NetGains Infrastructure Security
-
Upload
netgains-technologies-pvt-ltd -
Category
Technology
-
view
114 -
download
0
description
Transcript of NetGains Infrastructure Security
Layered approach for securing NetGains Mail & Application Servers.
It is a technical strategy, espousing adequate measures be put in place at different levels within the network infrastructure.
It is also an organizational strategy, requiring participation from the clients, users, administrators & business owners.
The layered-security approach centers on maintaining appropriate security measures and procedures at five different levels within the IT environment
NetGains Mail & Application ServerConfidentiality & Security – Layered Approach
NetGains Mail & Application ServerConfidentiality & Security – Layered Approach
Security level Applicable security measures
1. Perimeter • Firewall
• Network-based anti-virus
2. Network • Intrusion detection /prevention system
• Vulnerability management system
• Endpoint security compliance
• Access control /user authentication
3. Host Host IDS & Host VAEndpoint security complianceAnti-virusAccess control/user authentication
4. Application • Host IDS & Host VA
• Access control/user authentication
• Input validation
5. Data • Encryption
• Access control/user authentication
LEVEL 1: PERIMETER SECURITY
The perimeter is the first line of defense from outside, un-trusted networks.
The perimeter acts as the first and last point of contact for security defenses protecting the network.
It is the area where your network ends and the Internet begins.
Sonic FireWALL PRO 3060 Real-Time Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention. Powerful Content Filtering. Deep Packet Inspection Firewall Real-Time Blacklist Spam Filtering Policy-based NAT
NetGains Mail & Application ServerConfidentiality & Security – Layered Approach
LEVEL 2: NETWORK SECURITYThe network level of the layered-security model refers to internal LAN and WAN.• Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs)• Vulnerability management - Vulnerability management systems perform two
related functions: (1) they scan the network for vulnerabilities and (2) they manage the process of repairing the vulnerabilities found.
• Endpoint security compliance (for VPN & RAS devices)• Access control/authentication (Network Level access)
Answer: The Network level done administration is done by the ISP
NetGains Mail & Application ServerConfidentiality & Security – Layered Approach
LEVEL 3: HOST SECURITYIn the layered-security model, the host level pertains to the servers
configurable parameters that, when set inappropriately, can create exploitable security holes. These parameters include registry settings, services (applications) operating on the device, or patches to the operating system or important applications.
Host-based intrusion detection systems (IDSs) Host-based vulnerability assessment (VA) Endpoint security compliance Anti-virus Access control/authentication
Answer:* For this we use Trend Micro Interscan Messaging Security Suite which gives protection against Viruses, Spam and FTP traffic.
NetGains Mail & Application ServerConfidentiality & Security – Layered Approach
LEVEL 4: APPLICATION SECURITYApplication-level security is currently receiving a great deal of attention.
Poorly protected applications can provide easy access to confidential data and records.
The hard truth is that most programmers don’t code with security in
mind. Application shield - application-level firewall. Access control/authentication - only authorized users are able to access the
application. Input validation - Input validation measures verify that
application input traveling across your network is safe to process.
NetGains Mail & Application ServerConfidentiality & Security – Layered Approach
LEVEL 5: DATA SECURITYData-level security entails a blend of policy and encryption.
Encrypting data where it resides and as it travels across your network is a recommended best practice because, if all other security measures fail, a strong encryption scheme protects your proprietary data.
EncryptionImportant Customer data is stored in the SQL Server Database and is completely encrypted.
Access control / authenticationThere is a role based access to data. Eg
A programmer has access only to Application files. Important Customer data & Profile is stored in Database and only DBA
can access it. An Administrator of the system can only administer the data and has no
access to database & applications. RAID 10 for Hard-disk redundancy. TAPE backup
NetGains Mail & Application ServerConfidentiality & Security – Layered Approach
Thank You !
NetGains Technologies708/709, Corporate Avenue,
Sonawala Lane,Goregaon(E)
Mumbai – 400 063.Sales: +91-22-6525 7000 / +91-22-6139 7000
Mobile : 9820089256 / 989200782
NetGains Mail & Application ServerConfidentiality & Security – Layered Approach