Best IT Documents.com Blog


Imperva – Port Usage

Posted in O S (375) by Guest on the October 23rd, 2010

 

Imperva – Port Usage

Port

Protocol

Description

443

TCP

HTTPS – Web console

80

TCP

HTTPS – Imperva Update Server

22

TCP

SSH – Remote Management

8083

TCP

Proxy – Appliance Agent communications

53

UDP

DNS Server

123

UDP

NTP Server

514

UDP

Syslog Server

162

UDP

SNMP Trap Server

25

TCP

SMTP Server

 http://bestitdocuments.com/Services.html

 

Comments Off on Imperva – Port Usage

IBM Guardium Appliance Port Usage

Posted in O S (375) by Guest on the October 17th, 2010
  
IBM Guardium Appliance port usage
Database Server to Collector Appliance:

Port

Protocol

Description

16016

TCP

Linux/UNIX only, both directions, STAP (the probe installed on the database servers) registration, heartbeat, & data

16018

TCP

Encrypted:Linux/UNIX only, both directions, STAP registration, heartbeat, & data

8075

UDP

Windows only, both directions, STAP heartbeat

9500

TCP

Windows only, DB Server to Collector, STAP registration & data

9501

TCP

Encrypted: windows only, DB Server to Collector, STAP registration & data
     
User to Guardium Appliance (Collector):

Port

Protocol

Description

22

TCP

User to appliance, cli connectivity

8443

TCP

User to appliance, gui connectivity
     
Guardium Appliance to SMTP server:

Port

Protocol

Description

25

TCP

Appliance to smtp server, email alerts
     
Guardium Appliance to SNMP server:

Port

Protocol

Description

161

UDP

Appliance to snmp server, snmp alerts

162

UDP

Both directions, snmp traps
     
Guardium Appliance to SYSLOG server:

Port

Protocol

Description

514

UDP

Appliance to syslog server, syslog alerts
     
22 – SSH – this is used for the cli interface & for copying files to/from the Guardium Appliance using SCP (e.g. when archiving data)
199 – SNMP queries -Allowing a Netcool/OpenView type system to knowthe Guardium Appliance is up & its status
8443 – HTTPS/SSL – used for the Web interface (always on SSL). The Web interface is used by the Guardium administrator and access to Guardium reports.
9500 (Windows) and 16016 (UNIX/Linux) – S-TAP – these are the ports on which the S-TAP (The probe installed on the database servers) sends the captured data to the Guardium Appliance(s).

http://bestitdocuments.com/Services.html

 

Comments Off on IBM Guardium Appliance Port Usage

Suggested Security Architecture Overview

Posted in Security (1500) by Guest on the October 8th, 2010

The security architecture is the layout and design of hardware employed to protect private networks. Best practices dictate that the architecture of a private network linked to the internet be divided by four distinct barriers: front – end firewall, proxy server, web server and back-end-firewall. These barriers are ordered from outside internet access through each barrier to the internal application enterprise. Best practices also require the use of intrusion detection and application monitoring to enhance the security of the four barriers. The implementation of these security features will ensure that the web server will be protected from attacks.

External threats:

 Screening router

 Auditing of DMZ assets: mail, web, ftp

 Firewall & IDS

 Authenticated remote users- VPN, defense against cryptographic attacks and traffic analysis

 Firewall and VPN leak detection, audit and user profiling

 Back door detection

Internal threats:

 Internal ids

 Protection against clever VPN attacks, spoof, twin, theft, bandwidth, replay, cryptographic, traffic analysis

 Network conversion analysis

 Host conversion analysis

 Internal authentication, compartmentalization

 Using existing, rich data source: logs from routers, switches, hosts, workstations

 Security policy audit and enforcement

 Statistical behavior analysis for habit changes from norm

 Internal Users 

Intrusion Detection:

The enhance the security infrastructure, intrusion detection is an important piece to implementing best practices. An intrusion detection system consists of both network and host-based monitoring systems. Intrusion detection systems monitor the areas between security barriers to ensure intruders that breach a barrier are detected. If the system detects an intruder it sends out an alert to the web gateway administrators who will then be able to handle the intruder manually. It is critical to gather diagnostic data to identify on how the intrusion occurred to close the vulnerability. It is also important to gather data on the source of the intrusion for possible legal action. Network and host-based intrusion detection systems re defined.

As companies become more dependent upon communication across the Internet, Security features will be vital to their success as they have higher exposure to techno-theives. 

Listed below are three considerations in the Internet security practices:

 Look at security for electronic transactions as being part of a continuum of security concerns for the entire enterprise. An enterprise-wide security policy ensures that minimum standards are set at all pertinent levels: Network application and data. Individual commercial departments can then develop more detailed security policies for their unique applications based on the enterprise-wide standards.

 Consider network infrastructure approaches that provide central, secure services for public access through the internet. Enterprise Network architectures that utilize internal and external firewalls to protect internal systems from un-authorized access from the external world is one example. This type of central service eliminates the duplication of effort and risks associated with individual commercial firewall management in the absence of uniform standards. Likewise, all types of remote access to commercial systems should be subject to uniform standards.

