Скачать презентацию Securely Audit and Monitor Net Ware and Novell Скачать презентацию Securely Audit and Monitor Net Ware and Novell

e2883711b650c73b535313b6c24f98b3.ppt

  • Количество слайдов: 43

Securely Audit and Monitor Net. Ware® and Novell ™ with Blue Lance e. Directory Securely Audit and Monitor Net. Ware® and Novell ™ with Blue Lance e. Directory www. novell. com Jeff Christensen Product Manager Novell, Inc. jrchristensen@novell. com Peter Thomas Chief Technology Officer Blue Lance, Inc. pthomas@bluelance. com

Vision…one Net A world where networks of all types—corporate and public, intranets, extranets, and Vision…one Net A world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries Mission To solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world

Who Is Blue Lance? • A leader in protection of computer-managed assets since 1985 Who Is Blue Lance? • A leader in protection of computer-managed assets since 1985 • Pioneers of asset-monitoring technology • Audit trails with real-time alerting • Focus inside the firewall 4 Monitor and report on activities of privileged and trusted users

Why Monitor? “ 70% of all computer-related theft happens inside the firewall” Source: Information Why Monitor? “ 70% of all computer-related theft happens inside the firewall” Source: Information Security Magazine, 2000 A survey five hundred corporations had 75% of computer-related theft happened inside the firewall Source: CSI/FBI 2001 Study 90% of all security violations were attributed to insiders Source: Exodus Communications, 2000

Survey of Net. Ware® Users • “Do you use auditing to troubleshoot your network? Survey of Net. Ware® Users • “Do you use auditing to troubleshoot your network? ” YES: 73% • “Is an auditing tool required in your organization? ” YES: 18% • “Is auditing used on a full-time basis? ” YES: 4% Source: Novell, February 2002

Auditing • Compliance 4 Banking and finance: FDIC, OCC Regulations, GLB 4 Government: C Auditing • Compliance 4 Banking and finance: FDIC, OCC Regulations, GLB 4 Government: C 2 or common criteria 4 Healthcare: HIPAA • Other issues 4 For legal liability and protection of assets 4 Troubleshooting the network 4 Provides a detailed analysis of activity

Spending to Secure Assets Rising Security Software Purchases ($ millions) Source: Gartner, Inc. Spending to Secure Assets Rising Security Software Purchases ($ millions) Source: Gartner, Inc.

What’s Next for You? Perimeter/network sec. Biometrics e. Commerce security Smart cards Assessment Audit What’s Next for You? Perimeter/network sec. Biometrics e. Commerce security Smart cards Assessment Audit Firewalls Hardware lockdown Intrusion detection Cryptographic tools Encryption Password security Wireless security E-mail security Database security Penetration testing Vulnerability assessment Authentication Web access ctrl Physical access ctrl OS/app hardening Secure ID/password Software/servers PKI/cert. handling Non-firewall access ctrl VPNs Access control Network security appliances Forensics Log analysis

Where Is Your Protection Weakest? Perimeter/network sec. Biometrics e. Commerce security Smart cards Assessment Where Is Your Protection Weakest? Perimeter/network sec. Biometrics e. Commerce security Smart cards Assessment Audit Firewalls Hardware lockdown Intrusion detection Cryptographic tools Encryption Password security Wireless security E-mail security Database security Penetration testing Vulnerability assessment Authentication Web access ctrl Physical access ctrl OS/app hardening Secure ID/password Software/servers PKI/cert. handling Non-firewall access ctrl VPNs Access control Network security appliances Pre-event Forensics Log analysis Post-event

How Do You Protect Yourself? How Do You Protect Yourself?

With LT Auditor+ • Windows-based audit trail security software solution 4 The gold standard With LT Auditor+ • Windows-based audit trail security software solution 4 The gold standard in monitoring • Designed to protect organizational assets accessible through Novell networks • Provides around-the-clock monitoring of network activity across the enterprise

Corporations That Rely on LT Auditor+ Major Corporations 20 th Century Fox Air Canada Corporations That Rely on LT Auditor+ Major Corporations 20 th Century Fox Air Canada Blue Cross Blue Shield EDS Federated Mutual Ins. General Motors IBM Global Services Lockheed Martin MD Anderson Hospital Raytheon Reliant Energy Qantas Airlines Tampa Electric Trans Union Banks Government Bank of Tokyo-Mitsubishi Compass Bank for Savings DKB Bank First Union Bank Heritage Bank JP Morgan Chase M&T Bank Old National Bank Star Financial Bank United California Bank US Bank Washington Mutual Wells Fargo Bank WFS Financial Department of Defense Department of the Interior Federal Bureau of Prisons Federal Railroad Comm. INS NY Attorney General NY Comptroller Pension Benefit Guar. Corp. State of Illinois US Army US Air Force US Bankruptcy Courts US Border Patrol US Probation Office

