1 / 17

CERT AM: Securing NREN in Armenia

CERT AM: Securing NREN in Armenia. Armenian NREN. ASNET AM – Connecting more than 40 academic institutes of NAS RA and more than 10 other research, educational and cultural organizations

lahela
Download Presentation

CERT AM: Securing NREN in Armenia

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CERT AM: Securing NREN in Armenia

  2. Armenian NREN • ASNET AM – Connecting more than 40 academic institutes of NAS RA and more than 10 other research, educational and cultural organizations • ARENA – Network association, providing Internet access for research and educational organizations within the framework of Virtual Silk Highway project

  3. Armenian NREN • LIBNET AM – Armenian Libraries Consortium manages “Developing of Armenian Libraries computerized network” project, which interconnects libraries trough fiber optical channels • School network – managed by Harmony Foundation in the framework of ongoing ASCP project of connecting 330 schools in Armenia

  4. Establishment of CERT AM 1. Hosting organization Internet Society – Armenia (ISOC AM) was chosen for the following reasons: • ISOC AM is the local internet community, • ISOC AM is a member of CEENET representing Armenia NREN and participates in other CEENET projects like Porta Optica, • ISOC AM is more responsive to the international cooperation and activity, • Major ISPs and corporate/educational networks of Armenia are members of ISOC AM

  5. Establishment of CERT AM 1. Hosting organization • ISOC AM is a manager and registry (AM NIC) of AM TLD and as such accumulates an important information on security, vulnerabilities, attacks. • ISOC AM has a training center with qualified trainers, • ISOC AM is conducting network administrators training courses, • ISOC AM training center is a CIW authorized training center with training programs in Web design for E-commerce and Security, • ISOC AM is a participant of e-rider and community centers (telecenters) programmes.

  6. Establishment of CERT AM 2. Analyzing the current situation Common security problems • Viruses • Spam • Hacking resources • Dos and DDos attacks

  7. Establishment of CERT AM 2. Analyzing the current situation - ASNET

  8. Establishment of CERT AM 2. Analyzing the current situation - ASNET • WORM_NETSKY.C • HTML_Netsky.P • WORM_NETSKY.DAM • WORM_BAGLE.GEN-2 • WORM_NETSKY.Z • WORM_BAGLE.CL • WORM_GREW.A • WORM_MYDOOM.M • WORM_MYTOB.AF • WORM_MYTOB.DM Top 10 viruses in 2006

  9. Establishment of CERT AM 2. Analyzing the current situation - ASNET Fighting against viruses • Antivirus software on users’ machines • Scanning incomming email attachments

  10. Establishment of CERT AM 2. Analyzing the current situation - ASNET Spam fighting techniques • DNS-based blacklists • Content filtering Result: about 21000 spam messages being blocked daily

  11. Establishment of CERT AM 2. Analyzing the current situation - ASNET Example of Hacker attacks • SSH brute force attacks About 500 attacks are identified and blocked monthly

  12. Establishment of CERT AM 3. Defining constituents and their resources • Assigning some of the IT staff of each REN as Chief Information Security Officers (CISO) with the corresponding job description • Organize an orientation meeting for CISOs and establish a community of CISOs • Receive a description of software and hardware products installed in each of the RENs from CISOs

  13. Establishment of CERT AM 4. Defining services Reactive • Incident response Proactive • Vulnerability reports • Technology watch Security Quality Management • Awareness building

  14. Establishment of CERT AM 5. Maintaining the web site • Have an online incident report form • Have security advisories available online • Have best practice documents available • Have security related articles and news available • Have a download area for downloading security tools • Have the contact information of CERT AM • Have a mailing list subscription form • Have statistics of security attacks, etc.

  15. Establishment of CERT AM 6. Maintaining awareness building process • Organizing workshops and seminars for users and administrators of NREN • Organizing regular meetings of CISOs

  16. Establishment of CERT AM 7. International relations • It is planned for CERT AM to become a member of international CSIRT communities such as FIRST • It is planned to hold a number of workshops inviting representatives from foreign CSIRTs

  17. THANK YOU

More Related