《微软PPT演示稿经典剪辑模板全套上》.ppt_第1页
《微软PPT演示稿经典剪辑模板全套上》.ppt_第2页
《微软PPT演示稿经典剪辑模板全套上》.ppt_第3页
《微软PPT演示稿经典剪辑模板全套上》.ppt_第4页
《微软PPT演示稿经典剪辑模板全套上》.ppt_第5页
已阅读5页,还剩94页未读 继续免费阅读

下载本文档

版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领

文档简介

1、,第一篇 区块篇,At Risk,The Soft Underbelly,Security Issues Today,1 Source: Forrester Research 2 Source: Information Week, 26 November 2001 3 Source: Netcraft summary 4 Source: CERT, 2003 5 Source: CSI/FBI Computer Crime and Security Survey 6 Source: Computer Security Institute (CSI) Computer Crime and Sec

2、urity Survey 2002 7 Source: CERT, 2002 8 Source: Gartner Group,14B devices on the Internet by 20101 35M remote users by 20052 65% increase in dynamic Web sites3 From 2000 to 2002 reported incidents rose from 21, 756 to 82,0944 Nearly 80 percent of 445 respondents surveyed said the Internet has becom

3、e a frequent point of attack, up from 57 percent just four years ago5,90% detected security breaches6 85% detected computer viruses6 95% of all breaches avoidable with an alternative configuration7 Approximately 70 percent of all Web attacks occur at the application layer8,Application Layer Attacks,

4、Identity Theft Web Site Defacement Unauthorized Access Modification of Data, Logs and Records Theft of Proprietary Information Service Disruption,Implications,Compliance: Sarbanes Oxley Gramm Leach Blilely US Patriot Act HIPAA The Privacy Act (CA) Basel 2 (EU) Data Protection Act (EU) Litigation Fil

5、e Sharing Piracy HR Issues Shareholder Suits,Customer Impact,Types Of SRP Rules,Path Rule Compares path of file being run to an allowed path list Use when you have a folder with many files for the same application Essential in when SRPs are strict,Hash Rule Compares the MD5 or SHA1 hash of a file to

6、 the one attempted to be run Use when you want to allow/prohibit a certain version of a file from being run,Certificate Rule Checks for digital signature on application (i.e. Authenticode) Use when you want to restrict both win32 applications and ActiveX content,Internet Zone Rule Controls how Inter

7、net Zones can be accessed Use when in high security environments to control access to web applications,SQL Server 2005 Themes,Supportability updating must be initiated manually,Office Update Web site:,How To Use Office Update,Go to ,1,Click Check for Updates,2,Install the Office Update Installation

8、Engine (if not already installed),3,Select the updates you want to install,4,Click Start Installation,5,How To Use SUS,On the SUS server,Configure the SUS server at http:/SUSAdmin,On each SUS client,Configure Automatic Updates on the client to use the SUS server Use Group Policy, manually configure

9、each client, oruse scripts,Set the SUS server synchronization schedule,Review, test, and approve updates,1,2,3,How To Use MBSA,Download and install MBSA (once only),1,Launch MBSA,2,Select the computer(s) to scan,3,Select relevant options,4,Click Start scan,5,View the Security Report,6,Software Updat

10、e Service Deployment Best Practices (1),Software Update Service Deployment Best Practices (2),How To Use SMS To Deploy Patches,SMS MBSA Integration,MBSA integration included with SMS 2003 and the SUS Feature Pack for SMS 2.0 Scans SMS clients for missing security updates using mbsacli.exe /hf,MBSA B

11、enefits,Scans systems for Missing security patches Potential configuration issues Works with a broad range ofMicrosoft software Allows an administrator to centrally scan multiple computers simultaneously MBSA is a free tool, and can bedownloaded from,MBSA Considerations,MBSA reports important vulner

12、abilities,Password weaknesses Guest account not disabled Auditing not configured Unnecessary services installed IIS vulnerabilities IE zone settings Automatic Updates configuration Internet Connection Firewall configuration,MBSA Scan Options,MBSA has three scan options MBSA graphical user interface

13、(GUI) MBSA standard command-lineinterface (mbsacli.exe) HFNetChk scan (mbsacli.exe /hf),Business Case ForPatch Management,When determining the potential financial impact of poor patch management, consider,Downtime Remediation time Questionable data integrity Lost credibility Negative public relation

