Security Risk Management- moeshesh

•Download as PPTX, PDF•

1 like•1,187 views

The document discusses ePolicy Orchestrator 4.0 and its security risk management capabilities. It describes the security risk management model as having four primary stages: find and manage assets, evaluate risk, enforce and protect against threats, and fix and ensure compliance. It also outlines the centralized management approach and components of the ePolicy Orchestrator platform for identifying assets, determining risk, protecting against threats, and measuring compliance across an enterprise network.

Technology Business

ePolicy Orchestrator 4.0 with Security Risk
Management

Mohamed A. Shishtawy

© 2007 McAfee, Inc.

Security Risk Management with
ePolicy Orchestrator

Module Topics

• Security Risk Management with ePO
– SRM Model
– Centralized Security Management
– Components & Architecture

Security Risk Management with ePolicy Orchestrator Module 1 - 3 © 2009 McAfee, Inc. All rights reserved.

Security Risk Management  SRM Model
• Centralized Management
• Components & Architecture

• Machine import
Identify & • Machine discovery
group assets • Rogue detection

• Infection reporting
• Measure
Determine vulnerability
risk • Notification

• Configuration
Protect and • Enforcement
block • Maintenance

• Coverage reporting
• Compliance
reporting
Measure
• System compliance
compliance
• McAfee NAC

Security Risk Management with ePolicy Orchestrator Module 1 - 4 © 2009 McAfee, Inc. All rights reserved.

Protecting The Enterprise

• The Challenge
– Identify & group assets
– Determine risk
– Protect and block threats
– Measure compliance

Security Risk Management with ePolicy Orchestrator Module 1 - 5 © 2009 McAfee, Inc. All rights reserved.

Identify & Group Assets

• Import known machines from a browse list
• Synchronize with Active Directory
• Detect Rogue Systems
• Group machines according to management needs
• Assign policies on a generic or granular level

Security Risk Management with ePolicy Orchestrator Module 1 - 6 © 2009 McAfee, Inc. All rights reserved.

Determine Risk

• Monitor threat events and propagation
• Determine infection and outbreak source
• Provide Automatic Responses to rule infringement

Security Risk Management with ePolicy Orchestrator Module 1 - 7 © 2009 McAfee, Inc. All rights reserved.

Protect And Block Threats

• Ensure correct configuration
• Enforce security policy
• Maintain and update protection
• Respond to rule intrusion

Security Risk Management with ePolicy Orchestrator Module 1 - 8 © 2009 McAfee, Inc. All rights reserved.

Measure Compliance

• Report on coverage and protection levels
• Determine compliance to anti-virus policy
• Determine compliance to system policy
• Roll-up reporting across multiple ePO servers

Security Risk Management with ePolicy Orchestrator Module 1 - 9 © 2009 McAfee, Inc. All rights reserved.

Centralized System Security Management  SRM Model
 Centralized Mgmt
• Components/Architecture

ePolicy
Automatic Manage only Orchestrator McAfee
one policy Server and Download
Responses to Master Site
Threats framework Repository
Consolidate
monitoring
Product Updates
Automatic DAT File Updates and reporting
Responses /
Threat Database
Notification Server

Scalability &
Rogue Web-based
Bandwidth System Consoles
savings Remote Secure Detection
Agent Bi-directional Sensor
Handler Channel Update
Repository
Product Updates Product Updates
DAT File Updates DAT File Updates
Policy Updates
Threat Events Policy Updates
Threat Events Easily discover
non-compliant
systems
Managed Systems with McAfee Agents Managed Systems with McAfee Agents

Security Risk Management with ePolicy Orchestrator Module 1 - 10 © 2009 McAfee, Inc. All rights reserved.

Feature Management

• ePolicy Orchestrator manages products through:

– Product deployment

– Configuration management

– Update and task configuration

– Coverage reporting

– Threat Event reporting

Security Risk Management with ePolicy Orchestrator Module 1 - 11 © 2009 McAfee, Inc. All rights reserved.

