DevSecOps. Building Security into Your DevOps Processes
|
|
- Jesse Dickerson
- 5 years ago
- Views:
Transcription
1 DevSecOps Building Security int Yur DevOps Prcesses
2 The DevOps mvement has pushed fr and succeeded in breaking dwn barriers and sils within rganizatins dividing teams int specialized functins f Develpment and Operatins. DevOps enables rganizatins that embrace the mvement and culture t be mre cmpetitive by enabling faster, mre reliable sftware releases by leveraging autmatin t replace manual prcesses invlved in shipping sftware. A side effect f this speed is that security tls and prcesses need t mve at the same pace t keep up. The idea driving DevSecOps r Rugged DevOps is t bake the security testing f the applicatin under develpment int the prcess used t ship it. Autmatin f these prcesses takes peple ut f the chain and puts them in a different capacity. Instead f peple being the prcess, tls and autmatin are the prcess and peple mnitr and respnd t prcess failures. Thus, cmbining the strengths f bth cmputers and peple. The image belw lists sme f the tls leveraged t autmate the security testing and auditing f a DevOps pipeline. Sme types f tls that exist already fr security testing are: Clud infrastructure Tls t scan yur clud infrastructure and cnfiguratin f resurces against best practices fr that clud. Examples are Azure Advisr and evident.i Autmated security tests There are nw framewrks that let yu write security tests fr applicatins just like the traditinal unit and integratin tests. Gauntit is a framewrk that is gaining ppularity t build and autmate tests like these. Static cde analysis This set f tls can scan yur cdebase and pen surce libraries and find ptential vulnerabilities. VeraCde is a ppular tl t perfrm these kinds f analyses. 1
3 Runtime security analysis This set f tls runs alngside/within yur applicatin in prductin and can help identify and prevent security issues in real time. Cntrast Security is ne such tl that prvides these features. Vulnerability scanning fr Cntainers Tls like Clair frm CreOS help yu t scan yur cntainer images fr vulnerabilities. The API interface fr Clair makes it easy t add this t custm build pipelines. Yu can have a lk at- fr a mre cmprehensive list f DevSecOps tls fr each stage f the SDLC. Best Practices fr Implementing DevSecOps in Yur Organizatin Autmated and Prgrammable Security Cntrls Just like DevOps relies n fast shrt feedback lps, DevSecOps als uses shrt feedback lps with the difference f having cntinuus mnitring and analytics at the cre f bth the develpment and peratins ends. Infrmatin security architects must try t incrprate security cntrls with a minimum t n manual cnfiguratin at every stage f the cycle in such a way that they are transparent and dn t impede the hard-wn agility DevOps brings while managing risk and regulatry cmpliance needs. This means that any security cntrls added need t be capable f autmatin t fit int DevOps tlchains. Autmatin brings in tw benefits immediately. Autmatin reduces the risk f misadministratin and mistakes which are the tw leading causes f security breaches and unexpected peratinal dwntime. Secndly, autmatin remves peple frm the prcess and makes them mnitrs f the prcess respnding t prcess failures allwing a speed bst fr security activities and making sure that the agility f DevOps envirnments isn t impacted. Surce: Gartner (September 2016) 2
4 When a security platfrm s capabilities like IAM, firewalling, vulnerability scanning, AST (applicatin security testing) are available thrugh a prgrammable interface, the integratin and autmatin f these cntrls are easy within an autmated DevOps pipeline. Security teams within an rganizatin nw can set plicies which can be standardized and applied rganizatin wide. Chse security and management vendrs wh: Fully API-enable their platfrm services and expse 100% f functinality via APIs Prvide explicit supprt fr cmmn DevOps tlchain envirnments, such as Chef, Puppet and similar autmatin tls Prvide explicit supprt fr cntainers and cntainer rchestratin and management systems (which are nt necessary fr DevSecOps, but help streamline service delivery frm develpment int prductin). Separatin f Duties and Enfrcement via RBAC and IAM A majr jb fr auditrs and security architects is making sure there is a clear separatin f wh can d what in additin t where and when especially in terms f service deplyment and develpment. Even within a single team respnsible fr a service there are clearly defined rles peple take. The idea is nt t lck dwn r unnecessarily hamper the individuals frm ding their jbs but t give them the minimum set f permissins they need t achieve their gals. This will mean that they will be highly empwered within the areas they are respnsible fr. The scpe and grant f capabilities can be managed by linking existing IAM systems and defining rles fr each unique stage (develpment, staging, and prductin). Cnnect tling t existing IAM systems t pull dwn identities and permissins, e.g., LDAP and Active Directry. Allw enfrcement f security plicies in tls and mnitr all access t tling and activities. Define unique rles fr envirnments, e.g., develpment vs. prductin. An ideal situatin is where all changes within prductin happen via audited and verified scripts with n peple invlved in making direct changes themselves. Make teams respnsible and allw audits fr changes t their service via a trust and verify basis. Verificatin can be achieved thrugh audit lgs and develpment changes lgged int smething, such as SCM, e.g., Git, Subversin, ClearCase. Simplify Risk and Threat Mdelling fr Applicatins A standard best practice fr DevSecOps is having at least a basic risk based threat mdel. An easy way t start is having a simple questinnaire s develpment teams can assess the risk f the service they are develping at a high level. A sample questinnaire can include questins like: Is sensitive data being handled? What type f sensitive data? Are cmmunicatins being encrypted? Is data at rest being encrypted? 3
