SlideShare a Scribd company logo

SNA_Pres2.ppt

Download as PPT, PDF
T
TibcoGroup

This document summarizes the essential components and capabilities of Oracle Financial Management services. It identifies key systems like the Kerberos domain controller, database server Mistral, and backup server Chinook. Essential user capabilities include accessing core financial applications from 300 users. Diagrams show the network configuration and essential scenarios like accessing budget spreadsheets and integrating feeder systems. Ongoing steps are also outlined such as verifying services, identifying compromisable components, and assessing potential security threats from business managers.

Internet
1 of 15
SNA, Step 2, 10/31 Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song
SNA, Step 2, 10/31 Overview  Essential User Capabilities  Summary of Essential Components  Firewall Type  Essential Components Diagram  Essential Scenarios  Essential Component Details  Next Steps
SNA, Step 2, 10/31 Essential User Capabilities  Essential Capabilities performed by 300 dedicated users  Dedicated users must have access to financial service applications  Core Financial Applications  Application Desktop Integrator Applications  Feeder systems must integrate with financial applications  Primary actions performed by users are:  Billing, reporting & reconciliation of budgets and expenses
SNA, Step 2, 10/31 Summary of Essential Components  Kerberos Domain Controller (authentication)  Acis.as.cmu.edu (public access points)  Mistral (db server)  Tandem (print & e-mail)  Chinook (backup server)
SNA, Step 2, 10/31 Logical Proxy (Application Gateway) Firewall SCP HTTPS … Oracle Connection Mgr. Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SSH SMTP (e-mail) Tandem CAMPUS NETWORK PRIVATE NETWORK (External) (Internal) 1. Restricts traffic based upon packet content 2. Application specific
SNA, Step 2, 10/31 Essential Components Diagram Kerberos SCP HTTPS … Oracle Connection Mgr. Kerberos Domain Contriller Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SSH SMTP (e-mail) Tandem O. DB HTTP … O. Listener Mistral (databse server) SQL Net O. Forms CITRIX FTP LPR (print) SSH SMTP (e-mail) O. DB HTTP … O. Listener Chinook (Backup) SQL Net O. Forms CITRIX FTP LPR (print) SSH SMTP (e-mail) CAMPUS NETWORK Cyert Computer Center 6555 Penn Ave FIBER
SNA, Step 2, 10/31 Essential Components [1]  Acis.as.cmu.edu:  Cluster of Sun Sparc Servers  Public Access Points  Support services  Oracle Connection Manager  HTTP, Telnet, FTP, HTTPS(some Kerberos authenticated)  SCP (Secure Copy Protocol – unix)  SSH  Web DB, Big Brother (Monitoring software), …
SNA, Step 2, 10/31 Essential Components [2]  Mistral: Database Server  Hosts main Oracle Server:  HTTP  Oracle Listeners, Names, Database  CITRIX Application Server  NFS(data sharing),  SMTP (e-mail)  LPR (printer) & Fs (other printer)  SQL net, FTP, SSH(file upload)…
SNA, Step 2, 10/31 Essential Components [3]  Tandem  Print & E-mail gateway  No user accounts on this machine  Services provided:  SSH (Administrator Connections)  LPD (Printing)  SMTP (email)
SNA, Step 2, 10/31 Essential Components [4]  Chinook  Disaster Recovery Machine: standby database  Located offsite at 6555 Penn Ave.  Test & Development machine  Mirroring of Development database every 5-minutes  Existing passive fiber link between campus and this location.  Exact Same HW & SW as Mistral
SNA, Step 2, 10/31 Essential Scenarios – Budget Spreadsheet Kerberos SCP HTTPS Oracle Connection Mgr. Kerberos Domain Contriller Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SMTP (e-mail) Tandem O. DB HTTP O. Listener Mistral (Databse Server) O. Forms CITRIX CAMPUS NETWORK (out)
SNA, Step 2, 10/31 Essential Scenarios – Feeder System Kerberos SCP HTTPS Oracle Connection Mgr. Kerberos Domain Contriller Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SMTP (e-mail) Tandem O. DB HTTP O. Listener Mistral (Database Server) O. Forms Secure Directory CAMPUS NETWORK LPR (print) SMTP (e-mail)
SNA, Step 2, 10/31 Essential Components – DB Mirroring O. DB O. Mirroring Software Mistral (Database Server) Chinook (Backup) O. DB O. Mirroring Software Automatic mirroring of development database changes every 5-minutes
SNA, Step 2, 10/31 Ongoing Steps  Client & Users  3rd client meeting to verify essential services and components  On-going interviews of Business Managers with and w/o feeder systems  Within Our Group  Development of potential intrusion detection scenarios & attacker profiles  Identify compromisable components  Physical visit to 6555 Penn Ave. Backup facility
SNA, Step 2, 10/31 A potential security threat  Business Managers:  30+ business managers  SCS, MCS, CIT, etc…  Determine exactly who is able to obtain various forms of access to areas of the oracle financial system  For example, MCS:  College Manager  7 Business Managers  Provide access to 2-3 individuals (regular users)

