of 12/12
Carnegie Mellon , #1 next level solutions Apr 23, 201 Operating System Security John Doyle Director, Sales & Business Development Harris Corporation,STAT Operations Mail Stop 2-9450,P.O. Box 37 Melbourne, FL 32902-0037 321-727-4566 (phone) [email protected] (email)

Harris corp

  • View

  • Download

Embed Size (px)

Text of Harris corp

  • Carnegie Mellon , #1 next level solutions Apr 23, 2010

    Operating System Security

    John DoyleDirector, Sales & Business Development

    Harris Corporation,STAT OperationsMail Stop 2-9450,P.O. Box 37

    Melbourne, FL 32902-0037321-727-4566 (phone)

    [email protected] (email)

  • Carnegie Mellon , #2 next level solutions Apr 23, 2010

    Federal Cyber Security Official: Prepare For The Worst

    The nation must prepare for the worst-case scenario when it comes to securing the Internet, warned Richard Clarke, President Bush's special advisor on cyberspace security, on Wednesday. "We haven't patched the holes literally or figuratively. We have a system that's vulnerable to sophisticated attackers, not just the 14-year-olds," Clarke said.

    Homeland Security

  • Carnegie Mellon , #3 next level solutions

    CERT Reported Attacks





    1999 2000 2001

  • Carnegie Mellon , #4 next level solutions Apr 23, 2010

    100% secure



    Enterprise Security Strategy

    Find the balanced solution between price, function,and performance

    How much security can a user stand? How much insecurity can the organization afford?

  • Carnegie Mellon , #5 next level solutions Apr 23, 2010

    Security - The Big Picture

    Local Users

    Anti-Virus SW

    Anti-Virus SW

    Anti-Virus SW


    InternetTeammate /

    Telecommuter viaCommercial ISP


    Network Manager Network Management System Vulnerability Scan Intrusion Detection Risk AssessmentMail Server

    E-Mail Scan Anti-Virus

    Firewall/URL Filtering


    Web Server Extranet SSL Encryption PKI Authentication (Non-repudiation

    of transactions)

    Remote UsersPSTN

    Remote Connection Server Authentication VPN?

    E-Commerce Customer PKI

    Network security requires an enterprise-wide perspective and defense-in-depth with layers of protection that work together.

  • Carnegie Mellon , #6 next level solutions Apr 23, 2010

    OS Vulnerabilities: Universal Problem

    Microsoft tries to cage security gremlins By Robert Lemos Special to CNET News.com November 6, 2001, Microsoft's security response center must be feeling a little punch-drunk these days. After the one-two combination of the Code Red and Nimda worms that targeted the company's server and PC software this past summer, the titan announced an initiative in early October to promote security-savvy administration among its partners. However, almost every week since it announced its Strategic Technology Protection Program, a new security flaw has cropped up. In the past few weeks, holes have been found in Excel and PowerPoint and a new system for protecting music content. A major security patch was issued for Windows XP, and the company had to shut down part of its Passport service to fix a set of flaws in the technology that Microsoft hopes will become the foundation of its .Net initiative.

    Microsoft's New Security Program Has BugsBy Brian McWilliams, NewsbytesREDMOND, WASHINGTON, U.S.A.,01 Nov 2001, 5:43 PM CSTA new security initiative unveiled by Microsoft [NASDAQ:MSFT] last month is off to a rocky start, according to customers and security experts. Microsoft's Strategic Technology Protection Program drew praise when it was announced Oct. 3. But already the effort, positioned by the company as "an unprecedented mobilization of Microsoft's people and resources" to help customers secure their systems, has hit several snags.

    The first occurred on Oct. 18, when Microsoft released a security patch that caused some Windows 2000 systems to stop functioning properly. Citing "human error in the patch building process," the company withdrew and later re-issued the patch.

    Risky business Network World, 11/19/01 A recently discovered buffer-overflow vulnerability could let hackers take control of the following Unix systems unless their common desktop environment component is disabled or a software patch is added. At risk: IBM AIX 4.3, 5.1 Caldera OpenUnix 8.0, UnixWare 7 Hewlett-Packard HP-UX 10.10, 10.20, 10.24, 11.00,

    11.04, 11.11 Sun Solaris 7, 8 Compaq Tru64 Digital Unix 4.0F, 40G, 5.0a, 5.1, 5.1a Unspecified SGI Unix Not at risk: Cray UNICOS, UNICOS/mk and Crayu Tools Fujitsu UXP/V operating system SOURCE: ISS AND CERT

  • Carnegie Mellon , #7 next level solutions Apr 23, 2010

    The Band-Aid Security Strategy




    Centralized MonitoringTNOCs & RCERTs








    Security Router

    Local Node

    ID & Authentication


  • Carnegie Mellon , #8 next level solutions Apr 23, 2010

    Whats Missing?

    Protection for the OS An OS firewall

    Kernel-level protection to provide your existing security infrastructure with a last layer of defense Intercepts Identifies Prevents

    potentially damaging behavior within any executing code on a system (i.e., applications, device drivers, and services)

    Proactive 360 enterprise protection intercepts, identifies and prevents damage from known and unknown malicious code, human error, and other attacks whether internal or external

    Intrusion Prevention = STAT Neutralizer

  • Carnegie Mellon , #9 next level solutions Apr 23, 2010

    STAT Neutralizer

    Result of extensive research in code containment, software testing techniques, and intrusion detection Provides ultimate intrusion prevention by stopping known and

    unknown security threats, providing immediate intrusion diagnosis, and ensuring strict end user policy compliance

    Pattern independent in implementation Protects against both the known and unknown Simply denies undesirable behaviors

    Malicious code protection regardless of source Works on rules that define allowable behavior. Prevents

    execution of code not allowed on the network. Prevents network assets from being used as hosts for distributed denial of service (DDoS) attacks.

    Centralized Management Leverages Windows NT/2000 administrative features. Console

    allows for single point of management. Remote management via Web access from any PC.

  • Carnegie Mellon , #10 next level solutions Apr 23, 2010

    STAT Neutralizer

    Strict security policy enforcement Automatically holds users accountable to security policy. Prohibit

    applications or users access to certain files or directories. Prevent the download & install of programs

    Real-time, 360 protection Does not require updates, enabling it to always be on. Protects

    against internal and external threats Significantly reduced false positives

    Looks at executing code not network traffic. Logs only attacks or events that would have resulted in harm. Supplied policies protect against many false positives. Administrator can create rules to allow (and not log) behaviors that they deem as false positives.

  • Carnegie Mellon , #11 next level solutions Apr 23, 2010

    STAT Product Family

    STAT Scanner Vulnerability scanner Keep assets up-to-date with current security

    recommendations and updates STAT Analyzer

    Security assessment automation Audit or assess how well your security settings are

    relative to your policy STAT Neutralizer

    Malicious code defense Intercept and stop destructive behavior

    Our software helps take a proactive approach to addressingsecurity vulnerabilities and threats before they can cause problems

  • Carnegie Mellon , #12 next level solutions Apr 23, 2010


    Operating System SecurityHomeland SecurityCERT Reported AttacksEnterprise Security StrategySecurity - The Big PictureOS Vulnerabilities: Universal ProblemThe Band-Aid Security StrategyWhats Missing?STAT NeutralizerSlide 10STAT Product FamilyDemonstration