5 Develper training shuld be cnducted fr basic security best practices and peridic cmmunicatin arund changes t these plicies need t be circulated. A list f basic security plicies can include things like input sanitizatin, encryptin f cmmunicatin and data. heavyweight and need a qualified security prfessinal t run them. There is a new breed f lightweight tls that integrate directly with a develper's IDE and allw fr a quick check f security as a cde is written. In additin t tls like these, autmated scanning and security testing sftware shuld be a part f the cntinuus testing pipeline. Train develpers in secure cding best practices and t write resilient cde that sanitizes input and blcks cmmn attack patterns, such as buffer verflws, SQL injectin and crss-site scripting. Develp a simple threat-and-risk mdel assessment tl and implement it as a part f the planning and design prcess. Base the level f threat mdelling n the risk f the applicatin. Applicatins handling sensitive data r directly accessing the internet shuld require deeper threat mdelling and cllabratively invlve infrmatin security. Plan t mask, de-identify r synthesize data used in develpment fr testing. D nt use raw sensitive prductin data in develpment. Scan Custm Cde, Applicatins, and APIs Any custm cde being written shuld be scanned fr pssible security vulnerabilities during develpment. Current tling fr traditinal static applicatin security testing (SAST) and dynamic applicatin security testing (DAST) are nt suited fr the scale DevSecOps needs. They are t Interactive applicatin security testing (IAST) is a great ptin if the platfrm the applicatin is being develped n supprts instrumentatin (Java,.Net, PHP). IAST is a great fit fr the highly-autmated testing needed fr DevSecOps. A substitute fr IAST is applicatin security testing (AST) tls. Tls that can be driven via autmatin shuld be preferred. Evaluate and adpt IAST fr applicatins that supprt it, and favur slutins using selfinducers fr autmated testing. Plan t fully autmate any traditinal static r dynamic tls r services that are used. Fr example, DevOps tlchain scripting tls can invke autmated testing. D nt make develpers leave their native envirnment and tlchains. If SAST and DAST slutins are used, require vendrs t supprt differential scans that test nly the mdified cde and dwnstreamimpacted mdules. 4
6 Acknwledge and accept that having zer vulnerabilities isn't pssible. Reduce false psitives (albeit with a risk f higher false negatives) and trim the utput f AST tls and services t fcus develpers first n the highest severity and highest cnfidence vulnerabilities. Favur AST scanning tls and services that use machine learning and cllective intelligence t trim results t nly the highest cnfidence results. By plicy, dn't allw custm cde with knwn critical vulnerabilities t enter prductin. Accept that vulnerabilities that represent lwer levels f risk may r may nt be addressed in future iteratins. Appraches that identify and accept manageable risk are necessary. Wrk with DevOps managers t measure and mtivate develpment teams t prduce cde with fewer vulnerabilities. Make security metrics a part f cde quality metrics and hld develpment teams accuntable. Scan Open Surce Dependencies fr Issues Mst mdern applicatins can be described as assembled vs. being built frm scratch. Develpers rely n a multitude f Open Surce libraries and framewrks t accelerate the building f their applicatin. This is a prblem when there are vulnerabilities with these pen surce libraries and framewrks. All dependencies shuld be scanned and vetted fr vulnerabilities during the build prcess and flagged fr review and remediatin. Scan all applicatins, system images, virtual machines and cntainers in develpment fr unknwn, embedded r vulnerable OSS cmpnents in the perating system, applicatin platfrm and in the applicatin itself. Implement an "OSS firewall" t practively prevent develpers frm dwnlading knwn vulnerable cde frm Maven, GitHub and ther OSS cde repsitries by plicy. Scanning fr Vulnerabilities and Cnfiguratin at the Surce Develpment The previus sectins scan fr discvered and knwn vulnerabilities in custm cde and Open Surce dependencies. As develpment cntinues and packages are built and integrated, it becmes imprtant t scan the entire cntent f images (vms, amis r cntainers). This scanning shuld be built int the build pipeline and shuld be autmated. These scans shuld als target the scanning f the cnfiguratin f the OS and applicatin platfrms and cmpare them t the best practices fr that platfrm s secure cnfiguratin and hardening. An estimate frm Gartner ntes that thrugh 2020, 99% f vulnerabilities that are explited will cntinue t be knwn fr at least ne year. Finding these issues at the surce during build time eliminates them frm reaching prductin. Priritize OSS sftware mdule identificatin and vulnerability scanning in develpment. Architect DevOps prcesses t autmatically scan the cntents f all system images, including the base OS, applicatin platfrm and all cntainers fr knwn vulnerabilities 5
7 and cnfiguratin issues as part f the cntinuus integratin prcess. By plicy, dn't allw systems t leave develpment with knwn critical vulnerabilities. Require develpers t remve unnecessary mdules and harden all systems t industry standard best practices. Integrate with anti-malware scanners (such as VirusTtal), netwrk sandbxing and algrithmic malware detectin (such as Cylance) t scan systems t ensure the malicius cde hasn't been intrduced t the image during the develpment prcess. Expand the Definitin f Sensitive Cde t Include Scripts, Recipes, Templates, and Layers DevOps prmtes a prcess f Infrastructure as a cde. This allws yu t versin audit and autmate the deplyment and cnfiguratin f infrastructure, essentially making yur infrastructure prgrammable. The first strategy talks abut making security tls prgrammable. Since infrastructure is being treated as a cde, these artefacts need t have security cding principles applied t them. This means that the templates, scripts, recipes, and blueprints need t be secured and audited. We ve discussed hw autmatin can reduce the chance f a mistake, but a prly written script can magnify a mistake if released int prductin. An example f this is a recent S3 utage that was caused by an engineer mistakenly remving prductin servers instead f replicas. This actin thrugh the script caused Amazn s S3 service t grind t a halt. The script didn t have checks r rate limiting arund hw many servers it culd affect. Incidents like these drive hme the need t make sure that cnfiguratin files and scripts, like surce cde, need t be scanned fr mistakes, pssible vulnerabilities, and excessive risk. Earlier we discussed hw high levels f autmatin can reduce the chance f a mistake. All cnfiguratin that can be expressed in text files shuld be held in a central repsitry like Git that allws changes t these cnfiguratins t be recrded. Git can recrd nt nly what change was made but als when and by whm. Eventually, all infrastructure shuld be treated like surce cde with versin cntrl rllback audit, lgging and alerting based n usage. Making this the rganizatinal standard means that n changes t infrastructure can be made withut being recrded and audited. This prcess will be valuable t auditrs and get their buy-in in implementing a DevOps expansin t nt just applicatin but als infrastructure. Ensure that DevOps teams have implemented gd versin cntrl practices and tls t maintain clear accuntability and traceability fr all the applicatin sftware that is deplyed int the live envirnment. Extend the scpe f the versin cntrl and autmated deplyment tls t the cnfiguratin, infrastructure setup and mnitring cnfiguratin. 6