Architecture And Communication
Agent Handler

McAfee Agent APACHE Event Parser
Service Service
Framework
Service HTTP 80
Master
UDP 8081

Repository
UDP 8082
TCP 8081

DAL

HTTP
8080
ePO Server

Application Server
Network Database (TOMCAT)
Console UI
Rogue
HTTPS 8443 Notification
Sensor
System
Rogue System
HTTPS 8444
Sensor

Security Risk Management with ePolicy Orchestrator Module 1 - 12 © 2009 McAfee, Inc. All rights reserved.

Check Your Understanding

Choose the correct answer(s):

What are the four primary stages of the Security Risk
Management model?

• Discover, Determine, Defend, Detect

• Find & Manage, Evaluate, Enforce & Protect, Fix &
Comply

• Assess, Remediate, Measure, Prioritize

Security Risk Management with ePolicy Orchestrator Module 1 - 13 © 2009 McAfee, Inc. All rights reserved.

En la actualidad el crecimiento exponencial del malware sofisticado y los métodos de evasión utilizados por cibercriminales se han convertido en una combinación letal para las organizaciones. Los silos de información y la carencia de automatización entre ellos, convierte a las empresas en foco fácil de los atacantes. Hoy las empresas no solo buscan llenar el “check” de Compliance, sino realmente mitigar sus riesgos de seguridad de manera más eficiente y proactiva. Una seguridad conectada, a través de diferentes componentes tecnológicos mediante los cuales se “comparte” la información para tomar conciencia y reaccionar de manera inmediata hace la diferencia entre ser uno más de las estadísticas de incidentes de seguridad o no serlo. Dirigido a: Jefes o Coordinadores de TI, Gerentes de Sistemas o TI, CIO, CISO, CTO

In de praktijk blijkt het vaak lastig te bepalen welke risico’s een organisatie loopt en wat daarvoor een passend beveiligingsniveau is. Deze kennis is echter wel noodzakelijk om de juiste maatregelen te nemen en effectief in informatiebeveiliging te investeren. Pinewood organiseerde op 12 december 2012 in samenwerking met McAfee een seminar die hierop inspeelde. Handige tools zoals Risk Management en McAfee Nitro (het SIEM product van McAfee) en de pragmatische aanpak van Pinewood bieden concrete handvatten en inzicht om tot een effectief informatiebeveiligingsbeleid te komen.

High Availability and Disaster Recovery with Novell Sentinel Log Manager

Novell

Novell Sentinel Log Manager can be implemented in a high availability cluster using the SUSE Linux Enterprise 11 High Availability Extension. This approach, combined with Sentinel Log Manager backup scripts can be used to provide a solution for disaster recovery. This session will explain the architecture of the high availability and disaster recovery solution available with Sentinel Log Manager as well as implementation details.

Viewers also liked

OER Talk @ University of Maryland #OAweek

Nicole Allen

Human environment-interactionsLexi34

WeatherИгорь Анатольевич

Foil insulation radiant barrier from sinolam

WWW.SINOLAM.COM WEBSITE

Represii. Deportari. FoameteAdela Negura

AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...

Azimut Yacht Club

экоблок презентация

musorabolshenet

Open Educational Resources and Capacity Building for DevelopmentNicole Allen

OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)Nicole Allen

Les données du Data Portal du Shift Project sur l'électricité britannique et ...

The Shift Project

Social mediaNorlela Alias

Una forma geométrica de medir irracionalidad

Pedro Morales

духовные ценности волонтёра

musorabolshenet

Business in the future

ryuuzaki Ghifari

үзүүлэн5munkhtuyagg

Warp9: reactive primitivesrystsov

Cleopatramj_aerox

managerial accounting assignment - projected financial statements of maruti s...Tushar Upadhyay

Open access.2013 Biblioteca UPSCAdela Negura

OCHO HERRAMIENTAS ESENCIALESInes Tazon

Viewers also liked (20)

OER Talk @ University of Maryland #OAweek

Human environment-interactions

Weather

Foil insulation radiant barrier from sinolam

Represii. Deportari. Foamete

AZIMUT Azimut 68S, 2007, 1.200.000 € For Sale Brochure. Presented By azimut-y...