Recommended

aug-resume-2015
aug-resume-2015aug-resume-2015
aug-resume-2015
Roosevelt Sculark
 
Data-and-Compute-Intensive processing Use Case: Lucene Domain Index
Data-and-Compute-Intensive processing Use Case: Lucene Domain IndexData-and-Compute-Intensive processing Use Case: Lucene Domain Index
Data-and-Compute-Intensive processing Use Case: Lucene Domain Index
Marcelo Ochoa
 
Stephan Ewen - Experiences running Flink at Very Large Scale
Stephan Ewen - Experiences running Flink at Very Large ScaleStephan Ewen - Experiences running Flink at Very Large Scale
Stephan Ewen - Experiences running Flink at Very Large Scale
Ververica
 
Multitenancy: Kafka clusters for everyone at LINE
Multitenancy: Kafka clusters for everyone at LINEMultitenancy: Kafka clusters for everyone at LINE
Multitenancy: Kafka clusters for everyone at LINE
kawamuray
 
BonAHA framework - IEEE CCNC 2009
BonAHA framework - IEEE CCNC 2009BonAHA framework - IEEE CCNC 2009
BonAHA framework - IEEE CCNC 2009
Suman Srinivasan
 
Mysql Latency
Mysql LatencyMysql Latency
Mysql Latency
srubinstein
 
NoLambda: Combining Streaming, Ad-Hoc, Machine Learning and Batch Analysis
NoLambda: Combining Streaming, Ad-Hoc, Machine Learning and Batch AnalysisNoLambda: Combining Streaming, Ad-Hoc, Machine Learning and Batch Analysis
NoLambda: Combining Streaming, Ad-Hoc, Machine Learning and Batch Analysis
Helena Edelson
 
Monitoring With Alterpoint And Cs Mars
Monitoring With Alterpoint And Cs MarsMonitoring With Alterpoint And Cs Mars
Monitoring With Alterpoint And Cs Mars
amit_monty
 

Recommended

aug-resume-2015
aug-resume-2015aug-resume-2015
aug-resume-2015
Roosevelt Sculark
 
Data-and-Compute-Intensive processing Use Case: Lucene Domain Index
Data-and-Compute-Intensive processing Use Case: Lucene Domain IndexData-and-Compute-Intensive processing Use Case: Lucene Domain Index
Data-and-Compute-Intensive processing Use Case: Lucene Domain Index
Marcelo Ochoa
 
Stephan Ewen - Experiences running Flink at Very Large Scale
Stephan Ewen - Experiences running Flink at Very Large ScaleStephan Ewen - Experiences running Flink at Very Large Scale
Stephan Ewen - Experiences running Flink at Very Large Scale
Ververica
 
Multitenancy: Kafka clusters for everyone at LINE
Multitenancy: Kafka clusters for everyone at LINEMultitenancy: Kafka clusters for everyone at LINE
Multitenancy: Kafka clusters for everyone at LINE
kawamuray
 
BonAHA framework - IEEE CCNC 2009
BonAHA framework - IEEE CCNC 2009BonAHA framework - IEEE CCNC 2009
BonAHA framework - IEEE CCNC 2009
Suman Srinivasan
 
Mysql Latency
Mysql LatencyMysql Latency
Mysql Latency
srubinstein
 
NoLambda: Combining Streaming, Ad-Hoc, Machine Learning and Batch Analysis
NoLambda: Combining Streaming, Ad-Hoc, Machine Learning and Batch AnalysisNoLambda: Combining Streaming, Ad-Hoc, Machine Learning and Batch Analysis
NoLambda: Combining Streaming, Ad-Hoc, Machine Learning and Batch Analysis
Helena Edelson
 