8 Use autmatin scripts t deply t the staging envirnment fr final tests (may be an autmated test in advanced DevOps envirnments). Scan scripts fr errrs and embedded risk, such as embedded credentials, encryptin keys, API keys and s n, that represent a significant and avidable risk. System Integrity and Cnfiguratin Cmpliance in Prductin Let s mve the fcus f this paper t the best practices in prductin. The pririty fr any prductin system is that the infrastructure and services installed and running are what we need and are cnfigured crrectly. Any tampering with the images against standards intrducing vulnerabilities shuld be detected and islated. We shuld measure as many system elements as we can (H/W, virtualizatin, images VMs, Cntainers). This measurement shuld extend t the validatin f any cntainer assembly layers used in cntainer management slutins. Use a cntainer management system (if cntainers are used) that supprts hashing r ther techniques t measure and verify system integrity when laded. Use Whitelisting n Prductin Systems, Including Cntainer-Based Implementatins Leveraging Whitelisting in Prductin One f the mst pwerful security cntrls fr a wrklad is whitelisting and subsequent mnitring and enfrcement f all its interactins. The use f whitelisting t prevent any thing nt explicitly listed as safe prevents the running f malicius files and wrklads. Whitelisting can extend well beynd just what is allwed t run n a system. This technique can be used t whitelist netwrk cnnectivity, user access, administrative access, and file system access. Histrically this has been difficult t achieve but with the autmatin f infrastructure thrugh DevOps cnfiguratin tls this is nw straightfrward. The declarative nature f DevOps templates lend themselves really well t whitelisting. Implement system integrity measurement n systems as they are bted, including the hardware-based rt f trust measurements f the basic input/utput system, btlader, hypervisr and OS n systems yu wn. Disable runtime-signature-based anti-malware scanning and implement a whitelisting mdel n server wrklads. Antivirus scanning prvides little r n value n well-managed servers and is a waste f resurces in a DevSecOps envirnment. Stre VMs at rest encrypted and hashed, if VMs Autmatically cnfigure whitelists frm the are used in the DevSecOps wrkflw. Verify declarative surces f DevOps tlchains and against tampering at bt. cntainers. 7
9 Require vendrs t supprt whitelisting appraches fr cntainers if cntainers are used. Dn t Assume Perfect Prtectin Organizatins in this day and age face advanced and targeted attacks and preventing them all isn t pssible. It s better t assume they will be cmprmised and engineer t minimize the impact f such a cmprmise. This means everything in yur envirnment needs t be mnitred cntinuusly and any unusual behaviur that is indicative f a breach shuld trigger alerts and autmated respnses. Machine learning and advanced analytic techniques t identify patterns and deviatins can be leveraged here. Design fr pervasive mnitring f critical applicatins, user lgins/lguts, transactins, interactins, netwrk activity and system activity. Use the mnitring data t establish baselines f "nrmal" fr the applicatin in rder t detect meaningful deviatins. Share mnitring data acrss DevOps r prduct teams, platfrm teams and security peratins center teams, as unusual activity may be caused by a hardware failure, sftware failure, bug, insider threat r attack. Deply deceptin and decy services autmatically t mre easily identify attackers as these technlgies mature ver the next several years. Restrict and Lck Dwn Access t Prductin Infrastructure and Services Making sure that autmated tls are the nly way t make changes in prductin allws the standardizatin f remediatin and makes all actins auditable. The exclusive use f autmated tls als lets yu perfrm rllback f any changes attempted. Rapid iteratin and immediate feedback fr prblems and vulnerabilities at the Develpment end means yur security psture is imprved. Infrmatin security architects shuld cllabrate with DevOps teams t: Restrict changes t nly being made via autmated tls and scripts. Disable remte administratin via Secure Shell (SSH) and Remte Desktp Prtcl (RDP) t frce access via APIs and scripts. Adpt an immutable infrastructure mindset (where pssible) and autmate all changes t the envirnment using DevSecOps-style wrkflws. Out-f-date wrklads shuld simply be replaced with newer images in an autmated, systematic way. Require privileged access management systems t manage credentialed access in the rare cases when direct administrative access is needed. Cntainers Security Limitatins While cntainers aren t necessary fr a DevOps 8
10 transfrmatin, they are extremely ppular because f the cnsistency and streamlining they prvide fr develpers as their cde mves frm develpment t prductin. Cntainers d intrduce several security issues that need t be acknwledged. Cntainers share a cmmn OS; this means that islatin is prvided by the OS and nt the hypervisr. Netwrk traffic is visible t all cntainers n the same hst OS withut the additin f any additinal tls. This means that any attack that is successful n the OS kernel will expse all cntainers n that hst. These are the reasns why it s recmmended t use cntainers n wrklads f similar trust levels and using hypervisrs as islatin by running the cntainers within VMs. The use f lean stripped dwn speciality OSes develped t run cntainers is als a recmmended measure. Cnclusin DevSecOps aims fr a gal f having security checks and cntrls applied transparently and autmatically within a rapid-develpment autmated DevOps pipeline. Shifting security left t start at develpment makes sure that DevSecOps is effective and it fllws the jurney f service thrughut its lifecycle. Abve all, successful DevSecOps initiatives must remain true t the riginal DevOps philsphy: teamwrk and transparency, and cntinual imprvement thrugh cntinual learning. 9
Please contact technical support if you have questions about the directory that your organization uses for user management.
Overview ACTIVE DATA CALENDAR LDAP/AD IMPLEMENTATION GUIDE Active Data Calendar allws fr the use f single authenticatin fr users lgging int the administrative area f the applicatin thrugh LDAP/AD. LDAP
More informationAdmin Report Kit for Exchange Server
Admin Reprt Kit fr Exchange Server Reprting tl fr Micrsft Exchange Server Prduct Overview Admin Reprt Kit fr Exchange Server (ARKES) is an Exchange Server Management and Reprting slutin that addresses
More informationFrequently Asked Questions
Frequently Asked Questins What are the benefits f activech? activech allws yur rganizatin t prvide an n-premise, managed and secure alternative t Drpbx and ther file synching and sharing slutins. Benefits
More informationLicensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite
Vlume Licensing brief Licensing the Cre Client Access License (CAL) Suite and Enterprise CAL Suite Table f Cntents This brief applies t all Micrsft Vlume Licensing prgrams. Summary... 1 What s New in this
More informationE-Lock Policy Manager White Paper
White Paper Table f Cntents 1 INTRODUCTION... 3 2 ABOUT THE POLICY MANAGER... 3 3 HOW E-LOCK POLICY MANAGER WORKS... 3 4 WHAT CAN I DO WITH THE POLICY MANAGER?... 4 4.1 THINGS YOU CONTROL IN SIGNING...