экоблок презентация

Open Educational Resources and Capacity Building for Development

OER Overview (MCCLPHEI Annual Conference 6/19/14 Salem, MA)

Les données du Data Portal du Shift Project sur l'électricité britannique et ...

Social media

Una forma geométrica de medir irracionalidad

духовные ценности волонтёра

Business in the future

үзүүлэн5

Warp9: reactive primitives

Cleopatra

managerial accounting assignment - projected financial statements of maruti s...

Open access.2013 Biblioteca UPSC

OCHO HERRAMIENTAS ESENCIALES

Similar to Security Risk Management- moeshesh

2012-12-12 Seminar McAfee Risk Management

Pinewood

High Availability and Disaster Recovery with Novell Sentinel Log Manager

Novell

Axxera Security Solutions Ver 2.0

Reddy Marri

Process Steps

mfeKEG

Five Must Haves to Prevent Encryption Disasters

Venafi

Simple errors, old and weak cryptography, and alarming, malicious attacks are turning digital certificates and encryption keys into an expressway to downtime, targeted attacks, failed compliance, and data breaches. Fortunately, there are simple steps you can take to make sure your organization doesn’t fall victim. From online banking to the production line, thousands of certificates and keys in every enterprise are the difference between controlling success or failure. In this live webinar, learn how enterprises are using NIST and industry best practices to develop an effective Enterprise Key and Certificate Management strategy. Go to http://www.venafi.com/five-musts-ekcm/ to view the full On Demand Webinar.

Axxera Security Solutions

akshayvreddy

Rationalization and Defense in Depth - Two Steps Closer to the Clouds

Bob Rhubart

Qradar ibm partner_enablement_220212_finalArrow ECS UK

클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...

Amazon Web Services Korea

스폰서 발표 세션 | 클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic 채현주 보안기술본부장, Openbase 클라우드 환경의 다양한 서비스로 인해 자산을 지키는 보안을 위한 작업은 더욱 복잡해지고 있다. 기존 온프라미스에서 해 오던 방식으로 클라우드 보안에 접근하는 것은 비용 및 자원활용 측면에서도 낭비이며, 기술의 발전 속도를 따라가기도 어렵다. 본 세션에서는 클라우드 환경의 보안 특성을 살펴보고 효율적인 보안시스템 구축을 위한 가이드를 제시하며, 아울러 전문적인 보안 지식이나 자체 구축 보안시스템 없이도 즉시 활용할 수 있는 Alert Logic의 보안 서비스를 소개한다.

McAffee_Security and System Integrity in Embedded DevicesIşınsu Akçetin

241_ATD_TUE_1430_EagleRockEnergy_finalAnthony Hopkins

Security Awareness Training

Daniel P Wallace

Setting up a secure development life cycle with OWASP - seba deleersnyder

Sebastien Deleersnyder

DSS ITSEC Conference 2012 - Radware WAF Tech

Andris Soroka

SuprTEK Continuous Monitoring

Tieu Luu

RSA 2012 Virtualization Security February 2012

Symantec

At RSA 2012 Symantec and VMware announced five new security integrations with the VMware cloud infrastructure suite designed to deliver extensive protection for virtual and cloud environments along with operational cost savings. With new VMware integrations, Symantec enables joint customers to completely protect their virtual infrastructure and business-critical applications with data loss prevention, IT risk an compliance, data center protection, security information and event management (SIEM) and endpoint protection solutions – delivering unparalleled security, scalability and cost reductions for rapid services delivery and enhanced business agility for the cloud.

Symantec Control Compliance Suite 11, February 2012

Symantec

Symantec Control Compliance Suite 11 is the latest version of its enterprise-class IT governance, risk and compliance (GRC) solution. It will feature the new Control Compliance Suite Risk Manager module which enables security leaders to better understand and communicate risks to the business environment from their IT infrastructure. Risk Manager translates technical issues into risks relevant to business processes, delivers customized views of IT risk for different stakeholders, and helps prioritize remediation efforts based on business criticality rather than technical severity.

