Security ServicesSecurity Services

Agenda•Overview of HEAnet security services•HEAnet CERT (Computer Emergency Response)•Anti-Spam RBL (Real time blacklist service)•HEAnet TCS ( Certificate Service )•HEAnet Vulnerability Scanning service•Security Auditing •Questions ?

OverviewOverviewInternal and External security resources

HEAnet Security Team Aidan – aidan.carty@heanet.ie Robert - robert.gallagher@heanet.ie

WebSitehttp://www.heanet.ie/security

Typical projects.•Firewalls, Patching, VPN e.g DR-IDP, Auditing new services, attacks against HEAnet infrastructure.•Security advice to clients (e.g. Security appliance tenders ) and providing security based services. •Liaising with other CERT teams, NRENs and Government departments.•Security Workshops and Training

HEAnet CERTHEAnet CERT

Provides •Incident Response, support and advice to institution IT department•Incidents include DDOS, Malware, Copyright and general AUP issues•The HEAnet CERT is in conjunction with JA.net CSIRT

Anti-spam serviceAnti-spam service

•Real-time IP lookup service for institution Email servers.•Based on DNS lookups of “bad” IP addresses•Uses commercial vendors SpamHaus.org and TrendMicro.com•Significant reduction in spam (IP based, email not even processed)•Use beyond email, general defense against botnets

TCS - Certificates serviceTCS - Certificates service

Usage categories include:

•Servers, Web applications and network devices.•Code Signing Certificates for Applications•Personal Email certificates•eScience (High Performance Computing groups)

TCS service uses a self service portal.( Currently 2,500+ certificates across 45 clients, with 120+ users )

Available to any individuals nominated by IT department

Provide a range of no-cost SSL certificates, signed by leading CA - Comodo

Vulnerability ScanningVulnerability ScanningA web based vulnerability scanning service

using the commercial version of Outpost24

•Scanning of institution networks and a view from outside.•Ongoing Reports, Metrics and Deltas•Internal Scanning Appliance for Campus LAN•Framework Agreement for large number of IPs and PCI compliance checking•Offerred to IT department

Security AuditingSecurity Auditing

Typical engagements •Auditing of infrastructure (servers, routers, firewalls)•Auditing of Web Applications (Web farm, Internal applications)•Auditing of Virtualisation Environments•Chargeable service

An on-site security audit of HEAnet client’s infrastructure or applications, including documentation, vulnerability assessment and security recommendations.

http://www.heanet.ie/security

Questions ?Questions ?