More informationDeveloping Microsoft SharePoint Server 2013 Core Solutions
Develping Micrsft SharePint Server 2013 Cre Slutins Develping Micrsft SharePint Server 2013 Cre Slutins Curse Cde: 20488 Certificatin Exam: 70-488 Duratin: 5 Days Certificatin Track: N/A Frmat: Classrm
More informationBeyond Continuous Build: Build Grids. Darryl Bowler, CollabNet
Beynd Cntinuus Build: Build Grids Darryl Bwler, CllabNet Presenters Clsing the Agile Lp Webinar Series Darryl Bwler, Senir Systems Architect, Services, CllabNet With mre than fifteen years f IT experience,
More informationImplementing a Data Warehouse with Microsoft SQL Server
Implementing a Data Warehuse with Micrsft SQL Server Implementing a Data Warehuse with Micrsft SQL Server Curse Cde: 20463 Certificatin Exam: 70-463 Duratin: 5 Days Certificatin Track: MCSA: SQL Server
More informationCA CMDB Connector for z/os
PRODUCT SHEET: CA CMDB CONNECTOR FOR Z/OS CA CMDB Cnnectr fr z/os CA CMDB Cnnectr fr z/os discvers mainframe cnfiguratin items (CIs) and enables ppulatin f that infrmatin int the CA CMDB repsitry. Designed
More informationBMC Remedyforce Integration with Remote Support
BMC Remedyfrce Integratin with Remte Supprt 2003-2018 BeyndTrust, Inc. All Rights Reserved. BEYONDTRUST, its lg, and JUMP are trademarks f BeyndTrust, Inc. Other trademarks are the prperty f their respective
More informationUPGRADING TO DISCOVERY 2005
Centennial Discvery 2005 Why Shuld I Upgrade? Discvery 2005 is the culminatin f ver 18 mnths wrth f research and develpment and represents a substantial leap frward in audit and decisin-supprt technlgy.
More informationNiceLabel LMS. Installation Guide for Single Server Deployment. Rev-1702 NiceLabel
NiceLabel LMS Installatin Guide fr Single Server Deplyment Rev-1702 NiceLabel 2017. www.nicelabel.cm 1 Cntents 1 Cntents 2 2 Architecture 3 2.1 Server Cmpnents and Rles 3 2.2 Client Cmpnents 3 3 Prerequisites
More informationNCTA-Certified Cloud Technologist (NCT) Exam NCT-110
NCTA-Certified Clud Technlgist (NCT) Exam NCT-110 Exam Infrmatin Candidate Eligibility: The NCTA-Certified Clud Technlgist (NCT) exam requires n applicatin fee, supprting dcumentatin, nr ther eligibility
More informationImplementing Microsoft Azure Infrastructure Solutions Syllabus
70-533 - Implementing Micrsft Azure Infrastructure Slutins Syllabus Clud Cmputing Intrductin What is Clud Cmputing Clud Characteristics Clud Cmputing Service Mdels Deplyment Mdels in Clud Cmputing Advantages
More informationVMware AirWatch Certificate Authentication for Cisco IPSec VPN
VMware AirWatch Certificate Authenticatin fr Cisc IPSec VPN Fr VMware AirWatch Have dcumentatin feedback? Submit a Dcumentatin Feedback supprt ticket using the Supprt Wizard n supprt.air-watch.cm. This
More informationIowa State University
Iwa State University Cyber Security Smart Grid Testbed Senir Design, Design Dcument Dec 13-11 Derek Reiser Cle Hven Jared Pixley Rick Suttn Faculty Advisr: Prfessr Manimaran Gvindarasu Table f Cntents
More informationGroup Policy Manager Quick start Guide
Grup Plicy Manager Quick start Guide Sftware versin 4.0.0.0 General Infrmatin: inf@cinsystems.cm Online Supprt: supprt@cinsystems.cm Cpyright CinSystems Inc., All Rights Reserved Page 1 CinSystems Inc.
More informationApp Orchestration 2.6
App Orchestratin 2.6 Terminlgy in App Orchestratin 2.6 Last Updated: July 8, 2015 Page 1 Terminlgy Cntents Elements f App Orchestratin... 3 Dmains... 3 Multi-Datacenter Deplyments... 4 Delivery Sites...
More informationDate: October User guide. Integration through ONVIF driver. Partner Self-test. Prepared By: Devices & Integrations Team, Milestone Systems
Date: Octber 2018 User guide Integratin thrugh ONVIF driver. Prepared By: Devices & Integratins Team, Milestne Systems 2 Welcme t the User Guide fr Online Test Tl The aim f this dcument is t prvide guidance
More informationDELL EMC VxRAIL vcenter SERVER PLANNING GUIDE
WHITE PAPER - DELL EMC VxRAIL vcenter SERVER PLANNING GUIDE ABSTRACT This planning guide discusses guidance fr the varius vcenter Server deplyment ptins supprted n VxRail Appliances. Nvember 2017 TABLE
More informationFLEXPOD A Scale-Out Converged System for the Next-Generation Data Center
FLEXPOD A Scale-Out Cnverged System fr the Next-Generatin Data Center A Scale-Out Cnverged System fr the Next-Generatin Data Center By Lee Hward Welcme t the age f scale-ut cnverged systems made pssible
More informationHands-on Windows Azure Application Architecture & Development (3 days)
Benjamin Day Cnsulting, Inc. 17 Rberts St #2 Brkline, MA 02445 617-645-0188 http://benday.cm Hands-n Windws Azure Applicatin Architecture & Develpment (3 days) D yu really want t run yur wn data center?
