1 / 13

Safeguarding OECD Information Assets

Safeguarding OECD Information Assets. Frédéric CHALLAL Head, Systems Engineering Team OECD. Agenda. Network Security Remote Access Anti-Virus Protection E-mail Content Filtering and Blocking Possible Future Directions. Internet. Network Security. SITA. Internet DMZ. External Firewall.

rrobertson
Download Presentation

Safeguarding OECD Information Assets

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD

  2. Agenda • Network Security • Remote Access • Anti-Virus Protection • E-mail Content Filtering and Blocking • Possible Future Directions

  3. Internet Network Security SITA Internet DMZ ExternalFirewall X25 InternalFirewall Extranet DMZ Private Network

  4. Network Security • 2 levels of firewalls for access control • 2 separate DMZs to protect sensitive information • Outgoing Internet access through application relays • Intrusion detection systems on both DMZs • Vulnerability scanning on a regular basis

  5. Intrusion Detection System • Network sensor watching for attack signatures • Responses to suspicious activity: • Connection termination • Alerts sent by E-mail • Session recorded • Other …

  6. Remote Access SQL Web Exchange

  7. Remote Access • For portables and Outlook Web Access users to access the OECD network, two-factor authentication based on: • A PIN number (known by the user) • An authenticator (either hardware or software) • Also based on Windows authentication to access network resources

  8. Anti-Virus Protection Network Server Internet Point of Entry Point of Entry Gateway & Firewall E-mail & SMTP relay Point of Entry Client

  9. Prevention And Detection • Anti-Virus products from 2 different vendors installed on: • Desktops and laptops • File Servers • E-mail Servers • SMTP Relays • Signature updates on a weekly basis • Scanning on PCs and servers on a weekly basis • User Education • Being Prepared • Basic Network Security • Standard Disaster Recovery Procedures

  10. E-mail Content Filtering and Blocking • Implemented after the ILOVEYOU virus • SMTP relay level filtering of all incoming and outgoing Internet messages: • Scan for viruses • Block « program » attachments and HTML scripts for 2 days • Search for « suspicious » text strings in subject • Reporting to management

  11. E-mail Content Filtering and Blocking W32/Navidad W32/Navidad-B

  12. Possible Future Directions • Outsource detection and reporting of network vulnerabilities • SSL for Outlook Web Access • Use RTBL to prevent spamming • Content inspection on HTTP/FTP downloads

  13. Comments and Questions?

More Related