Outline • Format • Grading • Ethics • Areas
Format - Paper • Follow Format in Syllabus • 10 to 15 Pages of INFORMATION CONTENT (Do notcount Title, Outline, Reference Pages) • Title Page: • Course Number and Title • Paper Title • Date Due • Student Name • Outline/Table of Contents Page • Information Pages (Review of 1 area and 5 products) • List of References Page
Format - Presentation • Follow Format in Syllabus • 10 Minute Presentation (8 to 12 minutes) • Title Slide: • Course Number and Title • Paper Title • Date Due • Student Name • Outline/Table of Contents Slide • Information Slides (Review of 1 area and 5 products) • List of References Slide
Overall Grading • Topic Chosen By Week 5 (9/28) • Paper • Scored on Basis of 0 to 10 • 10% of Final Grade • Due: Week 11 (11/16) • Presentation • Scored on Basis of 0 to 10 • 10% of Final Grade • Either Week 12 or 13 (11/23, 11/30) • Exact Date Determined by Lottery on Week 10 (11/9)
Grading - Paper • Papers Are Due Week 11 (11/16) • Special Circumstances: pre-arranged with Instructor • 1 Week Late: minus 2 points • 2 Weeks Late: minus 3 points • 2+ Weeks Late: 0 • Criteria • Minor Grammar/Spelling Problems: minus 2 points • Minor Formatting/Content Problems: minus 2 points • Major Grammar/Spelling Problems: minus 4 points • Major Formatting/Content Problems: minus 4 points • EXCESSIVE PLAGIARISM (>30%): Reduction in score equal to amount of plagiarism
Grading - Presentation • Presentations Must Be Done the Week They are Due • Special Circumstances: pre-arranged with Instructor • 1 Week Late: minus 5 points (if able to squeeze in) • Criteria • 40% Content • Knowledge of Topic • Detailed, Thorough Coverage • 40% Presentation • Charts (Outline, Organization, Typos, etc.) • Speech (Time, Memory, Eye Contact, Enthusiasm, etc.) • 20% Peer Evaluation
Ethics • Papers/Presentations Accomplish: • Research/Read • Think/Evaluate • Writing/Public Speaking • Good Job Skills/Time Management • Students Who Merely “Cut and Paste” From the Internet or Textbooks For the Paper Will Have Their Grade Reduced By A Corresponding Amount • Students Who Do Not Show Up For Their Presentation Will Receive a Zero (0) for the Presentation
Areas • Active Content Monitoring/Filtering • Authentication • Firewalls • Intrusion Detection Systems - Host Based • Intrusion Detection Systems- Network Based • Penetration Testing • VPN & Cryptographic Communications • Enterprise Security Administration • Vulnerability Scanners
Active Content Monitoring/Filtering • Tools to monitor content entering a computer or network for potentially damaging material co-referencing what they scan with continuously updated definitions libraries.
Active Content Monitoring/Filtering • eSafe -Aladdin Knowledge Systems • Ubizen OnlineGuardian - Ubizen • SurfControl Web Filter - SurfControl, Inc. • SurfControl Email Filter - SurfControl, Inc. • GROUP Software securiQ Suite - GROUP Software • PacketHound - Palisade Systems • Sendmail Secure Switch - Sendmail, Inc. • TCSecure: eGate - Trusted Computer Systems • InterScan VirusWall - Trend Micro • Vericept VIEW of Information Protection - Vericept • Websense Enterprisev4.4 - Websense
Authentication • Process of determining whether something or someone is who or what it is declared to be. The most common form of authentication is the use of logon passwords, the weakness of which is the passwords can be forgotten, stolen or accidentally revealed. The tokens in this category offer more stringent forms of authentication so that users need to have both something (the token) and know something (PIN or password) to gain access.
Authentication • eToken - Aladdin Knowledge Systems • CRYPTOAdmin - CRYPTOCard • CRYPTOLogon - CRYPTOCard • NetCrusader - Gradient Technologies • Oblix NetPoint - Oblix, Inc. • PrivateCard - Cylink • Password Manager - Unlimited Software Associates, Inc. • SafeWord PremierAccess - Secure Computing Corp. • Symark PowerPassword - Symark Software • v-GO Single Sign-On - Passlogix, Inc.
Firewalls • System or group of systems that enforces an access control policy between two networks.
Firewalls • Lumeta Firewall Analyzer - Lumeta Corp. • CyberArmor Suite - Centrally Managed Personal Firewall - InfoExpress • McAfee Desktop Firewall - McAfee • StormWatch - OKENA • NetScreen 500 - NetScreen • RoBoX Firewall Appliance - Global Technology Associates • SecureIIS Application Firewall - eEye Digital Security • StoneGate - Stonesoft • TeleWall Telecommunications Firewall - SecureLogix • ZyWALL Series - ZyXEL Communications, Inc.