More informationThese tasks can now be performed by a special program called FTP clients.
FTP Cmmander FAQ: Intrductin FTP (File Transfer Prtcl) was first used in Unix systems a lng time ag t cpy and mve shared files. With the develpment f the Internet, FTP became widely used t uplad and dwnlad
More informationParallels Operations Automation 5.3
Prduct Update Parallels Operatins Autmatin 5.3 What s New Learn mre at http://www.parallels.cm/spp Nvember 2011 Table f Cntents Intrductin... 1 Tp New Features... 1 Tp Imprvements... 2 SaaS Imprvements...
More informationA solution for automating desktop applications with Java skill set
A slutin fr autmating desktp applicatins with Java skill set Veerla Shilpa (Senir Sftware Engineer- Testing) Mysre Narasimha Raju, Pratap (Test Autmatin Architect) Abstract LeanFT is a pwerful and lightweight
More informationSecure Mobile Access to the Local ICS Network. Jan Vossaert Veilige industriële netwerken 29/09/2016
Secure Mbile Access t the Lcal ICS Netwrk Jan Vssaert Veilige industriële netwerken 29/09/2016 Intrductin ffice netwrk prductin cell ruter 192.168.2.0/24 Internet ICS DMZ servers 192.168.1.0/24 prductin
More informationCisco Tetration Analytics, Release , Release Notes
Cisc Tetratin Analytics, Release 1.102.21, Release Ntes This dcument describes the features, caveats, and limitatins fr the Cisc Tetratin Analytics sftware. Additinal prduct Release ntes are smetimes updated
More informationSecure File Transfer Protocol (SFTP) Interface for Data Intake User Guide
Secure File Transfer Prtcl (SFTP) Interface fr Data Intake User Guide Cntents Descriptin... 2 Steps fr firms new t batch submissin... 2 Acquiring necessary FINRA accunts... 2 SFTP Access t FINRA... 2 SFTP
More informationSummary. Server environment: Subversion 1.4.6
Surce Management Tl Server Envirnment Operatin Summary In the e- gvernment standard framewrk, Subversin, an pen surce, is used as the surce management tl fr develpment envirnment. Subversin (SVN, versin
More informationWelcome to Remote Access Services (RAS) Virtual Desktop vs Extended Network. General
Welcme t Remte Access Services (RAS) Our gal is t prvide yu with seamless access t the TD netwrk, including the TD intranet site, yur applicatins and files, and ther imprtant wrk resurces -- whether yu
More informationCLOUD & DATACENTER MONITORING WITH SYSTEM CENTER OPERATIONS MANAGER. Course 10964B; Duration: 5 Days; Instructor-led
CENTER OF KNOWLEDGE, PATH TO SUCCESS Website: www.inf-trek.cm CLOUD & DATACENTER MONITORING WITH SYSTEM CENTER OPERATIONS MANAGER Curse 10964B; Duratin: 5 Days; Instructr-led WHAT YOU WILL LEARN This curse
More informationSoftware Engineering
Sftware Engineering Chapter #1 Intrductin Sftware systems are abstract and intangible. Sftware engineering is an engineering discipline that is cncerned with all aspects f sftware prductin. Sftware Prducts
More informationCounterSnipe Software Installation Guide Software Version 10.x.x. Initial Set-up- Note: An internet connection is required for installation.
CunterSnipe Sftware Installatin Guide Sftware Versin 10.x.x CunterSnipe sftware installs n any system cmpatible with Ubuntu 14.04 LTS server which is supprted until 2019 Initial Set-up- Nte: An internet
More informationDolby Conference Phone Support Frequently Asked Questions
Dlby Cnference Phne Supprt Frequently Asked Questins Versin 1.0, 1 Intrductin This dcument prvides sme answers t frequently asked questins abut the Dlby Cnference Phne. Fr mre detailed infrmatin n any
More informationBMC Remedyforce Integration with Bomgar Remote Support
BMC Remedyfrce Integratin with Bmgar Remte Supprt 2017 Bmgar Crpratin. All rights reserved wrldwide. BOMGAR and the BOMGAR lg are trademarks f Bmgar Crpratin; ther trademarks shwn are the prperty f their
More informationCodeSlice. o Software Requirements. o Features. View CodeSlice Live Documentation
CdeSlice View CdeSlice Live Dcumentatin Scripting is ne f the mst pwerful extensibility features in SSIS, allwing develpers the ability t extend the native functinality within SSIS t accmmdate their specific
More informationITIL and ISO20000 Pick One or Use Both? Track: Business Services
ITIL and ISO20000 Pick One r Use Bth? Track: Business Services Presenter: Mark Thmas Synpsis With the explsive grwth f ITIL as the de fact framewrk fr IT Service, there is still little knwn abut the ISO20000
More informationThe Customer Journey to SD-WAN Functional, Technical, and Economic Considerations Part 2: SD-WAN: Is It Right for Your Network?
The Custmer Jurney t SD-WAN Functinal, Technical, and Ecnmic Cnsideratins Part 2: SD-WAN: Is It Right fr Yur Netwrk? Technlgy Jel Stradling, Research Directr jel.stradling@glbaldata.cm Spnsred by Published:
More informationCONTROL-COMMAND. Software Technical Specifications for ThomX Suppliers 1.INTRODUCTION TECHNICAL REQUIREMENTS... 2
Réf. ThmX-NT-SI-CC001 Table f Cntents Sftware Technical Specificatins fr ThmX Authr : Philippe Page 1 / 9 1.INTRODUCTION... 2 2.TECHNICAL REQUIREMENTS... 2 3.DOCUMENTATION REQUIREMENTS... 4 4.COMPUTING
More informationpresent Advanced MSBI Automate your SDLC
present Advanced MSBI Autmate yur SDLC advanced MSBI autmate yur sdlc SUMMARY This 3 days training prgram will allw intermediate t senir Micrsft BI develpers and architects t intrduce elements f DevOps,
More informationIntegrating QuickBooks with TimePro
Integrating QuickBks with TimePr With TimePr s QuickBks Integratin Mdule, yu can imprt and exprt data between TimePr and QuickBks. Imprting Data frm QuickBks The TimePr QuickBks Imprt Facility allws data
More informationWeb Application Security Version 13.0 Training Course
Web Applicatin Security Versin 13.0 Training Curse SecureSphere Web Applicatin Security Versin 13.0 Required Training Units: 4 (TR-UNIT) Training Units are gd fr 1 year frm the time f purchase. Length:
More informationINSTALLING CCRQINVOICE
INSTALLING CCRQINVOICE Thank yu fr selecting CCRQInvice. This dcument prvides a quick review f hw t install CCRQInvice. Detailed instructins can be fund in the prgram manual. While this may seem like a
More informationLog shipping is a HA option. Log shipping ensures that log backups from Primary are
LOG SHIPPING Lg shipping is a HA ptin. Lg shipping ensures that lg backups frm Primary are cntinuusly applied n standby. Lg shipping fllws a warm standby methd because manual prcess is invlved t ensure
More informationContents: Module. Objectives. Lesson 1: Lesson 2: appropriately. As benefit of good. with almost any planning. it places on the.
