QTS: VPN Conclusion

1.
Fundamentals of Internet Security
VPN Conclusion
Presented by Neil A. Rosenberg
President & CEO
Quality Technology Solutions, Inc.

2. What is Computer Security?
Intrusion Detection/Response?
Confidentiality Protection & Encryption?
Single Sign-On?
Network & Firewall Configuration?
Training & Awareness?
Secure Email?
Virus Protection?
Access Control?
Electronic Records Management?
eBusiness?
Remote Access?
Virtual Private Networks?
Certificate Management?
Identification & Authentication?
Packet Filters?
Vulnerability Reduction?
Disaster Recovery?
Denial of Service Attacks?
Risk Assessment?
Quality of Service?
Network Directory Service?
Audits/Reviews?
Policy-Based Management?
Secure Messaging and Collaboration?
Authentication & Digital Identity

3. Network IDS Content Management MultiFactor Authentication Single Sign-On Penetration & Attack Testing Security Audit Desktop IDS Host IDS Directory & LDAP Malicious Code Antivirus Security Policy FIREWALL VPN Strong Authentication Digital Certificates

4. Security is a Complete System, not a product Requires objectives and clear focus

5. Firewall
Control inbound and outbound access
Log traffic
Deter and block attacks
Generate alarms

6. Intrusion Detection
Hackers
Crackers
Denial of Service, DDOS attacks
Protection versus Internal & External Attacks and Threats

7. VPN
Authentication
Encryption
Client to Site
Site to Site
Extranet

8. Authentication & Identity
Passwords
Tokens
Biometrics & Multifactor Authentication
Digital Certificates
SSL
Directories & LDAP
Single Sign-On

9. Bandwidth Management
Control prioritization of data through the pipe
Assess needs for additional bandwidth
Track and Enforce SLAs

10. Content Management
Viruses
Vandals (Java, ActiveX)
Worms
Trojan Horses
Scripts

11. VPN & Authentication Best Practices

12. Define Business Objectives
Define Remote Access Needs specifically
Define key applications and data access
Define Goals cost reduction? user empowerment?

13. Management
Get buy-in on objectives
Get input on security versus access trade-off, in advance on a scale of 1-10, with 1 being most access, least secure, and 10 being minimal access, most secure, where should we be?
Develop & get sign-off on security policy

14. Keep It Simple
Centralize Management
Integrate Directories & Authentication Leverage Your Directory!
Seamless User Experience
Minimize client side deployment of software (intrusiveness, licensing fees)

15. Leverage the Directory!
LDAP
RADIUS
Manage one set of passwords please!

16. Client Side Setup
Use Personal Firewall to defend at all vulnerability points, and lock down if not
Standardize client install process (cookbook) and deploy with CD/diskettes with all required files (or from web server)
Schedule Installation Appointments to proactively manage client PC setup issues

17. General Issues
Ensure private addresses are non-conflicting
Control synchronization (Domain, etc.) and similar traffic over low bandwidth lines
Implement bandwidth management
Dont span the WAN design similarly
Centralize Management of VPN, remote resources
Use NFuse and RSA ACE Server for browser based authentication & access from non-VPN (Internet terminals)

18. Authentication
Define and enforce password rules and changes
Implement single sign-on solution to minimize passwords users need to track each one is a vulnerability
Implement Strong Authentication (token, certificate, smart card, biometrics) or Graded, Multifactor Authentication

19. Web Server Security
Lock Down IIS numerous TIDs, or have us audit
Use SSL to encrypt
If eCommerce, purchase Digital Certificates from a trusted CA
Only open necessary comm ports from web server(s) back to the internal network

20. Secure Network Design

21. Best Practice Network Security Implementation
Strong authentication for all users not weak passwords!
Multi-layer security perimeters to restrict access
Intrusion Detection to analyze traffic in critical areas
VPNs to cost-effectively extend connectivity and ensure data privacy
Periodic network risk assessments
On-going policy development and training
Antivirus solution and strong email security & policy

22. Next Steps
Do you have an information security plan for your business?
Has that plan been communicated, implemented and tested?
Do you have professional staff capable of managing and monitoring security?
Do you need outside help?