Monitoring With Alterpoint And Cs Mars
Monitoring With Alterpoint And Cs MarsMonitoring With Alterpoint And Cs Mars
Monitoring With Alterpoint And Cs Mars
amit_monty
 
Linux capacity planning
Linux capacity planningLinux capacity planning
Linux capacity planning
Francisco Gonçalves
 
iiwas2009
iiwas2009iiwas2009
iiwas2009
steccami
 
Better Network Management Through Network Programmability
Better Network Management Through Network ProgrammabilityBetter Network Management Through Network Programmability
Better Network Management Through Network Programmability
Cisco Canada
 
sector-sphere
sector-spheresector-sphere
sector-sphere
xlight
 
Sector Sphere 2009
Sector Sphere 2009Sector Sphere 2009
Sector Sphere 2009
lilyco
 
Splunk App for Stream
Splunk App for StreamSplunk App for Stream
Splunk App for Stream
Splunk
 
Seattle spark-meetup-032317
Seattle spark-meetup-032317Seattle spark-meetup-032317
Seattle spark-meetup-032317
Nan Zhu
 
Lightbend Fast Data Platform
Lightbend Fast Data PlatformLightbend Fast Data Platform
Lightbend Fast Data Platform
Lightbend
 
Virtual Distro Dispatcher - A costless distributed virtual environment from T...
Virtual Distro Dispatcher - A costless distributed virtual environment from T...Virtual Distro Dispatcher - A costless distributed virtual environment from T...
Virtual Distro Dispatcher - A costless distributed virtual environment from T...
Flavio Bertini
 
Modern real-time streaming architectures
Modern real-time streaming architecturesModern real-time streaming architectures
Modern real-time streaming architectures
Arun Kejariwal
 
ReactiveSummeriserAkka-ScalaByBay2016
ReactiveSummeriserAkka-ScalaByBay2016ReactiveSummeriserAkka-ScalaByBay2016
ReactiveSummeriserAkka-ScalaByBay2016
Ho Tien VU
 
[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...
[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...
[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...
Stanley Nguyen Xuan Tuong
 
Designing High Availability Networks, Systems, and Software for the Universit...
Designing High Availability Networks, Systems, and Software for the Universit...Designing High Availability Networks, Systems, and Software for the Universit...
Designing High Availability Networks, Systems, and Software for the Universit...
Shumon Huque
 
Enterprise wide information systems - SAP R3 overview & basis technology
Enterprise wide information systems - SAP R3 overview & basis technologyEnterprise wide information systems - SAP R3 overview & basis technology
Enterprise wide information systems - SAP R3 overview & basis technology
SapFico Training
 
C19013010 the tutorial to build shared ai services session 2
C19013010 the tutorial to build shared ai services session 2C19013010 the tutorial to build shared ai services session 2
C19013010 the tutorial to build shared ai services session 2
Bill Liu
 
Fundamentals
FundamentalsFundamentals
Fundamentals
Divya Srinivasan
 
Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE
confluent
 
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINEKafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
kawamuray
 
Lightbend Fast Data Platform
Lightbend Fast Data PlatformLightbend Fast Data Platform
Lightbend Fast Data Platform
Lightbend
 
YOW2018 Cloud Performance Root Cause Analysis at Netflix
YOW2018 Cloud Performance Root Cause Analysis at NetflixYOW2018 Cloud Performance Root Cause Analysis at Netflix
YOW2018 Cloud Performance Root Cause Analysis at Netflix
Brendan Gregg
 
KubeCon & CloudNative Con 2024 Artificial Intelligent
KubeCon & CloudNative Con 2024 Artificial IntelligentKubeCon & CloudNative Con 2024 Artificial Intelligent
KubeCon & CloudNative Con 2024 Artificial Intelligent
Emre Gündoğdu
 
Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT
Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. ITNetwork Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT
Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT
Sarthak Sobti
 

More Related Content

Similar to SNA_Pres2.ppt

Linux capacity planning
Linux capacity planningLinux capacity planning
Linux capacity planning
Francisco Gonçalves
 
iiwas2009
iiwas2009iiwas2009
iiwas2009
steccami
 
Better Network Management Through Network Programmability
Better Network Management Through Network ProgrammabilityBetter Network Management Through Network Programmability
Better Network Management Through Network Programmability
Cisco Canada
 
sector-sphere
sector-spheresector-sphere
sector-sphere
xlight
 
Sector Sphere 2009
Sector Sphere 2009Sector Sphere 2009
Sector Sphere 2009
lilyco
 