1 f 22 26/09/2016 15:58 Mdule Cnsideratins Cntents: Lessn 1: Lessn 2: Mdule Befre yu start with almst any planning. apprpriately. As benefit f gd T appreciate architecture. it places n the understanding
More informationEcoStruxure for Data Centers FAQ
EcStruxure fr Data Centers FAQ Revisin 1 by Patrick Dnvan Executive summary EcStruxure TM fr Data Centers is Schneider Electric s IT-enabled, pen, interperable system architecture fr data centers. This
More informationCisco EPN Manager Network Administration
Training Data Sheet Cisc EPN Manager Netwrk Administratin Cisc EPN Manager Netwrk Administratin is an instructr-led and lab-based curse in which yu learn t mnitr, cnfigure, and prvisin netwrk devices by
More informationTroubleshooting of network problems is find and solve with the help of hardware and software is called troubleshooting tools.
Q.1 What is Trubleshting Tls? List their types? Trubleshting f netwrk prblems is find and slve with the help f hardware and sftware is called trubleshting tls. Trubleshting Tls - Hardware Tls They are
More informationHow to Guide. DocAve Extender for MOSS 2007 and SPS Installing DocAve Extender and Configuring a Basic SharePoint to Cloud Extension
Hw t Guide DcAve Extender fr MOSS 2007 and SPS 2010 Installing DcAve Extender and Cnfiguring a Basic SharePint t Clud Extensin This dcument is intended fr anyne wishing t familiarize themselves with the
More informationLaunching Xacta 360 Marketplace AMI Guide June 2017
Launching Xacta 360 Marketplace AMI Guide June 2017 Tels Crpratin 2017. All rights reserved. U.S. patents Ns. 6,901,346; 6,980,927; 6,983,221; 6,993,448; and 7,380,270. Xacta is a registered trademark
More informationCNS-220-1I: Citrix NetScaler Essentials and Traffic Management
CNS-220-1I: Citrix NetScaler Essentials and Traffic Management Overview Designed fr students with little r n previus NetScaler experience, this curse is best suited fr individuals wh will be deplying r
More informationCOMPLETE ENDPOINT DEFENSE INTEGRATING PROTECTION, DETECTION, RESPONSE AND REMEDIATION IN A SINGLE SOLUTION
Cerrand las grietas en la detección del malware Adaptive Defense 360 Find the answers, slve the prblem COMPLETE ENDPOINT DEFENSE INTEGRATING PROTECTION, DETECTION, RESPONSE AND REMEDIATION IN A SINGLE
More informationTPP: Date: October, 2012 Product: ShoreTel PathSolutions System version: ShoreTel 13.x
I n n v a t i n N e t w r k A p p N t e TPP: 10320 Date: Octber, 2012 Prduct: ShreTel PathSlutins System versin: ShreTel 13.x Abstract PathSlutins sftware can find the rt-cause f vice quality prblems in
More informationOO Shell for Authoring (OOSHA) User Guide
Operatins Orchestratin Sftware Versin: 10.70 Windws and Linux Operating Systems OO Shell fr Authring (OOSHA) User Guide Dcument Release Date: Nvember 2016 Sftware Release Date: Nvember 2016 Legal Ntices
More informationMaintenance Release Notes Release Version: 9.5.5
Maintenance Release Ntes Release Versin: 9.5.5 Platfrm: 9.5 MR201510 Cntents Updates Included in this Release... 1 Rules Cnsle:... 1 New Feature: Avaya Cumulative Metrics... 1 Technical Gd Health:... 3
More informationFrequently Asked Questions
Frequently Asked Questins Versin 10-21-2016 Cpyright 2014-2016 Aviatrix Systems, Inc. All rights reserved. Aviatrix Clud Gateway What can it d fr me? Aviatrix Clud Gateway prvides an end t end secure netwrk
More informationHW4 Software Version 3.4.1
Release ntes HW4 Sftware Versin 3.4.1 Change cntrl HW4 versin 3.4.1 includes all the functins and features f HW4 versin 3.4.0 with the fllwing mdificatins and additins: Enhancements: Nne New features Nne
More informationCSC IT practix Recommendations
CSC IT practix Recmmendatins CSC Healthcare 17 th June 2015 Versin 3.1 www.csc.cm/glbalhealthcare Cntents 1 Imprtant infrmatin 3 2 IT Specificatins 4 2.1 Wrkstatins... 4 2.2 Minimum Server with 1-5 wrkstatins
More informationEView/400i Management Pack for Systems Center Operations Manager (SCOM)
EView/400i Management Pack fr Systems Center Operatins Manager (SCOM) Cncepts Guide Versin 7.0 July 2015 1 Legal Ntices Warranty EView Technlgy makes n warranty f any kind with regard t this manual, including,
More informationTDR & Bitdefender. Integration Guide
TDR & Bitdefender Integratin Guide TDR and Bitdefender Deplyment Overview Threat Detectin and Respnse (TDR) is a cllectin f advanced malware defense tls that crrelate threat indicatrs frm Firebxes and
More informationProduct Release Notes
Prduct Release Ntes ATTO Cnfiguratin Tl v3.25 - Windws 1. General Release Infrmatin The ATTO Cnfiguratin Tl helps yu custmize the settings f yur ExpressSAS, Celerity and ExpressPCI hst adapters t maximize
More informationConfiguring Database & SQL Query Monitoring With Sentry-go Quick & Plus! monitors
Cnfiguring Database & SQL Query Mnitring With Sentry-g Quick & Plus! mnitrs 3Ds (UK) Limited, Nvember, 2013 http://www.sentry-g.cm Be Practive, Nt Reactive! One f the best ways f ensuring a database is
More informationHP ExpertOne. HP2-T21: Administering HP Server Solutions. Table of Contents