Continuous Delivery using Release Management AutomationPremkumar Veerakumar

Cybersecurity exchange briefing oct 2012 v2

Naba Barkakati

NIC2012 - System Center Endpoint Protection 2012

Nicolai Henriksen

Similar to Security Risk Management- moeshesh (20)

2012-12-12 Seminar McAfee Risk Management

High Availability and Disaster Recovery with Novell Sentinel Log Manager

Axxera Security Solutions Ver 2.0

Process Steps

Five Must Haves to Prevent Encryption Disasters

Axxera Security Solutions

Rationalization and Defense in Depth - Two Steps Closer to the Clouds

Qradar ibm partner_enablement_220212_final

클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...

McAffee_Security and System Integrity in Embedded Devices

241_ATD_TUE_1430_EagleRockEnergy_final

Security Awareness Training

Setting up a secure development life cycle with OWASP - seba deleersnyder

DSS ITSEC Conference 2012 - Radware WAF Tech

SuprTEK Continuous Monitoring

RSA 2012 Virtualization Security February 2012

Symantec Control Compliance Suite 11, February 2012

Continuous Delivery using Release Management Automation

Cybersecurity exchange briefing oct 2012 v2

NIC2012 - System Center Endpoint Protection 2012

Recently uploaded

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

The Metaverse and AI: how can decision-makers harness the Metaverse for their...

Jen Stirrup

The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives? How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.

zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs

Alex Pruden

This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second). Paper: https://eprint.iacr.org/2023/1886

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Assure Contact Center Experiences for Your Customers With ThousandEyes

ThousandEyes

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

A tale of scale & speed: How the US Navy is enabling software delivery from l...

sonjaschweigert1

Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved: - Reduction in onboarding time from 5 weeks to 1 day - Improved developer experience and productivity through actionable findings and reduction of false positives - Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO) Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production. We will cover: - How to remove silos in DevSecOps - How to build efficient development pipeline roles and component templates - How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence) - How to streamline operations with automated policy checks on container images

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

UiPath Community Day Dubai: AI at Work..

UiPathCommunity

Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking. 📕 Curious on our agenda? Wait no more! 10:00 Welcome note - UiPath Community in Dubai Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank 10:20 A UiPath cross-region MEA overview Ashraf El Zarka, VP and Managing Director MEA, UiPath 10:35: Customer Success Journey Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank 11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more Boris Krumrey, Global VP, Automation Innovation, UiPath 12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services. Brendan Lingam, Director of Sales and Business Development, Marc Ellis

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

Essentials of Automations: The Art of Triggers and Actions in FME

Safe Software

In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation. We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios. Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

Recently uploaded (20)

Accelerate your Kubernetes clusters with Varnish Caching

The Metaverse and AI: how can decision-makers harness the Metaverse for their...

zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs

Securing your Kubernetes cluster_ a step-by-step guide to success !

GraphRAG is All You need? LLM & Knowledge Graph

Assure Contact Center Experiences for Your Customers With ThousandEyes

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

Elevating Tactical DDD Patterns Through Object Calisthenics

Monitoring Java Application Security with JDK Tools and JFR Events

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Epistemic Interaction - tuning interfaces to provide information for AI support

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

A tale of scale & speed: How the US Navy is enabling software delivery from l...

UiPath Test Automation using UiPath Test Suite series, part 4

FIDO Alliance Osaka Seminar: Overview.pdf

UiPath Community Day Dubai: AI at Work..

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Leading Change strategies and insights for effective change management pdf 1.pdf

Essentials of Automations: The Art of Triggers and Actions in FME

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

Security Risk Management- moeshesh

2. Security Risk Management with ePolicy Orchestrator

3. Module Topics • Security Risk Management with ePO – SRM Model – Centralized Security Management – Components & Architecture Security Risk Management with ePolicy Orchestrator Module 1 - 3 © 2009 McAfee, Inc. All rights reserved.