Intrusion Detection Systems -Host Based • Host-based IDS is software that monitors a system or applications log files. It responds with an alarm or a countermeasure when a user or intruder attempts to gain access to unauthorized data, files or services.
Intrusion Detection Systems -Host Based • ManTrap - Resource Technologies • RealSecure Server Sensor - Internet Security Systems • NFR Host Intrusion Detection (HID) - NFR Security • Tripwire for Servers - Trip[wire, Inc. • Active Guard - Solutionary, Inc. • Entercept - Entercept Security Technologies • Event Alarm/Analyst - Dorian Software Creations, Inc. • Intruder Alert - Symantic • Intrusion SecureHost Series - Intrusion, Inc. • STAT Neutralizer - Harris Corporation
Intrusion Detection Systems - Network Based • Monitors network traffic and responds with an alarm when it identifies a traffic pattern that it deems to be either a scanning attempt or denial of service or other attack. It is quite useful in demonstrating that “bad guys” are actually trying to get into your systems.
Intrusion Detection Systems - Network Based • ManHunt - Recourse Technologies • Cisco IDS Sensors - Cisco Systems • RealSecure Network Sensor - Internet Security Systems • VigilEnt Intrusion Manager - PentaSafe Security Technologies • ActiveScout - ForeScout Technologies • Dragon IDS - Enterasys Networks • Intrusion SecureNet Series - Intrusion, Inc. • Logsaver - DigitalSecu America, Inc • Sentarus SNX2 - Silicon Defense • snort - Marty Roesch • Sourcefire Network Sensor - Sourcefire, Inc.
Penetration Testing • Consultants simulate “real-world” hacking and social engineering attacks on an enterprise network and system to determine where weaknesses lie, and offer advice on how those weaknesses may be addressed in order to beef-up security. Most use network-based vulnerability scanning tools.
Penetration Testing • Vulnerability Scan - Veridyn, Inc. • NSAG Shadow/Tempest Team - Network Security Assurance Group • Ubizen Professional Services - Ubizen • Lumeta Leak Discovery - Lumeta Corp. • X-Force Penetration Testing Service - Internet Security Systems • farm9 Internet Vulnerability Assessment - farm9 • Consul/Consultancy - Consul Risk Management • NETSEC - Vulnerability Assessment Services • Penetration Testing Services - Collins Consulting Group • Tiger Testing Penetration Testing Security Assessment Services - Neohapsis
VPN & Cryptographic Communications • A Virtual Private Network allows secure communications over the public Internet. It saves money in organizations with large mobile workforces or many satellite offices reducing the need to use expensive private telephone and data networks.
VPN & Cryptographic Communications • Cisco VPN Concentrators - Cisco Systems • VTCP/Secure Remote VPN/Extranet Solution - InfoExpress • McAfee E-Business Server and Client - McAfee • Contivity (CPE) - Nortel Networks • Instant VPN - Imperito networks • RapidStream VPN/Firewall Appliance - RapidStream • Resilience DX4000 VPN/Firewall Appliance - Resilience Corp • SmartGate VPN - V-One • StoneGate - Stonesoft • VPN1-Pro - Check Point
Enterprise Security Administration • Tools providing enterprise-wide security administration apply a given security policy across an entire organization, ensuring that all users of that enterprise network will be subjected to the same rights and restrictions. These systems are especially valuable in granting new users access to all appropriate systems, and more importantly, removing users from all systems if they are terminated.
Enterprise Security Administration • netForensics - netForensics, Inc. • SilentRunner - SilentRunner, Inc. • CiscoWorks VPN/Security Management Solution (VMS) - Cisco Systems • NetVision Policy Management Suite - NetVision, Inc. • CyberGtaekeeper Suite Remote System Configuration Enforcer - InfoExpress • RealSecure SiteProtector - Internet Security Systems • ECM - Enterprise Configuration Manager - Configuresoft • VigilEnt Security Manager - PentaSafe Security Technologies • Tripwire Manager 3.0 - Tripwire, Inc. • The NetIQ Administration Suite - NetIQ • bv-Admin - Bindview Corporation
Vulnerability Scanners • Software that simulates the behavior of attackers to learn which of as many as 600+ possible weaknesses are present on the system being attacked. • May also check the settings on systems to determine whether they are consistent with corporate security policies.
Vulnerability Scanners • Internet Scanner - Internet Security Systems • System Scanner - Internet Security Systems • Security Analyzer - NetIQ • bv-Control for Internet Security - Bindview Corporation • eScan Agent - Emprise Technologies • FoundScan Enterprise Vulnerability Management System - Foundstone • Retina Network Security Scanner - eEye Digital Security • SAINT - SAINT Corporation • STAT Scanner - Harris Corporation • ECM - Enterprise Configuration Manager - Configuresoft • Security Expressions - Pedestal Software, Inc.