HP ExpertOne HP2-T21: Administering HP Server Slutins Industry Standard Servers Exam preparatin guide Table f Cntents In this sectin, include a table f cntents (TOC) f all headings. After yu have finished
More informationManual for installation and usage of the module Secure-Connect
Mdule Secure-Cnnect Manual fr installatin and usage f the mdule Secure-Cnnect Page 1 / 1 5 Table f Cntents 1)Cntents f the package...3 2)Features f the mdule...4 3)Installatin f the mdule...5 Step 1: Installatin
More informationSAFe Atlassian Style (Updated version with SAFe 4.5)
SAFe Atlassian Style (Updated versin with SAFe 4.5) Table f Cntents 1 Abstract... 3 2 Wh uses SAFe and Why?... 3 3 Understanding SAFe... 3 4 Why Des it Matter?... 5 5 Implementatin f SAFe within the Atlassian
More informationCNS-222-1I: NetScaler for Apps and Desktops
CNS-222-1I: NetScaler fr Apps and Desktps Overview Designed fr students with little r n previus NetScaler, NetScaler Gateway r Unified Gateway experience, this curse is best suited fr individuals wh will
More informationPrivacy Policy. Information We Collect. Information You Choose to Give Us. Information We Get When You Use Our Services
Privacy Plicy Last Mdified: September 26, 2016 Pictry is a fast and fun way t share memes with yur friends and the wrld arund yu. Yu can send a Pictry game t friends and view the pictures they submit in
More informationCCNA Security v2.0 Chapter 1 Exam Answers
CCNA Security v2.0 Chapter 1 Exam Answers 1. What methd can be used t mitigate ping sweeps? using encrypted r hashed authenticatin prtcls installing antivirus sftware n hsts deplying antisniffer sftware
More informationCourse 6368A: Programming with the Microsoft.NET Framework Using Microsoft Visual Studio 2008
Curse 6368A: Prgramming with the Micrsft.NET Framewrk Using Micrsft Visual Studi 2008 5 Days Abut this Curse This five-day, instructr-led curse prvides an intrductin t develping n-tier applicatins fr the
More informationHow to set up Dell SonicWALL Aventail SRA Appliance with OPSWAT GEARS Client
Hw t set up Dell SnicWALL Aventail SRA Appliance with OPSWAT GEARS Client Abut This Guide:... 2 End Pint Cntrl... 3 Device Prfile Definitin... 3 1 Abut This Guide: GEARS is a platfrm fr netwrk security
More informationUpgrading Kaltura MediaSpace TM Enterprise 1.0 to Kaltura MediaSpace TM Enterprise 2.0
Upgrading Kaltura MediaSpace TM Enterprise 1.0 t Kaltura MediaSpace TM Enterprise 2.0 Assumptins: The existing cde was checked ut f: svn+ssh://mediaspace@kelev.kaltura.cm/usr/lcal/kalsurce/prjects/m ediaspace/scial/branches/production/website/.
More informationComprehensive LAN Security for the Banking Financial Services and Insurance Industries
Cmprehensive LAN Security fr the Banking Financial Services and Insurance Industries Nevis Netwrks Persistent LAN Security Slutins Nevis Netwrks LAN Security fr BFSI 1 Overview f the Banking Financial
More informationInfrastructure Series
Infrastructure Series TechDc WebSphere Message Brker / IBM Integratin Bus Parallel Prcessing (Aggregatin) (Message Flw Develpment) February 2015 Authr(s): - IBM Message Brker - Develpment Parallel Prcessing
More informationHW4 Software version 3. Device Manager and Data Logging LOG-RC Series Data Loggers
Page 1 f 18 HW4 Sftware versin 3 Device Manager and Data Lgging LOG-RC Series Data Lggers 2011; Page 2 f 18 Table f cntents 1 ORGANIZATION OF THE HW4 MANUALS... 3 2 OVERVIEW... 4 3 INITIAL SETUP... 4 3.1
More informationCookbook Qermid Defibrillator web service Version This document is provided to you free of charge by the. ehealth platform
Ckbk Qermid Defibrillatr web service Versin 1.01 This dcument is prvided t yu free f charge by the ehealth platfrm Willebrekkaai 38 38, Quai de Willebrek 1000 BRUSSELS All are free t circulate this dcument
More informationGetting Started with the Web Designer Suite
Getting Started with the Web Designer Suite The Web Designer Suite prvides yu with a slew f Dreamweaver extensins that will assist yu in the design phase f creating a website. The tls prvided in this suite
More informationTDR and Avast Business Antivirus. Integration Guide
TDR and Avast Business Antivirus Integratin Guide i WatchGuard Technlgies, Inc. TDR and Avast Deplyment Overview Threat Detectin and Respnse (TDR) is a cllectin f advanced malware defense tls that crrelate
More informationUiPath Automation. Walkthrough. Walkthrough Calculate Client Security Hash
UiPath Autmatin Walkthrugh Walkthrugh Calculate Client Security Hash Walkthrugh Calculate Client Security Hash Start with the REFramewrk template. We start ff with a simple implementatin t demnstrate the
More informationEnterprise Installation
Enterprise Installatin Mnnit Crpratin Versin 3.6.0.0 Cntents Prerequisites... 3 Web Server... 3 SQL Server... 3 Installatin... 4 Activatin Key... 4 Dwnlad... 4 Cnfiguratin Wizard... 4 Activatin... 4 Create
More informationApp Center User Experience Guidelines for Apps for Me
App Center User Experience Guidelines fr Apps fr Me TABLE OF CONTENTS A WORD ON ACCESSIBILITY...3 DESIGN GUIDELINES...3 Accunt Linking Prcess... 3 Cnnect... 5 Accept Terms... 6 Landing Page... 6 Verificatin...
