Moving- Security- Enforcement-into-the- Heart-of-the- Network课件.pptVIP

* * * * * * * * * * Microsoft NAP Architecture Source: Microsoft TCG Trusted Network Connect Architecture Source: Trusted Computing Group Vernier Networks EdgeWall Architecture EdgeWall Control Server 1) Credentials Authentication Service Patch Management, Vulnerability Servers 2) Authentication 3) Local compliance check 4) Integrity data 5) User access rights Source: Vernier Networks Network Access Control Challenges Impact/Interoperability with existing infrastructure Agent-based vs. agent-less approaches Continuous vs. Initial device evaluation Interoperability between different architectures Why Network Access Control is important Reduced risk of outbreak due to infected endpoints Safe access to networks through VPN access Controlled remediation and patching of unhealthy endpoints Increased security of corporate resources Increased compliance with regulatory requirements Thank You QA Peter.benson@ * * * * * * * * * * * * * * * * * * * * * * * * * * Copyright Security-A 2005 Copyright Security-A, Qualys Inc, 2005 Moving Security Enforcement into the Heart of the Network Peter Benson CEO Security-A October, 2005 Agenda Evolution of Threats Why Network Access Control Matters The Laws of Vulnerabilities Network Access Control Architectures Summary and Action Security Trend Indicators Malicious Code (↑) Vulnerabilities (↑) Spam and Spyware (↑) Phishing and Identity Theft (↑) ….and Time to Exploitation (↓)? Where are the issues ? A Multitude of insecure Protocols and Services telnet, ftp, snmp Known default settings Passwords, SNMP community strings System Design Errors Setup and Access control errors Software Implementation Flaws Input validation, lack of sanity checks User Triggered Issues Email and Browser related First Generation Threats Spreading mostly via email, file-sharing Human Action Required Virus-type spreading / No vulnerabilities Examples: Melissa Macro Virus, LoveLetter VBScript Worm Replicates to other recipients Discovery/Remov