ITM706 Lecture 10 – Security
Security
Security is recognized as essential to protect vital processes and the systems that
provide those processes
Security is not something you buy, it is something you do
What is Security?
Security is no longer just controlling the perimeter or layered
Transactions use all of the network, from DMZ to Database
ALL of the network and resident systems have to be secured
What Securing All of the Enterprise Really Means…
Firewalls, routers, applications, passwords
Intrusion detection – NIDS and HIDS
Proactive scanning, pen testing
System Configuration Monitoring – “Health Checking”
VoIP, Wireless, Embedded Systems
24x7 Monitoring
Analytical review and correlation
Policies, Procedures, Personnel
What is Effective Security?
Combination of appliances, software, alarms, and vulnerability scans working
together in a well-though out architecture
Extends to policies, procedures, and people
Monitored 24/7
Designed to support the security goals of the Enterprise
The Security Framework
An Effective Security Framework is:
o Monitored
o Managed
o Maintained
Benefits of a Security Framework
Provides Enterprise security that is:
o Consistent
o Constant
o Covers everything
Characteristics of Good Enterprise Security are:
Security
Security is recognized as essential to protect vital processes and the systems that
provide those processes
Security is not something you buy, it is something you do
What is Security?
Security is no longer just controlling the perimeter or layered
Transactions use all of the network, from DMZ to Database
ALL of the network and resident systems have to be secured
What Securing All of the Enterprise Really Means…
Firewalls, routers, applications, passwords
Intrusion detection – NIDS and HIDS
Proactive scanning, pen testing
System Configuration Monitoring – “Health Checking”
VoIP, Wireless, Embedded Systems
24x7 Monitoring
Analytical review and correlation
Policies, Procedures, Personnel
What is Effective Security?
Combination of appliances, software, alarms, and vulnerability scans working
together in a well-though out architecture
Extends to policies, procedures, and people
Monitored 24/7
Designed to support the security goals of the Enterprise
The Security Framework
An Effective Security Framework is:
o Monitored
o Managed
o Maintained
Benefits of a Security Framework
Provides Enterprise security that is:
o Consistent
o Constant
o Covers everything
Characteristics of Good Enterprise Security are:
