution is
subjectto GLBA.
HIPAA
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted August 21, 1996.
Title II of HIPAA includes the Administrative Simplification Act, which requires improved efficiency in
healthcare delivery by standardizing electronic data interchange (EDI) and mandating the protection of
patient confidentiality (privacy) and the security of health data through the setting and enforcing of
standards. HIPAA Title II requires:
Standardization of electronic patient health, administrative, and financial data.
Unique identifiers for employers, health plans, and health care providers.
Standards protecting the privacy and security of individually identifiable health information.
The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the
American Recovery and Reinvestment Act of 2009, was signed into law on February 17, 2009, to promote
the adoption and meaningful use of health information technology. Subtitle D of the HITECH Act
addresses the privacy and security concerns associated with the electronic transmission of health
information, in part, through several provisions that strengthen the civil and criminal enforcement of the
HIPAA rules.