SlideShare a Scribd company logo

Business Productivity and Automated Security Controls

Download as PPTX, PDF
Heather Axworthy
Heather Axworthy
Education
1 of 20
Optimizing Business Productivity Through Automated Security Controls Heather Axworthy Network Security Engineer haxworthy@gmail.com 1 © 2010 Heather L. Axworthy
Bio Ten Years Experience In Networks And Security Secured Many Sensitive And Strategic Networks For Fortune 50 Companies Sr. Security Engineer Worked On Multiple IDS/IPS And Security Platforms Really Good Cook, Tried Flying A Helicopter, And Love To Hike Blog Http://Chickbits.Blogspot.Com Linkedin: Http://Www.Linkedin.Com/In/Heatheraxworthy Twitter: Haxworthy 2 © 2010 Heather L. Axworthy
Agenda 3 © 2010 Heather L. Axworthy
© 2010 Heather L. Axworthy 4 Response Detection Prevention Security Continuum IDS & Desktop People IPS
Security Continuum © 2010 Heather L. Axworthy 5
Security Assets © 2010 Heather L. Axworthy 6
© 2010 Heather L. Axworthy 7 Internet Traffic Composition of Threat Response
Composition of Threat Response:Computers, IT, and Users Security Involves Variable HumanInteraction Perimeter Security Block Malicious Traffic From Entering The Network. IPS Provides Active Blocking & Minimizes User Involvement, Reducing Response Urgency I.T. Employees Involved With Deployment And Maintenance Intrusion Detection (IDS) Alerts I.T. To Malicious Traffic But Does Not Prevent It From Penetrating The Network. IDS Requires Higher IT Employee Interaction To React To Alerts. Desktop Security Controls Involve The Highest Participation From Users. © 2010 Heather L. Axworthy 8
Single Security-Strategy Risks © 2010 Heather L. Axworthy 9
Single Security Strategy ,[object Object]
Different Security Methods Are Not Equal
Each Provides Different Levels Of Protection
If You Deploy One Technology, It’s Best To Have A Proactive Technology Like IPS At The Perimeter.
IPS Reduces The Amount Of Malicious Traffic That Gets To The End User
Employees See Less Alerts
More Time To Focus On The Business
Previous Chart Illustrates Risk Levels For Deploying Only One Security Technology.
For Example, Deploying Only Desktop Security Technologies Results In The Highest Risk Because The Threat Has Already Entered Your Network
User-centric Measures Are Inconsistent Because Users Do Not The Same Thing Every Time.© 2010 Heather L. Axworthy 10
Protection & Equipment Costs © 2010 Heather L. Axworthy 11

Recommended

02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。
02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。
02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。
eLearning Consortium 電子學習聯盟
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_
CMR WORLD TECH
 
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
eLearning Consortium 電子學習聯盟
 
Webinar Ivanti Neurons For Patch Intelligence
Webinar Ivanti Neurons For Patch IntelligenceWebinar Ivanti Neurons For Patch Intelligence
Webinar Ivanti Neurons For Patch Intelligence
Ivanti
 
2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation Slides2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation Slides
Ivanti
 
Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06
Source 44 Consulting
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny Heaberlin
Cloud Expo
 
Ivanti neurons - lunch and learn
Ivanti neurons - lunch and learnIvanti neurons - lunch and learn
Ivanti neurons - lunch and learn
Ivanti
 

Recommended

02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。
02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。
02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。
eLearning Consortium 電子學習聯盟
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_
CMR WORLD TECH
 
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
eLearning Consortium 電子學習聯盟
 
Webinar Ivanti Neurons For Patch Intelligence
Webinar Ivanti Neurons For Patch IntelligenceWebinar Ivanti Neurons For Patch Intelligence
Webinar Ivanti Neurons For Patch Intelligence
Ivanti
 
2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation Slides2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation Slides
Ivanti
 
Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06
Source 44 Consulting
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny Heaberlin
Cloud Expo
 
Ivanti neurons - lunch and learn
Ivanti neurons - lunch and learnIvanti neurons - lunch and learn
Ivanti neurons - lunch and learn
Ivanti
 
Infographic: Mobile is growing and so are security threats
Infographic: Mobile is growing and so are security threatsInfographic: Mobile is growing and so are security threats
Infographic: Mobile is growing and so are security threats
IBM Security
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
centralohioissa
 
Virtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsVirtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - Netherlands
Ivanti
 
Infographic network protection security
Infographic network protection securityInfographic network protection security
Infographic network protection security
IBM Security
 
A Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioA Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti Porfolio
Ivanti
 
GBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headachesGBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headaches
Kristin Helgeson
 
Ivanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye Breach
Ivanti
 
Partner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityPartner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 security
Zymbian
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
Symantec
 
