security services agenda overview of heanet security services heanet cert (computer emergency...
TRANSCRIPT
Security ServicesSecurity Services
Agenda•Overview of HEAnet security services•HEAnet CERT (Computer Emergency Response)•Anti-Spam RBL (Real time blacklist service)•HEAnet TCS ( Certificate Service )•HEAnet Vulnerability Scanning service•Security Auditing •Questions ?
OverviewOverviewInternal and External security resources
HEAnet Security Team Aidan – [email protected] Robert - [email protected]
WebSitehttp://www.heanet.ie/security
Typical projects.•Firewalls, Patching, VPN e.g DR-IDP, Auditing new services, attacks against HEAnet infrastructure.•Security advice to clients (e.g. Security appliance tenders ) and providing security based services. •Liaising with other CERT teams, NRENs and Government departments.•Security Workshops and Training
HEAnet CERTHEAnet CERT
Provides •Incident Response, support and advice to institution IT department•Incidents include DDOS, Malware, Copyright and general AUP issues•The HEAnet CERT is in conjunction with JA.net CSIRT
Anti-spam serviceAnti-spam service
•Real-time IP lookup service for institution Email servers.•Based on DNS lookups of “bad” IP addresses•Uses commercial vendors SpamHaus.org and TrendMicro.com•Significant reduction in spam (IP based, email not even processed)•Use beyond email, general defense against botnets
TCS - Certificates serviceTCS - Certificates service
Usage categories include:
•Servers, Web applications and network devices.•Code Signing Certificates for Applications•Personal Email certificates•eScience (High Performance Computing groups)
TCS service uses a self service portal.( Currently 2,500+ certificates across 45 clients, with 120+ users )
Available to any individuals nominated by IT department
Provide a range of no-cost SSL certificates, signed by leading CA - Comodo
Vulnerability ScanningVulnerability ScanningA web based vulnerability scanning service
using the commercial version of Outpost24
•Scanning of institution networks and a view from outside.•Ongoing Reports, Metrics and Deltas•Internal Scanning Appliance for Campus LAN•Framework Agreement for large number of IPs and PCI compliance checking•Offerred to IT department
Security AuditingSecurity Auditing
Typical engagements •Auditing of infrastructure (servers, routers, firewalls)•Auditing of Web Applications (Web farm, Internal applications)•Auditing of Virtualisation Environments•Chargeable service
An on-site security audit of HEAnet client’s infrastructure or applications, including documentation, vulnerability assessment and security recommendations.
http://www.heanet.ie/security
Questions ?Questions ?