Скачать презентацию Nagios Providing Value Throughout the Organization JARED BIRD Скачать презентацию Nagios Providing Value Throughout the Organization JARED BIRD

8ff192b08b815d0ce935d830d12125e7.ppt

  • Количество слайдов: 22

Nagios: Providing Value Throughout the Organization JARED BIRD JAREDBIRD@GMAIL. COM TWITTER: @JAREDBIRD Nagios: Providing Value Throughout the Organization JARED BIRD [email protected] COM TWITTER: @JAREDBIRD

Introduction Who is Jared Bird? Introduction Who is Jared Bird?

Nagios Nagios

Providing Value Provide knowledge Assist other departments Strengthen inter-department relationships Achieve company wide goals Providing Value Provide knowledge Assist other departments Strengthen inter-department relationships Achieve company wide goals Reduce costs

Understanding What are the goals of the other departments? Understanding What are the goals of the other departments?

Infrastructure Network, Server, and Desktop Teams Concerns include: Availability Capacity Utilization Functioning Properly Infrastructure Network, Server, and Desktop Teams Concerns include: Availability Capacity Utilization Functioning Properly

Security Prevent data theft Deter identity theft Avoid legal issues Protect brand “CIA Triad” Security Prevent data theft Deter identity theft Avoid legal issues Protect brand “CIA Triad” Confidentiality Integrity Availability

Threats Default configurations Website defacement Missing patches DNS redirection Unauthorized use Many, many more Threats Default configurations Website defacement Missing patches DNS redirection Unauthorized use Many, many more

Default Configurations Default passwords blank sa account Once password is set, monitor with new Default Configurations Default passwords blank sa account Once password is set, monitor with new credentials XI Auto-discovery check for insecure protocols Scheduled scans and output to Nagios

Website Monitor for defacement check_http –H www. yoursite. com –s “sekret” Checks for “sekret” Website Monitor for defacement check_http –H www. yoursite. com –s “sekret” Checks for “sekret” string Check certificate check_http –H www. mysite. com –C 21 Checks certificate for 21 days of validity

Software Installed Check url for content (version) Ex: http: //www. adobe. com/software/flash/about/ Check for Software Installed Check url for content (version) Ex: http: //www. adobe. com/software/flash/about/ Check for string “ 11. 4. 102. 265”

DNS Have DNS entries changed? DNS hijacked High Impact DNS Have DNS entries changed? DNS hijacked High Impact

Unauthorized Use LDAP check for account creation Syslog output from infrastructure SNMP Alerts Unauthorized Use LDAP check for account creation Syslog output from infrastructure SNMP Alerts

Audit & Compliance PCI SOX HIPPA Almost every regulation* * Note: Speaker will not Audit & Compliance PCI SOX HIPPA Almost every regulation* * Note: Speaker will not be held responsible if Nagios does not help achieve compliance with a specific regulation

PCI DSS Any organization that processes, stores, or transmits credit card data Requirements 12 PCI DSS Any organization that processes, stores, or transmits credit card data Requirements 12 overall requirements 287 individual requirements

PCI Reqs 1&2: Build and Maintain a Secure Network Auto-discovery to look for services PCI Reqs 1&2: Build and Maintain a Secure Network Auto-discovery to look for services Checks to verify that vendor defaults have been changed Reqs 3&4: Protect Cardholder Data Scan for insecure protocols Check for expiration of SSL certificates Reqs 5&6: Maintain a Vulnerability Management Program Check the anti-virus process to ensure it is running

PCI Reqs 7, 8, & 9: Implement Strong Access Control Measures LDAP checks to PCI Reqs 7, 8, & 9: Implement Strong Access Control Measures LDAP checks to ensure LDAP server is functioning Web Transaction Monitoring can be used to check two factor Reqs 10&11: Regularly Monitor and Test Networks Check NTP Event logs from servers Req 12: Maintain an Information Security Program Use device listings as well as contact info (incident response plan)

SOX Sarbanes-Oxley or Public Company Accounting Reform and Investors Protection Act Section 404: Assessment SOX Sarbanes-Oxley or Public Company Accounting Reform and Investors Protection Act Section 404: Assessment of internal control Nagios can help management show that controls for assuring the integrity of the financial reports are effective.

HIPAA Headlines HIPAA Headlines

HIPAA Technical Safeguards: Access Control Audit Control Integrity Controls Transmission Security HIPAA Technical Safeguards: Access Control Audit Control Integrity Controls Transmission Security

Questions? Jared Bird jaredbird@gmail. com Twitter: @jaredbird Thank You Questions? Jared Bird [email protected] com Twitter: @jaredbird Thank You