Insights into your IT Service Management - Middle East
Insights into your IT Service Management - Middle EastInsights into your IT Service Management - Middle East
Insights into your IT Service Management - Middle East
Ivanti
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsHow to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-Tools
Enterprise Management Associates
 
Gettozero stealth industrial
Gettozero stealth industrialGettozero stealth industrial
Gettozero stealth industrial
Sherid444
 
Cyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th JulyCyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th July
Firoze Hussain
 
Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011
Tony Richardson CISSP
 
Secure Your Business 2009
Secure Your Business 2009Secure Your Business 2009
Secure Your Business 2009
RCioffi
 
5 Steps to Successful BYOD Implementation
5 Steps to Successful BYOD Implementation5 Steps to Successful BYOD Implementation
5 Steps to Successful BYOD Implementation
JumpCloud
 
To Cloud or Not To Cloud
To Cloud or Not To CloudTo Cloud or Not To Cloud
To Cloud or Not To Cloud
Michael Yung
 
Protect Against 85% of Cyberattacks
Protect Against 85% of CyberattacksProtect Against 85% of Cyberattacks
Protect Against 85% of Cyberattacks
Ivanti
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
International Federation of Accountants
 
INTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONSINTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONS
Ivanti
 
Customized premiums-and-promotions
Customized premiums-and-promotionsCustomized premiums-and-promotions
Customized premiums-and-promotions
Customized Premiums And Promotions
 
Cennik pefra
Cennik pefraCennik pefra
Cennik pefra
coolweb
 

More Related Content

What's hot

Virtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsVirtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - Netherlands
Ivanti
 
GBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headachesGBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headaches
Kristin Helgeson
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsHow to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-Tools
Enterprise Management Associates
 
Gettozero stealth industrial
Gettozero stealth industrialGettozero stealth industrial
Gettozero stealth industrial
Sherid444
 
Secure Your Business 2009
Secure Your Business 2009Secure Your Business 2009
Secure Your Business 2009
RCioffi
 

What's hot (20)

Infographic: Mobile is growing and so are security threats
Infographic: Mobile is growing and so are security threatsInfographic: Mobile is growing and so are security threats
Infographic: Mobile is growing and so are security threats
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
 
Virtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsVirtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - Netherlands
 
Infographic network protection security
Infographic network protection securityInfographic network protection security
Infographic network protection security
 
A Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioA Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti Porfolio
 
GBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headachesGBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headaches
 
Ivanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye Breach
 
Partner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityPartner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 security
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Insights into your IT Service Management - Middle East
Insights into your IT Service Management - Middle EastInsights into your IT Service Management - Middle East
Insights into your IT Service Management - Middle East
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsHow to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-Tools
 
Gettozero stealth industrial
Gettozero stealth industrialGettozero stealth industrial
Gettozero stealth industrial
 
Cyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th JulyCyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th July
 
Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011
 
Secure Your Business 2009
Secure Your Business 2009Secure Your Business 2009
Secure Your Business 2009
 
5 Steps to Successful BYOD Implementation
5 Steps to Successful BYOD Implementation5 Steps to Successful BYOD Implementation
5 Steps to Successful BYOD Implementation
 
To Cloud or Not To Cloud
To Cloud or Not To CloudTo Cloud or Not To Cloud
To Cloud or Not To Cloud
 
Protect Against 85% of Cyberattacks
Protect Against 85% of CyberattacksProtect Against 85% of Cyberattacks
Protect Against 85% of Cyberattacks
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
 
INTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONSINTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONS
 

Viewers also liked

Cennik pefra
Cennik pefraCennik pefra
Cennik pefra
coolweb
 
Patrick Timony's Access for All talk at Socical Justice Camp DC
Patrick Timony's Access for All talk at Socical Justice Camp DCPatrick Timony's Access for All talk at Socical Justice Camp DC
Patrick Timony's Access for All talk at Socical Justice Camp DC
SocJustCampDC
 
Cennik pefra
Cennik pefraCennik pefra
Cennik pefra
coolweb
 
Delta i 2012_calosc_web-small
Delta i 2012_calosc_web-smallDelta i 2012_calosc_web-small
Delta i 2012_calosc_web-small
coolweb
 

Viewers also liked (8)

Customized premiums-and-promotions
Customized premiums-and-promotionsCustomized premiums-and-promotions
Customized premiums-and-promotions
 
Cennik pefra
Cennik pefraCennik pefra
Cennik pefra
 
Cloud Security Overview
Cloud Security OverviewCloud Security Overview
Cloud Security Overview
 
Patrick Timony's Access for All talk at Socical Justice Camp DC
Patrick Timony's Access for All talk at Socical Justice Camp DCPatrick Timony's Access for All talk at Socical Justice Camp DC
Patrick Timony's Access for All talk at Socical Justice Camp DC
 