14、s Legal defenses Stolen intellectual property,“We commend Microsoft for providing enhanced security guidance to its customers as well as for soliciting user input as part of the process of producing that guidance“ Clint Kreitner President/CEO,“NIST reviewed and provided technical comments device ind

15、ependent. Integration into a broad range of different applications and devices.,第二篇 表格篇,Example Goals,Example Scope,What to plan for,Patch Management Solution For Small And Medium-sized Organizations,The Importance Of Proactive Patch Management,Default Exempt Rules In IPSec,Stored in the registry va

16、lue: HKLMSYSTEMCurrentControlSetServicesIPSECNoDefaultExempt,PerformanceEnhanced Architecture,Optimized for real life usage scenarios Improvements since ISA Server 2000 Kernel-mode data pump User-mode optimizations Up to +150% (2.5X faster) for firewall (SecureNAT) traffic Up to +250% (3.5X faster)

17、for Web (transparent) proxy traffic 1,000,000+ concurrent connections Scale up with additional CPUs,Raw throughput performance,How? Design improvements IP Stack improvements Hardware improvements (raw thru-put measured using HTTP+NAT benchmark),Microsoft Patch Severity Ratings,Security Bulletin List

18、: http:/www.M,Patching Time Frames,Improving The Patching Experience,Choosing A PatchManagement Solution,Patch Management Solution For Medium-Sized And Large Organizations,IT Policy Completeness,IT Audit Score Card Example,Elements of Your Final Report,Upgrading And MigratingSharePoint products and

19、technologies,Analysis Service and DTS Migration Wizards No new MDAC bits Reduced SQL Database services downtime,Upgrade,Whats New In Setup,Other Sessions,DREAD,Micro Issues are 88%,Simple to fix. Create “Noise” Five issues represent 88% of all upgrade issues,第三篇 图例篇,Corpnet,Internet,RADIUS Authentic

20、ation,Federation through RADIUS proxies Can be used for centralized authentication services Domain membership not required Great for DMZ placement,RADIUS Server (IAS),Back-end Server,Web Client (Browser, HTTP client),ISA Server 2000 (Old)Networking Model,Fixed zones “IN” = LAT “OUT” = DMZ, Internet

21、Packet filter only on external interfaces Single outbound policy NAT always Static filtering from DMZ to Internet,InternalNetwork,Internet,DMZ 1,ISA 2000,ISA Server 2004 Networking Model,Any number of networks VPN as network Localhost as network Assigned relationships (NAT/Route) Per-Network policy

22、Packet filtering onall interfaces Support for DoD Any topology, any policy,ISA 2004,Rule Structure infects unprotected or unpatched systems,No Exploit,Exploit,MBSA How It Works,MSSecure.xml contains Security bulletin names Product-specific updates Version and checksum info Registry keys changed KB a

23、rticle numbers Etc.,Windows Download Center,MSSecure.xml,MBSAComputer,Policies, Procedures, & Awareness,Physical Security,Perimeter,Internal Network,Host,Application,Data,Defense In Depth,Using a layered approach Increases attackers risk of detection Reduces attackers chance of success,OS hardening,

24、 authentication, patch management, HIDS,Firewalls, Network Access Quarantine Control,Guards, locks, tracking devices,Network segments, IPSec, NIDS,Application hardening, antivirus,ACLs, encryption, EFS,Security documents, user education,Requirements For Successful Patch Management,Products, tools au

25、tomation,Project management, Patch management process,People who understand their roles and responsibilities,Effective Processes,Effective Operations,Tools and Technologies,Patch Management Process,SUS How It Works,ParentSUS Server,Windows Update,ChildSUS Server,Firewall,Client Computers,Client Comp

26、uters,SUS Sample Deployment Scenario,Main OfficeSUS Server,Windows Update,PilotSUS Server,Firewall,Pilot Client Computers,Main Office ClientComputers,Regional Client Computers,RegionalSUS Server,SUS Server,Windows Update Service,Firewall,Software Update Service SUS Deployment Scenario 1,Software Update Servi

温馨提示

  • 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
  • 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
  • 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
  • 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
  • 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
  • 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
  • 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

评论

0/150

提交评论