23. For More Information
www.QTSnet.com/security
www.checkpoint.com
Xforce.iss.net
www.microsoft.com/security
www.novell.com/info/security
securityfocus.com
www.cert.org
www.sans.org
www.securityportal.com
razor.bindview.com

24. Upcoming Events
Tuesday, Oct 23 rd MetaFrame XP
Thursday, Nov 15 th Fundamentals of Internet Security Part III Bandwidth Management and Content Management (with Aladdin)
Tuesday, November 20 th Introduction to PKI and Digital Certificates (with RSA)

25. Questions & Answers Neil Rosenberg Quality Technology Solutions, Inc. 76 South Orange Avenue South Orange, NJ 07079 (973)761-5400 x230 Fax (973)761-1881 [email_address] www.QTSnet.com

QTS: VPN Conclusion

Text of QTS: VPN Conclusion

PSC G.S. QTS 18 [email protected] Page 1 QTS 18 G.S .pdf · PDF file PSC G.S. QTS 18 [email protected] Page 3

AND POLLUTION PREVENTION OCT 399 Interpace Parkway · PDF file 03-10-2011 · OZ ( QTS. 8 OZ.) 2.12 L 1.31 GAL. (5.25 QTS.) 4.96 L 1 GAL. (4 QTS.) 3.78 L 1.5 GAL. (6 QTS.) 5.67 L

Apresenta§£o do Novo QTS 4.2

Assessment Only Route for Qualified Teacher Status (QTS) · PDF file 02/01/2017 · Assessment Only Route for Qualified Teacher Status (QTS) PLEASE NOTE, WE ONLY OFFER PRIMARY QTS

PSC G.S. QTS 21 [email protected] Page 1 QTS 21 G.S .pdf PSC G.S. QTS 21 [email protected] Page 2

Coromant Capto Machine Adapted Clamping Units 200 turret QTS 200M turret 1)For QTS 200 machines only. 2)For QTS 200M machines only. * Internal and external coolant supply - Do not

QTS-CLX-PVX User Manual PROVOX Module - ProSoft .QTS-CLX-PVX User Manual ... Diagnostic Data 25 USING

ncfm derivatve qts

JOURNEY TO QTS

ABAP Real Qts

Gain Qualified Teacher Status (QTS)

QTS Information David Wright

OPERATOR MANUAL OM- ... Kettle Capacity 20 qts. 18.8 liters 40 qts. 37.6 liters Jacket Capacity 7 qts. 6.6 liters 9 qts. 8.5 liters Diameter 14” 36 cm 16-1/2” 42 cm Depth 11”

50 qts …‚§¨„© ¹…„ planning

QTS User Manual Home Eng 4.0

QTS Gateway

QTS System - files.qnap. · PDF file QTS System A sneak peek into the high performance NAS operating system . QTS Kernel Introduction Kernel History of QTS The QTS Major Features of

PartnerNet · PDF file the QTS Decal & Certificate” 11 . 1. QTS Decals & Certificates Step 2 Fill out and submit the QTS Decals & Certificates Request form Step 3 QTS Secretariat

QTS Trade Information: Lauren Mcdonald

QTS Overview_newest

QNAP QTS 4.0 Bali.ppt

QNAP QTS 4.4.1 User QNAP QTS 4.4.1 User Guide ... Proxy.....221

QT and QTS Series Compressors - Air .QT/QTS Series Quincy Compressor 50161-108, January 2013 2 3501

Qts Professional Standards 2008

· PDF file 2018-11-12 · (qtS

QTS Presentation

QTS Literacy Skills Test Support - Lit support/QTS Literacy Skills Test... Boost Your Grammar

QTS 4 Utilities - files.qnap. QTS supporta Windows SMB, Mac AFP e i protocolli Linux NFS per

Brant Radiant Heaters, Ltd. QTS .1.0 Introduction 2 QTS Series 3 Overview The intent of this manual

Encrypting Wireless Data with VPN Techniques. Topics Objectives VPN Overview Common VPN Protocols Conclusion