Splunk App for Stream
Splunk App for StreamSplunk App for Stream
Splunk App for Stream
Splunk
 
Seattle spark-meetup-032317
Seattle spark-meetup-032317Seattle spark-meetup-032317
Seattle spark-meetup-032317
Nan Zhu
 
Lightbend Fast Data Platform
Lightbend Fast Data PlatformLightbend Fast Data Platform
Lightbend Fast Data Platform
Lightbend
 
Virtual Distro Dispatcher - A costless distributed virtual environment from T...
Virtual Distro Dispatcher - A costless distributed virtual environment from T...Virtual Distro Dispatcher - A costless distributed virtual environment from T...
Virtual Distro Dispatcher - A costless distributed virtual environment from T...
Flavio Bertini
 
Modern real-time streaming architectures
Modern real-time streaming architecturesModern real-time streaming architectures
Modern real-time streaming architectures
Arun Kejariwal
 
ReactiveSummeriserAkka-ScalaByBay2016
ReactiveSummeriserAkka-ScalaByBay2016ReactiveSummeriserAkka-ScalaByBay2016
ReactiveSummeriserAkka-ScalaByBay2016
Ho Tien VU
 
[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...
[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...
[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...
Stanley Nguyen Xuan Tuong
 
Designing High Availability Networks, Systems, and Software for the Universit...
Designing High Availability Networks, Systems, and Software for the Universit...Designing High Availability Networks, Systems, and Software for the Universit...
Designing High Availability Networks, Systems, and Software for the Universit...
Shumon Huque
 
Enterprise wide information systems - SAP R3 overview & basis technology
Enterprise wide information systems - SAP R3 overview & basis technologyEnterprise wide information systems - SAP R3 overview & basis technology
Enterprise wide information systems - SAP R3 overview & basis technology
SapFico Training
 
C19013010 the tutorial to build shared ai services session 2
C19013010 the tutorial to build shared ai services session 2C19013010 the tutorial to build shared ai services session 2
C19013010 the tutorial to build shared ai services session 2
Bill Liu
 
Fundamentals
FundamentalsFundamentals
Fundamentals
Divya Srinivasan
 
Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE
confluent
 
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINEKafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
kawamuray
 
Lightbend Fast Data Platform
Lightbend Fast Data PlatformLightbend Fast Data Platform
Lightbend Fast Data Platform
Lightbend
 
YOW2018 Cloud Performance Root Cause Analysis at Netflix
YOW2018 Cloud Performance Root Cause Analysis at NetflixYOW2018 Cloud Performance Root Cause Analysis at Netflix
YOW2018 Cloud Performance Root Cause Analysis at Netflix
Brendan Gregg
 

Similar to SNA_Pres2.ppt (20)

Linux capacity planning
Linux capacity planningLinux capacity planning
Linux capacity planning
 
iiwas2009
iiwas2009iiwas2009
iiwas2009
 
Better Network Management Through Network Programmability
Better Network Management Through Network ProgrammabilityBetter Network Management Through Network Programmability
Better Network Management Through Network Programmability
 
sector-sphere
sector-spheresector-sphere
sector-sphere
 
Sector Sphere 2009
Sector Sphere 2009Sector Sphere 2009
Sector Sphere 2009
 
Splunk App for Stream
Splunk App for StreamSplunk App for Stream
Splunk App for Stream
 
Seattle spark-meetup-032317
Seattle spark-meetup-032317Seattle spark-meetup-032317
Seattle spark-meetup-032317
 
Lightbend Fast Data Platform
Lightbend Fast Data PlatformLightbend Fast Data Platform
Lightbend Fast Data Platform
 
Virtual Distro Dispatcher - A costless distributed virtual environment from T...
Virtual Distro Dispatcher - A costless distributed virtual environment from T...Virtual Distro Dispatcher - A costless distributed virtual environment from T...
Virtual Distro Dispatcher - A costless distributed virtual environment from T...
 
