Taking a holistic view of your security profile is critical to success. Grouping together security best practices and technologies into six primary layers, where each layer overlaps with the others, provides multiple lines of defense. Should one security layer be compromised, there’s a good chance that another layer will thwart a would-be intruder.
In part-2 of our 6-part webinar series on the essential layers of IBM i security we discuss intrusion prevention and detection technologies, grouping and protecting related resources within network segments and network traffic encryption.
Essential Layers of IBM i Security Series – Network Security
1. Layers of Security
Network Security
Amy O’Connor – Chief Data and Information Officer
Bill Hammond – Sr, Product Marketing Manager
2. Housekeeping
Webinar Audio
• Today’s webcast audio is streamed through your computer
speakers
• If you need technical assistance with the web interface or audio,
please reach out to us using the Q&A box
Questions Welcome
• Submit your questions at any time during the presentation using
the Q&A box
Recording and slides
• This webinar is being recorded. You will receive an email following
the webinar with a link to the recording and slides
3. Today’s Agenda
• Layers of Security Overview
• Network Security
• Inside the Firewall
• Endpoint networks
• Internet and Cloud
• Threat prevention
• Q & A
3
5. Network Security
The networks to which an IBM i
is connected must be carefully
secured, and if any of these
networks are connected to the
internet, extra vigilance is
required as internet-connected
networks often see thousands
of access attempts each day
by bots, sniffers, and hackers.
5
8. Inside the Firewall
8
Protect the assets inside your offices and data centers
• Stay up-to-date on security patches
• Segment your network
• Careful use of DMZs
• Even internet network traffic should be encrypted
IBM i Implications:
• Stay current with IBM PTF packages
• Don’t forget insider threats
• Proper IBM i configuration
10. End Point Networks
10
Your corporate network extends across multiple geographies,
all the way into the employee home networks and to the edge
devices
• Protect your critical servers and applications
• Virtual Private Network (VPN) access into your internal networks
• Desktop Virtualization further protects those assets
• Extend monitoring to the employee laptop and mobile devices
• Limit consumer-grade IoT connections
IBM i Implications:
• Consider remote users accessing IBM i resources
• What devices are being used to access IBM i
12. IBM i Implications:
• IBM i in the Cloud
• Encrypt sensitive data in motion
• Consider web server and client/server applications
Internet and Cloud
12
Majority of businesses today utilize Cloud-based services and
many leverage the Internet as the corporate backbone
• All traffic over public networks must be encrypted
• Leverage secure web service protocols
• Invest in Virtual Private Clouds to protect your data
• Know your vendors
14. Threat Prevention
14
Secure access to and continuously monitor your network
• Start with strong inventory of all network-connected devices
• Map access management to business need, leverage SSO
• Strong authentication including MFA
• Keep on top of security vulnerabilities with continuous
scanning and patching
• Baseline good network behavior and track anomalies
• Maintain and practice your Incident Response Plan
IBM i Implications:
• IBM i is a high-value target
• Transaction, customer and financial data
15. Top Takeaways
• The corporate network today is global, uses the Internet
as its backbone and includes cloud-based services
• Strong security practices are needed to understand and
provide the appropriate access to end points
• It’s no longer just about the firewall
The Network is the Computer
15
17. Download the White Paper
The six layers of IBM i security and how
Precisely can help
17
https://www.precisely.com/resource-center/whitepapers/the-essential-
layers-of-ibm-i-security
18. Layers of Security Webinar Series
18
July 15, 2020 July 29, 2020 August 12, 2020 August 26, 2020 September 9, 2020 September 23, 2020
Register here