Upload
nichelle-brown
View
16
Download
0
Embed Size (px)
DESCRIPTION
Security Layers - General. There are at least three levels: MIT firewalls Penetration testing, Tripwire, packet monitoring, etc. Broad New Cisco firewalls Route to host servers Explicit Allows only Wireless access goes out to MIT firewall Open jack goes to Broad firewall - PowerPoint PPT Presentation
Citation preview
Security Layers - General
• There are at least three levels:– MIT firewalls
• Penetration testing, Tripwire, packet monitoring, etc.
– Broad• New Cisco firewalls• Route to host servers
– Explicit Allows only
• Wireless access goes out to MIT firewall• Open jack goes to Broad firewall
– CARE Center application itself
Internet“Cloud”
MIT
The Broad InstituteMITThe World
Firewalls
CiscoASA 5540
CiscoASA 5540
Core Router
RadiusDB
Used for authentication forVPN access
Host A
Host B
…
Access Rules for Subnets:Explicit allows, e.g., allow host on LIMS to talk to host on server
Must be in the list to permit access
Allow Rules:Explicit allows – http = 80 -> hostSsh = 22 -> hosthttps = 443 (SSL)
Wireless
Open jackUnregistered 10.10 domain
On LIMS
Host on server
Security Layers - Application
• Genetic Analysis Platform application security:– Role-based security– Passwords that expire– Audit trails track user activity
• Detailed information available in NIH Application/System Security Plan for CARE Center