More informationIntroduction. by Surekha Parekh
Intrductin by Surekha Parekh In the current ecnmic climate, businesses are under significant pressure t cntrl csts and increase efficiency t imprve their bttm line. IBM DB2 fr z/os custmers arund the wrld
More informationCampuses that access the SFS nvision Windows-based client need to allow outbound traffic to:
Summary This dcument is a guide intended t guide yu thrugh the prcess f installing and cnfiguring PepleTls 8.55.27 (r current versin) via Windws Remte Applicatin (App). Remte App allws the end user t run
More informationCourse 10262A: Developing Windows Applications with Microsoft Visual Studio 2010 OVERVIEW
Curse 10262A: Develping Windws Applicatins with Micrsft Visual Studi 2010 OVERVIEW Abut this Curse In this curse, experienced develpers wh knw the basics f Windws Frms develpment gain mre advanced Windws
More informationModel WM100. Product Manual
Mdel WM100 Prduct Manual Table f Cntents Sectin Page 1. Hardware... 3 2. Sftware... 4 3. Features... 5 4. Installatin... 6 5. App Devices... 9 6. App Rms... 12 7. App Scenes... 14 8. App Setup... 18 Cntents
More informationVulnerability Protection A Buffer for Patching
Vulnerability Prtectin A Buffer fr Patching A Lucid Security Technical White Paper February 2004 By Vikram Phatak, Chief Technlgy Officer Santsh Pawar, Vulnerability Analyst Lucid Security Crpratin 124
More informationUiPath Automation. Walkthrough. Walkthrough Calculate Client Security Hash
UiPath Autmatin Walkthrugh Walkthrugh Calculate Client Security Hash Walkthrugh Calculate Client Security Hash Start with the REFramewrk template. We start ff with a simple implementatin t demnstrate the
More informationCustodial Integrator. Release Notes. Version 3.11 (TLM)
Custdial Integratr Release Ntes Versin 3.11 (TLM) 2018 Mrningstar. All Rights Reserved. Custdial Integratr Prduct Versin: V3.11.001 Dcument Versin: 020 Dcument Issue Date: December 14, 2018 Technical Supprt:
More informationVisionHub Solution Description
VisinHub Slutin Descriptin VisinHub 4.x May 2016 Rev.A0 Cpyright 2016 Qgnify Ltd. All rights reserved. Imprtant Ntice Qgnify shall bear n respnsibility r liability t a client r t any persn r entity with
More informationCustomer Upgrade Checklist
Custmer Upgrade Checklist Getting Ready fr Yur Sabre Prfiles Upgrade Kicking Off the Prject Create a prfiles prject team within yur agency. Cnsider including peple wh can represent bth the business and
More informationCCNA 1 Chapter v5.1 Answers 100%
CCNA 1 Chapter 11 2016 v5.1 Answers 100% 1. A newly hired netwrk technician is given the task f rdering new hardware fr a small business with a large grwth frecast. Which primary factr shuld the technician
More informationADSS Server Evaluation Quick Guide
ADSS Server Evaluatin Quick Guide This dcument aims t prvide a quick d this and it wrks guide t evaluating ADSS Enterprise Server as a PDF Signing Server bth fr server-side signing and als fr client-side
More informationHPE AppPulse Mobile. Software Version: 2.1. IT Operations Management Integration Guide
HPE AppPulse Mbile Sftware Versin: 2.1 IT Operatins Management Integratin Guide Dcument Release Date: Nvember 2015 Cntents Overview: The IT Operatins Management Integratin 3 System Requirements 3 Hw t
More informationTechnical Paper. Installing and Configuring SAS Environment Manager in a SAS Grid Environment with a Shared Configuration Directory
Technical Paper Installing and Cnfiguring Envirnment Manager in a Grid Envirnment with a Shared Cnfiguratin Directry Last Mdified: January 2018 Release Infrmatin Cntent Versin: January 2018. Trademarks
More informationDocAve 6 Report Center
DcAve 6 Reprt Center User Guide Service Pack 2, Cumulative Update 1 Revisin E Issued April 2013 DcAve 6: Supplementary Tls 1 Table f Cntents Abut Reprt Center... 8 Cmplementary Prducts... 8 Submitting
More informationTDR and Symantec. Integration Guide
TDR and Symantec Integratin Guide i WatchGuard Technlgies, Inc. TDR and Symantec Deplyment Overview Threat Detectin and Respnse (TDR) is a cllectin f advanced malware defense tls that crrelate threat indicatrs
More informationE. G. S. Pillay Engineering College, Nagapattinam Computer Science and Engineering
IT2042 - Infrmatin Security 1-1 E. G. S. Pillay Engineering Cllege, Nagapattinam Cmputer Science and Engineering Elective II IT 2042 INFORMATION SECURITY VIII Sem CSE QUESTION BANK - UNIT-IV 1) What is
More informationSecurity in Bomgar Cloud Remote Support
Security in Bmgar Clud Remte Supprt 2018 Bmgar Crpratin. All rights reserved wrldwide. BOMGAR and the BOMGAR lg are trademarks f Bmgar Crpratin; ther trademarks shwn are the prperty f their respective
More informationAn Introduction to Crescendo s Maestro Application Delivery Platform
An Intrductin t Crescend s Maestr Applicatin Delivery Platfrm Intrductin This dcument is intended t serve as a shrt intrductin t Crescend s Maestr Platfrm and its cre features/benefits. The dcument will
More information2. When logging is used, which severity level indicates that a device is unusable?
CCNA 4 Chapter 8 v5.0 Exam Answers 2015 (100%) 1. What are the mst cmmn syslg messages? thse that ccur when a packet matches a parameter cnditin in an access cntrl list link up and link dwn messages utput
More informationHP Server Virtualization Solution Planning & Design
Cnsulting & Integratin Infrastructure Services HP Server Virtualizatin Slutin Planning & Design Service descriptin Hewlett-Packard Cnsulting & Integratin Infrastructure Cnsulting Packaged Services (HP
More information