"It
is impossible for ideas to compete in the marketplace if no forum for
their presentation is provided or available."
Thomas Mann, 1896
The Business Forum held a
Closed Luncheon
on the subject
of
Information Security Group
at
The Fairmont Olympic Hotel
in Seattle, Washington
With Experts
from:
Cisco
Systems Inc.
Those accepting our invitation
to attend included:
Chief Information Officer - Todd Pacific Shipyards Corporation * Chief Technology Officer - City of Seattle Director - County Government Central Information Technology Organization - King County ITS * Director - Walt Disney Internet Group * Director of Global Information Security - PACCAR, Inc. * Internal Audit Manager - Todd Pacific Shipyards Corporation * Information Technology Manager - GM Nameplate, Inc. * Manager of Enterprise Networks & Security - Nordstrom * Manager Systems & Programming - Milliman, Inc. * Manager, Corporate Information Technology Contract Administration - Russell Investment Group * Manager, Technology & Operations - King County * Senior Business Analyst - GM Nameplate, Inc. *
For the
benefit of those of our members and supporters who could not
attend the meeting we present the following white papers, with contacts
How to Provide
Effective Worm Mitigation
Contributed by Cisco
Systems, Inc.
The network today is a critical business asset. It not only allows the smooth
running of business applications, it also enables the easy delivery of data,
voice, and video. As a result, companies are increasingly concerned with keeping
their network running andapplications online while protecting one of their most
critical assets — their information. In order to protect your business, you need
to protect your network. In recent years, not only has the number of
network and computer attacks been on the rise, but also the level of complexity
and sophistication with which they strike. The most commonplace and perhaps most
damaging of these attacks are called “worms.”
Building a Self-Defending Network
Contributed by Cisco Systems, Inc.
Increasingly,
mission-critical business applications and services are deployed on open
networks with substantial connections to the public Internet. Without
appropriate security policies, processes, and products, Internet connectivity
can compromise the very gains in productivity that help make today’s
companies more profitable and that enable them to serve a larger and more
diverse customer base.
In
some industries, data privacy and the threat of litigation has become a
government mandate. U.S. healthcare providers must comply with the Health
Insurance Portability and Accountability Act (HIPAA), U.S. financial services
providers are governed by the Gramm-Leach-Bliley Act, and U.K. companies must
adhere to the Turnbull Report on Internal Control for public companies, as
well as the Data Protection Act of 1995.
Technology Best Practices for Endpoint Security
Contributed by Cisco Systems, Inc.
As technologies such as high-speed networks, switching, and end-to-end encryption are more widely adopted, providing desired security at the network level becomes a major challenge. One important place to enforce security is at the endpoint, where data resides and the potential for damage is greatest. Today, businesses are confronted with the availability of several point products, each attempting to solve a part of the endpoint security problem. These include distributed personal firewalls for protection against network-borne threats, antivirus scanners for detection of file-based threats, and audit or integrity products for detection of malicious configuration activity. These technologies do not address new attacks that are carried over existing protocols to attack applications, or new content-based attacks that attack systems before vendors are able to release and distribute signatures and other responses. This document outlines the technology best practices for endpoint security solutions, to help organizations make informed decisions when choosing endpoint security products.
Contributed by Cisco Systems, Inc.
Network Admission Control (NAC), an industry initiative sponsored by Cisco Systems, uses the network infrastructure to enforce security policy compliance on all devices seeking to access network computing resources, thereby limiting damage from viruses and worms.
Using NAC, organizations can provide network access to endpoint devices such as PCs, PDAs, and servers that are verified to be fully compliant with established security policy. NAC can also identify noncompliant devices and deny them access, place them in a quarantined area, or give them restricted access to computing resources.
NAC is part of the Cisco Self-Defending Network. Its goal is to create greater intelligence in the network to automatically identify, prevent, and adapt to security threats.
Intrusion Protection for Remote Corporate Users
Contributed by Cisco Systems, Inc.
Increasingly, employees are working remotely from corporate offices. Some of these users are mobile workers accessing corporate applications like e-mail from hotel rooms, airports, or customer offices. Others are tele-workers working from home. Often, these users access the corporate network through the Internet instead of using a dialup modem. All of these users are exposed to probes or attacks from the Internet, and none are protected by the central corporate firewall. Remote users whose computers are compromised provide attackers with a point of entry into the corporate network.
A Security Blueprint for Enterprise Networks
Contributed by Cisco Systems, Inc.
The SAFE Blueprint from Cisco Systems� is a secure blueprint for enterprise networks. Its principle goal is to provide best practices information on designing and implementing secure networks. SAFE takes a defense-in-depth approach to network security design, serving as a guide to network designers considering the security requirements of their networks. This type of design focuses on expected threats and their methods of mitigation, resulting in a layered approach to security where the failure of one security system is not likely to lead to the compromise of the rest of the network. Although this white paper is a product-agnostic document, the SAFE proof-of-concept lab is based on products from Cisco and its partners.
This document begins with an overview of the blueprint’s architecture, and then details the specific modules that make up the actual network design. When discussing each module, the first three sections describe the traffic flows, primary devices, and expected threats, with basic mitigation diagrams. Detailed technical analysis of the design follows, along with more detailed threat mitigation techniques and migration strategies.
Contact
for further Information:Cisco Systems Corporation
Kevin Flynn
Senior Security Manager
408-526-6877
[email protected]
Visit the Authors Web Site
Search Our Site
Search the ENTIRE Business
Forum site. Search includes the Business
Forum Library, The Business Forum Journal and the Calendar Pages.
Disclaimer
The Business Forum, its Officers, partners, and all other
parties with which it deals, or is associated with, accept
absolutely no responsibility whatsoever, nor any liability,
for what is published on this web site. Please refer to:
Home
Calendar The Business Forum Journal
Features
Concept
History
Library
Formats
Guest Testimonials
Client Testimonials
Experts Search
News Wire Join
Why Sponsor
Tell-A-Friend
Contact The Business Forum
The Business Forum
9297 Burton Way, Suite 100
Beverly Hills, CA 90210
Tel: 310-550-1984 Fax: 310-550-6121
[email protected]
webmaster: bruceclay.com