LT Auditor+ v 8. 0 Components • LT Auditor+ for Net. Ware • LT LT Auditor+ v 8. 0 Components • LT Auditor+ for Net. Ware • LT Auditor+ Manager Console • LT Auditor+ Report Generator • LT Auditor+ for Windows

Net. Ware Architecture Net. Ware Architecture

LT Auditor+ for Net. Ware—Features • Supports Net. Ware 4. x, 5. x, and LT Auditor+ for Net. Ware—Features • Supports Net. Ware 4. x, 5. x, and 6. x • Audits all changes to the Novell e. Directory™/*NDS® • Real-time alerting capability via SNMP • Enterprise-wide consolidation of all audit data into a single repository • Supports high-end databases • Powerful filtering technology allows for collection of pertinent audit data 4 Also ensures audit data reduction *Novell Directory Services®

Features (cont. ) • Single Management Console for remote policy deployment and administration • Features (cont. ) • Single Management Console for remote policy deployment and administration • Audit the Auditor+ • Troubleshoot network problems

LT Auditor+ for Net. Ware Monitors • Logins and logouts • All intruder login LT Auditor+ for Net. Ware Monitors • Logins and logouts • All intruder login attempts • e. Directory schema • • • updates NDS partition changes RCONSOLE access Trustee assignments Volume mount/dismount Modules being loaded • e. Directory changes • File deletions and modifications • Creation and deletions of users and groups • Security equivalences assigned or revoked • Password changes

Basic Components • Manager Console 4 Easy-to-use graphical interface 4 Used by security administrators Basic Components • Manager Console 4 Easy-to-use graphical interface 4 Used by security administrators to configure, create and deploy security policies across the enterprise • Novell Net. Ware Loadable Module™ (NLM™) 4 Agents that are loaded on servers 4 Collects audit trail data locally on servers 4 Back-end engine that does all the work

LT Auditor+ for Net. Ware Policies • The following policies can be assigned by LT Auditor+ for Net. Ware Policies • The following policies can be assigned by the Manager Console 4 Filter 4 System 4 Security 4 Job

Policies (cont. ) • Filter policies 4 Login, e. Directory, file/directory and server filters Policies (cont. ) • Filter policies 4 Login, e. Directory, file/directory and server filters 4 Granular filtering capability 4 Set up real-time alerting for sensitive events 4 Configure as per organizational security policies

Policies (cont. ) • Settings policies 4 Archive settings • Determines when server agents Policies (cont. ) • Settings policies 4 Archive settings • Determines when server agents (NLMs) create a data file (archive file) of all audit trail data collected 4 Data transfer settings • Determines how archive files are transferred to the consolidation server for consolidation to a single repository • Setup cross platform consolidation

Policies (cont. ) • Security policies • Authorized users 4 Levels of access control Policies (cont. ) • Security policies • Authorized users 4 Levels of access control for authorized users 4 Audit LT Auditor+ • “Police the Policeman”

Policies (cont. ) • Job Policies 4 Consolidation jobs • Scheduled jobs that consolidate Policies (cont. ) • Job Policies 4 Consolidation jobs • Scheduled jobs that consolidate archived files to a Btrieve database • Can set filters to determine how archive files are consolidated 4 Deletion jobs • Scheduled jobs to periodically delete archive and consolidated data files

Other Features of the Manager Console • Export to other servers in the network Other Features of the Manager Console • Export to other servers in the network • Select different node addresses or users • Control loading of the LT Auditor modules • Automatically delete consolidation jobs on the local servers • Dedicate one server as the consolidation server

Report Generator • Run reports from databases such as 4 ORACLE/MS SQL or BTRIEVE Report Generator • Run reports from databases such as 4 ORACLE/MS SQL or BTRIEVE • Built with the Crystal Reporting Engine • Capability to export reports to multiple formats like. HTML, . PDF, Excel, Word… • Reports can be e-mailed to required personnel • Automated scheduling capability • Powerful querying capability

LT Auditor+ v 8. 0: High-Powered with Low TCO • Single management console • LT Auditor+ v 8. 0: High-Powered with Low TCO • Single management console • Remote installation capability • Minimal configuration requirements • Automated policy deployment and report • • scheduling System performance monitoring capability Tracks security changes Real-time monitoring Customizable queries and reports

LT Auditor v 8. 0 Radar for your network… LT Auditor v 8. 0 Radar for your network…