Cennik pefra
Cennik pefraCennik pefra
Cennik pefra
 
03 Erik Sheptock
03 Erik Sheptock03 Erik Sheptock
03 Erik Sheptock
 
Delta i 2012_calosc_web-small
Delta i 2012_calosc_web-smallDelta i 2012_calosc_web-small
Delta i 2012_calosc_web-small
 
Butterfly valve & Pneumatic Actuator (english)
Butterfly valve & Pneumatic Actuator (english)Butterfly valve & Pneumatic Actuator (english)
Butterfly valve & Pneumatic Actuator (english)
 

Similar to Business Productivity and Automated Security Controls

Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
Amazon Web Services
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
SecPod Technologies
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
Lancope, Inc.
 
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Kevin Fealey
 
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFETECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
James Wier
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
bartholomeocoombs
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
annette228280
 

Similar to Business Productivity and Automated Security Controls (20)

IPS Best Practices
IPS Best PracticesIPS Best Practices
IPS Best Practices
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
 
IRJET- A Review on Intrusion Detection System
IRJET- A Review on Intrusion Detection SystemIRJET- A Review on Intrusion Detection System
IRJET- A Review on Intrusion Detection System
 
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
 
IoT Design Principles
IoT Design PrinciplesIoT Design Principles
IoT Design Principles
 
[RakutenTechConf2013] [A-0] Security Meets Analytics
[RakutenTechConf2013] [A-0] Security Meets Analytics[RakutenTechConf2013] [A-0] Security Meets Analytics
[RakutenTechConf2013] [A-0] Security Meets Analytics
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planet
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
 
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFETECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of things
 
Integrated Intrusion Detection Services for z/OS Communications Server
Integrated Intrusion Detection Services for z/OS Communications Server Integrated Intrusion Detection Services for z/OS Communications Server
Integrated Intrusion Detection Services for z/OS Communications Server
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
 
InstaSafe Zero Trust Access - Key Features and Benefits
InstaSafe Zero Trust Access - Key Features and BenefitsInstaSafe Zero Trust Access - Key Features and Benefits
InstaSafe Zero Trust Access - Key Features and Benefits
 
Cyber Security.pptx
Cyber Security.pptxCyber Security.pptx
Cyber Security.pptx
 
Securing the digital economy
Securing the digital economySecuring the digital economy
Securing the digital economy
 

Recently uploaded

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 

Recently uploaded (20)

SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdfUGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
UGC NET Paper 1 Mathematical Reasoning & Aptitude.pdf
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 