Modern real-time streaming architectures
Modern real-time streaming architecturesModern real-time streaming architectures
Modern real-time streaming architectures
 
ReactiveSummeriserAkka-ScalaByBay2016
ReactiveSummeriserAkka-ScalaByBay2016ReactiveSummeriserAkka-ScalaByBay2016
ReactiveSummeriserAkka-ScalaByBay2016
 
[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...
[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...
[ScalaByTheBay2016] Implement a scalable statistical aggregation system using...
 
Designing High Availability Networks, Systems, and Software for the Universit...
Designing High Availability Networks, Systems, and Software for the Universit...Designing High Availability Networks, Systems, and Software for the Universit...
Designing High Availability Networks, Systems, and Software for the Universit...
 
Enterprise wide information systems - SAP R3 overview & basis technology
Enterprise wide information systems - SAP R3 overview & basis technologyEnterprise wide information systems - SAP R3 overview & basis technology
Enterprise wide information systems - SAP R3 overview & basis technology
 
C19013010 the tutorial to build shared ai services session 2
C19013010 the tutorial to build shared ai services session 2C19013010 the tutorial to build shared ai services session 2
C19013010 the tutorial to build shared ai services session 2
 
Fundamentals
FundamentalsFundamentals
Fundamentals
 
Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy—160 Billion Daily Messages on One Shared Cluster at LINE
 
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINEKafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
Kafka Multi-Tenancy - 160 Billion Daily Messages on One Shared Cluster at LINE
 
Lightbend Fast Data Platform
Lightbend Fast Data PlatformLightbend Fast Data Platform
Lightbend Fast Data Platform
 
YOW2018 Cloud Performance Root Cause Analysis at Netflix
YOW2018 Cloud Performance Root Cause Analysis at NetflixYOW2018 Cloud Performance Root Cause Analysis at Netflix
YOW2018 Cloud Performance Root Cause Analysis at Netflix
 

Recently uploaded

KubeCon & CloudNative Con 2024 Artificial Intelligent
KubeCon & CloudNative Con 2024 Artificial IntelligentKubeCon & CloudNative Con 2024 Artificial Intelligent
KubeCon & CloudNative Con 2024 Artificial Intelligent
Emre Gündoğdu
 
Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT
Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. ITNetwork Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT
Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT
Sarthak Sobti
 
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
thezot
 
cyber crime.pptx..........................
cyber crime.pptx..........................cyber crime.pptx..........................
cyber crime.pptx..........................
GNAMBIKARAO
 
DocSplit Subsequent Implementation Activation.pptx
DocSplit Subsequent Implementation Activation.pptxDocSplit Subsequent Implementation Activation.pptx
DocSplit Subsequent Implementation Activation.pptx
AmitTuteja9
 
Bangalore Call Girls 9079923931 With -Cuties' Hot Call Girls
Bangalore Call Girls 9079923931 With -Cuties' Hot Call GirlsBangalore Call Girls 9079923931 With -Cuties' Hot Call Girls
Bangalore Call Girls 9079923931 With -Cuties' Hot Call Girls
narwatsonia7
 
Decentralized Justice in Gaming and Esports
Decentralized Justice in Gaming and EsportsDecentralized Justice in Gaming and Esports
Decentralized Justice in Gaming and Esports
Federico Ast
 
Unlimited Short Call Girls Mumbai ✅ 9833363713 FULL CASH PAYMENT
Unlimited Short Call Girls Mumbai ✅ 9833363713 FULL CASH PAYMENTUnlimited Short Call Girls Mumbai ✅ 9833363713 FULL CASH PAYMENT
Unlimited Short Call Girls Mumbai ✅ 9833363713 FULL CASH PAYMENT
rajesh344555
 
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
dtagbe
 
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
APNIC
 
EASY TUTORIAL OF HOW TO USE CiCi AI BY: FEBLESS HERNANE
EASY TUTORIAL OF HOW TO USE CiCi AI BY: FEBLESS HERNANE EASY TUTORIAL OF HOW TO USE CiCi AI BY: FEBLESS HERNANE
EASY TUTORIAL OF HOW TO USE CiCi AI BY: FEBLESS HERNANE
Febless Hernane
 
10 Conversion Rate Optimization (CRO) Techniques to Boost Your Website’s Perf...
10 Conversion Rate Optimization (CRO) Techniques to Boost Your Website’s Perf...10 Conversion Rate Optimization (CRO) Techniques to Boost Your Website’s Perf...
10 Conversion Rate Optimization (CRO) Techniques to Boost Your Website’s Perf...
Web Inspire
 