 The level and type of security required for individual applications needs to be determined through an individual risk and cost/benefit analysis. Some applications, which are low-sensitivity and low-risk, may require only PIN-based authentication.

 When determining the level of risk associated with particular transactions, it is helpful to consider questions such as the following.

 How is the transaction processed now?

 Does it require a signature? If so, is that signature currently authenticated in any way?

 Is there a statue or regulation that requires privacy, confidentially or individual identification?

 It is an area where easier access could have privacy ramifications?

 Is this an area where there has been litigation or disputes in the past?

 How much financial, legal or public relations / confidence exposures there for the agency, if there is a problem with this transaction?

http://bestitdocuments.com/Services.html

 

Comments Off on Suggested Security Architecture Overview

Impact of the Internet

Posted in Business (600) by Guest on the October 7th, 2010

Impact on Business 

When the Internet first came to the workplace it was looked upon as though it was almost a toy.  People would talk about how fun it was and all the cool things they could find on the web.  It wasn’t long before browsing became far more than mere entertainment.  The expansion of the net’s capabilities exploded and has forever changed how we do business. 

Exploring the Internet has become fast, easy and relatively inexpensive.  At most every company, employee’s that have a pc; have Internet and Intranet capabilities.  Past the firewall is nearly everything we need to do research on vendors, conferences, and the latest technologies.  Vendors have learned that making information easily accessible generated more interest in their products and services and can open doors to potential sales.  Many co-workers have commented on their preference to doing initial inquiries via the web because it offers privacy.  Contact with a salesperson is no longer required to learn about a company’s product line, unless you wish it. 

Within the firewall at most companies there are extensive Intranet’s that house many different types of web sites such as: 

  • Benefits sites in which employees can monitor and maintain their own personal profiles 
  • Points of information sites where organizations within companies can promote themselves and their initiatives 
  • Distributions sites for products and services such as enterprise software etc… 

The Internet has created a new generation of wealth. Ordering over the Web has become easy, quick and recently safer for credit card use.  Amazon Books is an excellent example of how the Internet can maximize sales.  They not only provide a service, they have added many customer service touches such as keeping tract of prior purchases, offering suggestions for new books based on prior purchases and speedy delivery.  The advertisers have recognized the power of web pages. What were once clean logon pages are now cluttered with advertisements for all kinds of products. 

The web is open 24 hours a day 3 day’s a week, it is generally not effected by such things as storms, natural disasters etc…. The web promotes telecommuting and even productive day’s off. 

It is also fascinating to see how quickly the web technology has advanced.  What were once basic flat screens are now three-dimensional videos.  On the other hand, I tend to miss the personal interaction – the human contact. Some sites are unforgiving if errors are made.  Beyond the firewall there is not much accountability for the content or accuracy of the sites.  For many people it has become a way of life to sell and to buy.

http://www.bestitdocuments.com/Services.html

 

Comments Off on Impact of the Internet

Business Requirements for Network Performance

Posted in Business (600) by Guest on the October 4th, 2010

Look for a complete picture of the network performance across both the WAN and the LAN regardless of network technology

• Measure and verify key service level parameters including latency, availability, packet loss and jitter from an independent, third party point of view.

• Monitor key performance indicators including physical and logical access in addition to end-to-end connections across every location in the enterprise.

• Reduce the number of trouble tickets opened to the service provider by quickly isolating the cause of network issues between the provider and the enterprise.

• Enable successful deployments of layer 3-based MPLS networks by monitoring any-to-any IP-based connections.

• Leverage the key features of class of service prioritization by ensuring applications are tagged correctly and not exceeding carrier thresholds which can negatively impact network and application performance.

• Correlate all of the network and application performance to understand the impact of the network on the applications and application’s impact on the network with a single system.

• Determine VoIP readiness by generating actual VoIP calls to test network readiness and baseline quality – both before and after deployment.

• Understand how a VoIP deployment will impact your existing data network.

• Draw on combined network, application, and VoIP-specific analytics to see how data traffic is affecting call quality, and how VoIP traffic is affecting data quality.

• Anticipate and measure the impact of VoIP deployment on call quality by using synthetic calls during pre-deployment and assessment to establish the Mean Option Score (MOS) and R-factor post-deployment. Use real calls post-deployment and service turn-up – then compare MOS and R-factor scores to establish the impact of deployment.

• Measure service level parameters across a distributed network by analyzing the performance of both simulated and actual calls at each site – with detailed measurement such as jitter, dropped packets and latency.

• Quickly pinpoint VoIP call quality impairments with a clear picture of what is causing any degradation – with detailed views that show how jitter, codec loss, packet loss and delay are impacting performance on a per-site basis.

• Detailed reports on current VoIP trends on every circuit on your network – including MOS distribution by hour per site, sites with the most or worst VoIP calls, and overall VoIP performance.

Comments Off on Business Requirements for Network Performance

Windows 2008 Security Guide

Posted in O S (375) by Guest on the October 3rd, 2010
Comments Off on Windows 2008 Security Guide
Next Page »