4. Security Risk Management  SRM Model • Centralized Management • Components & Architecture • Machine import Identify & • Machine discovery group assets • Rogue detection • Infection reporting • Measure Determine vulnerability risk • Notification • Configuration Protect and • Enforcement block • Maintenance • Coverage reporting • Compliance reporting Measure • System compliance compliance • McAfee NAC Security Risk Management with ePolicy Orchestrator Module 1 - 4 © 2009 McAfee, Inc. All rights reserved.

5. Protecting The Enterprise • The Challenge – Identify & group assets – Determine risk – Protect and block threats – Measure compliance Security Risk Management with ePolicy Orchestrator Module 1 - 5 © 2009 McAfee, Inc. All rights reserved.

6. Identify & Group Assets • Import known machines from a browse list • Synchronize with Active Directory • Detect Rogue Systems • Group machines according to management needs • Assign policies on a generic or granular level Security Risk Management with ePolicy Orchestrator Module 1 - 6 © 2009 McAfee, Inc. All rights reserved.

7. Determine Risk • Monitor threat events and propagation • Determine infection and outbreak source • Provide Automatic Responses to rule infringement Security Risk Management with ePolicy Orchestrator Module 1 - 7 © 2009 McAfee, Inc. All rights reserved.

8. Protect And Block Threats • Ensure correct configuration • Enforce security policy • Maintain and update protection • Respond to rule intrusion Security Risk Management with ePolicy Orchestrator Module 1 - 8 © 2009 McAfee, Inc. All rights reserved.

9. Measure Compliance • Report on coverage and protection levels • Determine compliance to anti-virus policy • Determine compliance to system policy • Roll-up reporting across multiple ePO servers Security Risk Management with ePolicy Orchestrator Module 1 - 9 © 2009 McAfee, Inc. All rights reserved.

10. Centralized System Security Management  SRM Model  Centralized Mgmt • Components/Architecture ePolicy Automatic Manage only Orchestrator McAfee one policy Server and Download Responses to Master Site Threats framework Repository Consolidate monitoring Product Updates Automatic DAT File Updates and reporting Responses / Threat Database Notification Server Scalability & Rogue Web-based Bandwidth System Consoles savings Remote Secure Detection Agent Bi-directional Sensor Handler Channel Update Repository Product Updates Product Updates DAT File Updates DAT File Updates Policy Updates Threat Events Policy Updates Threat Events Easily discover non-compliant systems Managed Systems with McAfee Agents Managed Systems with McAfee Agents Security Risk Management with ePolicy Orchestrator Module 1 - 10 © 2009 McAfee, Inc. All rights reserved.

11. Feature Management • ePolicy Orchestrator manages products through: – Product deployment – Configuration management – Update and task configuration – Coverage reporting – Threat Event reporting Security Risk Management with ePolicy Orchestrator Module 1 - 11 © 2009 McAfee, Inc. All rights reserved.

12. Architecture And Communication Agent Handler McAfee Agent APACHE Event Parser Service Service Framework Service HTTP 80 Master UDP 8081 Repository UDP 8082 TCP 8081 DAL HTTP 8080 ePO Server Application Server Network Database (TOMCAT) Console UI Rogue HTTPS 8443 Notification Sensor System Rogue System HTTPS 8444 Sensor Security Risk Management with ePolicy Orchestrator Module 1 - 12 © 2009 McAfee, Inc. All rights reserved.

13. Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect • Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 13 © 2009 McAfee, Inc. All rights reserved.

14. Check Your Understanding Choose the correct answer(s): What are the four primary stages of the Security Risk Management model? • Discover, Determine, Defend, Detect  Find & Manage, Evaluate, Enforce & Protect, Fix & Comply • Assess, Remediate, Measure, Prioritize Security Risk Management with ePolicy Orchestrator Module 1 - 14 © 2009 McAfee, Inc. All rights reserved.

15.

Security Risk Management- moeshesh

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (20)

Similar to Security Risk Management- moeshesh

Similar to Security Risk Management- moeshesh (20)

Recently uploaded

Recently uploaded (20)

Security Risk Management- moeshesh