Unlimited Short Call Girls Navi Mumbai ✅ 9967824496 FULL CASH PAYMENT
Unlimited Short Call Girls Navi Mumbai ✅ 9967824496 FULL CASH PAYMENTUnlimited Short Call Girls Navi Mumbai ✅ 9967824496 FULL CASH PAYMENT
Unlimited Short Call Girls Navi Mumbai ✅ 9967824496 FULL CASH PAYMENT
rajesh344555
 
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
APNIC
 
Bengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal BrandingBengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal Branding
Tarandeep Singh
 

Recently uploaded (15)

KubeCon & CloudNative Con 2024 Artificial Intelligent
KubeCon & CloudNative Con 2024 Artificial IntelligentKubeCon & CloudNative Con 2024 Artificial Intelligent
KubeCon & CloudNative Con 2024 Artificial Intelligent
 
Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT
Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. ITNetwork Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT
Network Security and Cyber Laws (Complete Notes) for B.Tech/BCA/BSc. IT
 
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
 
cyber crime.pptx..........................
cyber crime.pptx..........................cyber crime.pptx..........................
cyber crime.pptx..........................
 
DocSplit Subsequent Implementation Activation.pptx
DocSplit Subsequent Implementation Activation.pptxDocSplit Subsequent Implementation Activation.pptx
DocSplit Subsequent Implementation Activation.pptx
 
Bangalore Call Girls 9079923931 With -Cuties' Hot Call Girls
Bangalore Call Girls 9079923931 With -Cuties' Hot Call GirlsBangalore Call Girls 9079923931 With -Cuties' Hot Call Girls
Bangalore Call Girls 9079923931 With -Cuties' Hot Call Girls
 
Decentralized Justice in Gaming and Esports
Decentralized Justice in Gaming and EsportsDecentralized Justice in Gaming and Esports
Decentralized Justice in Gaming and Esports
 
Unlimited Short Call Girls Mumbai ✅ 9833363713 FULL CASH PAYMENT
Unlimited Short Call Girls Mumbai ✅ 9833363713 FULL CASH PAYMENTUnlimited Short Call Girls Mumbai ✅ 9833363713 FULL CASH PAYMENT
Unlimited Short Call Girls Mumbai ✅ 9833363713 FULL CASH PAYMENT
 
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
 
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
 
EASY TUTORIAL OF HOW TO USE CiCi AI BY: FEBLESS HERNANE
EASY TUTORIAL OF HOW TO USE CiCi AI BY: FEBLESS HERNANE EASY TUTORIAL OF HOW TO USE CiCi AI BY: FEBLESS HERNANE
EASY TUTORIAL OF HOW TO USE CiCi AI BY: FEBLESS HERNANE
 
10 Conversion Rate Optimization (CRO) Techniques to Boost Your Website’s Perf...
10 Conversion Rate Optimization (CRO) Techniques to Boost Your Website’s Perf...10 Conversion Rate Optimization (CRO) Techniques to Boost Your Website’s Perf...
10 Conversion Rate Optimization (CRO) Techniques to Boost Your Website’s Perf...
 
Unlimited Short Call Girls Navi Mumbai ✅ 9967824496 FULL CASH PAYMENT
Unlimited Short Call Girls Navi Mumbai ✅ 9967824496 FULL CASH PAYMENTUnlimited Short Call Girls Navi Mumbai ✅ 9967824496 FULL CASH PAYMENT
Unlimited Short Call Girls Navi Mumbai ✅ 9967824496 FULL CASH PAYMENT
 
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
 
Bengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal BrandingBengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal Branding
 