Business Productivity and Automated Security Controls

  • 1. Optimizing Business Productivity Through Automated Security Controls Heather Axworthy Network Security Engineer haxworthy@gmail.com 1 © 2010 Heather L. Axworthy
  • 2. Bio Ten Years Experience In Networks And Security Secured Many Sensitive And Strategic Networks For Fortune 50 Companies Sr. Security Engineer Worked On Multiple IDS/IPS And Security Platforms Really Good Cook, Tried Flying A Helicopter, And Love To Hike Blog Http://Chickbits.Blogspot.Com Linkedin: Http://Www.Linkedin.Com/In/Heatheraxworthy Twitter: Haxworthy 2 © 2010 Heather L. Axworthy
  • 3. Agenda 3 © 2010 Heather L. Axworthy
  • 4. © 2010 Heather L. Axworthy 4 Response Detection Prevention Security Continuum IDS & Desktop People IPS
  • 5. Security Continuum © 2010 Heather L. Axworthy 5
  • 6. Security Assets © 2010 Heather L. Axworthy 6
  • 7. © 2010 Heather L. Axworthy 7 Internet Traffic Composition of Threat Response
  • 8. Composition of Threat Response:Computers, IT, and Users Security Involves Variable HumanInteraction Perimeter Security Block Malicious Traffic From Entering The Network. IPS Provides Active Blocking & Minimizes User Involvement, Reducing Response Urgency I.T. Employees Involved With Deployment And Maintenance Intrusion Detection (IDS) Alerts I.T. To Malicious Traffic But Does Not Prevent It From Penetrating The Network. IDS Requires Higher IT Employee Interaction To React To Alerts. Desktop Security Controls Involve The Highest Participation From Users. © 2010 Heather L. Axworthy 8
  • 9. Single Security-Strategy Risks © 2010 Heather L. Axworthy 9
  • 10.
  • 12. Each Provides Different Levels Of Protection
  • 13. If You Deploy One Technology, It’s Best To Have A Proactive Technology Like IPS At The Perimeter.
  • 14. IPS Reduces The Amount Of Malicious Traffic That Gets To The End User
  • 16. More Time To Focus On The Business
  • 17. Previous Chart Illustrates Risk Levels For Deploying Only One Security Technology.
  • 18. For Example, Deploying Only Desktop Security Technologies Results In The Highest Risk Because The Threat Has Already Entered Your Network
  • 19. User-centric Measures Are Inconsistent Because Users Do Not The Same Thing Every Time.© 2010 Heather L. Axworthy 10
  • 20. Protection & Equipment Costs © 2010 Heather L. Axworthy 11
  • 21. Protection & Equipment Costs IPS Technologies Are Proactive Higher Initial Cost Higher Level Of Protection IDS Technologies Are Reactive Lower Initial Cost Many Tools Are Open Source Majority Of The Cost Is Hardware. Protection Level Is Lower: IDS Only Alerts I.T. To Malicious Traffic And I.T. Must Spend Large Amounts Of Time Investigating, Which Can Incur Extra Costs For Additional Response Training. Desktop Security Is Reactive Quantity Of Desktops Drive Costs. Relatively Inexpensive SW User-training Costs Must Be Considered © 2010 Heather L. Axworthy 12
  • 22. Deployment Considerations © 2010 Heather L. Axworthy 13 criteria partial
  • 23. Recommendation To Your Clients IPS….IDS….Desktop SW….Security Awareness Training….Log Management & Monitoring ???? © 2010 Heather L. Axworthy 14 Keep The Threats Out!
  • 24. What is IPS? IPS = Intrusion Prevention System/Service. Designed To Be Deployed Inline. Proactive Approach To Traffic Monitoring. Preventing The Attack Packet From Penetrating Your Network. 15 © 2010 Heather L. Axworthy
  • 25. Architecture Capacity Planning – Biggest Mistake Purchasing Hardware That Is Too “Small” For Your Network. Look At The Traffic Load Of The Segments You Want To Monitor. If The Segments (vlans) You Want To Monitor Register Bandwidth In Excess Of 100MB Each, A Small 400MB Device Is Not Large Enough. Most Devices Have A Maximum Throughput Which Is Often An Aggregate Of All Interfaces On The Device. 16 © 2010 Heather L. Axworthy
  • 26. Deployment 17 © 2010 Heather L. Axworthy
  • 27. Event Monitoring/Tuning My Device Is In Place, What Do I Do Next? Tuning – The Time Period When You Look At Your Events And Weed Out Any False Positives And Modify Signatures. Best Practice Is At Least 30 Days Of Looking At Traffic On A Daily Basis. This Will Enable You To Filter Out Signatures That Are “Noisy” And See Events That Show Valid Attacks. Once Tuning Period Is Over, Put The Device Into Block “IPS” Mode. 18 © 2010 Heather L. Axworthy
  • 28. Ensuring Success Company Buy-in, From Top Executive Management To End User. IPS Will Make “Us” More Secure. Staffing Levels – Proper Staffing Must Be In Place To Support The IPS Device(s) And The Monitoring Of Events On A Daily Basis. If The IPS Device Stops One Botnet Outbreak, Or A SQL Injection Attack, It Has Paid For Itself! 19 © 2010 Heather L. Axworthy
  • 29. Q & A Heather Axworthy Network Security Engineer haxworthy@gmail.com 20 © 2010 Heather L. Axworthy

Editor's Notes

  1. IPS is short for Intrusion Prevention, when the specific traffic matches a signature, the device “drops” the traffic immediately and creates an event with details on the traffic. Designed to be deployed inline. IPS takes a proactive approach to traffic monitoring.
  2. capacity planning – buy the right device – Do your homework: Look at the traffic load of the segments you want to monitor. Every model has a threshold level. If the vlan you want to monitor registers bandwidth in excess of 100MB, and you may want to monitor additional vlan’s, a 400MB limit box will not work for you. Don’t expect to buy just one box. If you have remote sites or several internal vlan’s, you will need additional units. Buy a large enough unit that can be deployed at the perimeter in between the firewall and DMZ/Internal networks. Buy smaller units for remote sites and smaller segments.There are several out there on the market today. ISS, TippingPoint, Cisco, Sourcefire Choose the vendor that has the best reputation for good, sound security intelligence.
  3. You will probably need more than one device, at least one at the perimeter, and possibly a few smaller throughput devices. All IPS devices have two modes, block aka “IPS” mode, and non-block aka “IDS” mode. When you first deploy your device, it is in non-block mode, you then spend a period of time tuning out any false positives. After that period is complete, then put your device into blocking mode. “IPS” mode should always be your primary end goal!
  4. Now that my device is in place in non-block mode, what do I do?take a period of at least 30 days and look at the events being generated by the device on a daily basis. This time period is known as the “tuning phase”, this time is when you make adjustments to the signatures on the device. You are filtering out the false positives, so you can look at the events that are showing valid attacks.