SNA_Pres2.ppt

  • 1. SNA, Step 2, 10/31 Survivable Network Analysis Oracle Financial Management Services Ali Ardalan Qianming “Michelle” Chen Yi Hu Jason Milletary Jian Song
  • 2. SNA, Step 2, 10/31 Overview  Essential User Capabilities  Summary of Essential Components  Firewall Type  Essential Components Diagram  Essential Scenarios  Essential Component Details  Next Steps
  • 3. SNA, Step 2, 10/31 Essential User Capabilities  Essential Capabilities performed by 300 dedicated users  Dedicated users must have access to financial service applications  Core Financial Applications  Application Desktop Integrator Applications  Feeder systems must integrate with financial applications  Primary actions performed by users are:  Billing, reporting & reconciliation of budgets and expenses
  • 4. SNA, Step 2, 10/31 Summary of Essential Components  Kerberos Domain Controller (authentication)  Acis.as.cmu.edu (public access points)  Mistral (db server)  Tandem (print & e-mail)  Chinook (backup server)
  • 5. SNA, Step 2, 10/31 Logical Proxy (Application Gateway) Firewall SCP HTTPS … Oracle Connection Mgr. Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SSH SMTP (e-mail) Tandem CAMPUS NETWORK PRIVATE NETWORK (External) (Internal) 1. Restricts traffic based upon packet content 2. Application specific
  • 6. SNA, Step 2, 10/31 Essential Components Diagram Kerberos SCP HTTPS … Oracle Connection Mgr. Kerberos Domain Contriller Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SSH SMTP (e-mail) Tandem O. DB HTTP … O. Listener Mistral (databse server) SQL Net O. Forms CITRIX FTP LPR (print) SSH SMTP (e-mail) O. DB HTTP … O. Listener Chinook (Backup) SQL Net O. Forms CITRIX FTP LPR (print) SSH SMTP (e-mail) CAMPUS NETWORK Cyert Computer Center 6555 Penn Ave FIBER
  • 7. SNA, Step 2, 10/31 Essential Components [1]  Acis.as.cmu.edu:  Cluster of Sun Sparc Servers  Public Access Points  Support services  Oracle Connection Manager  HTTP, Telnet, FTP, HTTPS(some Kerberos authenticated)  SCP (Secure Copy Protocol – unix)  SSH  Web DB, Big Brother (Monitoring software), …
  • 8. SNA, Step 2, 10/31 Essential Components [2]  Mistral: Database Server  Hosts main Oracle Server:  HTTP  Oracle Listeners, Names, Database  CITRIX Application Server  NFS(data sharing),  SMTP (e-mail)  LPR (printer) & Fs (other printer)  SQL net, FTP, SSH(file upload)…
  • 9. SNA, Step 2, 10/31 Essential Components [3]  Tandem  Print & E-mail gateway  No user accounts on this machine  Services provided:  SSH (Administrator Connections)  LPD (Printing)  SMTP (email)
  • 10. SNA, Step 2, 10/31 Essential Components [4]  Chinook  Disaster Recovery Machine: standby database  Located offsite at 6555 Penn Ave.  Test & Development machine  Mirroring of Development database every 5-minutes  Existing passive fiber link between campus and this location.  Exact Same HW & SW as Mistral
  • 11. SNA, Step 2, 10/31 Essential Scenarios – Budget Spreadsheet Kerberos SCP HTTPS Oracle Connection Mgr. Kerberos Domain Contriller Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SMTP (e-mail) Tandem O. DB HTTP O. Listener Mistral (Databse Server) O. Forms CITRIX CAMPUS NETWORK (out)
  • 12. SNA, Step 2, 10/31 Essential Scenarios – Feeder System Kerberos SCP HTTPS Oracle Connection Mgr. Kerberos Domain Contriller Acis.as. cmu.edu (Sun Sparc Cluster) LPR (print) SSH SMTP (e-mail) Tandem O. DB HTTP O. Listener Mistral (Database Server) O. Forms Secure Directory CAMPUS NETWORK LPR (print) SMTP (e-mail)
  • 13. SNA, Step 2, 10/31 Essential Components – DB Mirroring O. DB O. Mirroring Software Mistral (Database Server) Chinook (Backup) O. DB O. Mirroring Software Automatic mirroring of development database changes every 5-minutes
  • 14. SNA, Step 2, 10/31 Ongoing Steps  Client & Users  3rd client meeting to verify essential services and components  On-going interviews of Business Managers with and w/o feeder systems  Within Our Group  Development of potential intrusion detection scenarios & attacker profiles  Identify compromisable components  Physical visit to 6555 Penn Ave. Backup facility
  • 15. SNA, Step 2, 10/31 A potential security threat  Business Managers:  30+ business managers  SCS, MCS, CIT, etc…  Determine exactly who is able to obtain various forms of access to areas of the oracle financial system  For example, MCS:  College Manager  7 Business Managers  Provide access to 2-3 individuals (regular users)