Challenges of Securing a Petascale Cluster

Size: px
Start display at page:

Download "Challenges of Securing a Petascale Cluster"

Transcription

1 Challenges of Securing a Petascale Cluster Christian Servin The University of Texas at El Paso Computational Sciences Program christians@miners.utep.edu Mentor: Irfan Elahi 1

2 Project Overview Security Challenges in Clusters Security Baseline/Requirements Case Study: TeraGrid Proposed Security Model Implementation, Analysis, and Testing 2

3 Challenges in Large Clusters vs Other Environments Clusters: Diverse User Community Data Sharing High Performance Computing Different File Systems 3

4 Computer Security 4

5 Computer Security Confidentiality 4

6 Computer Security Confidentiality Integrity 4

7 Computer Security Confidentiality Integrity Usability 4

8 Computer Security Confidentiality Integrity Usability 4

9 Objective Identify security challenges of securing open science large HPC supercomputers as compared with stand-alone servers. Also, to provide a security design that provides the perfect balance between security and usability An Ancient Fortress on an Island 5

10 Stand-alone vs Cluster High Bandwidth Connections Extensive Computational Power Massive Storage Capacity Firewall Between Nodes Storage Trust (Implicit Trust) Limited Encryption 6

11 Security Layers to Consider External Network Supercomputer (cluster) Other Attack External Network Login Login IO Login Attacker Gateway Nodes Internal Network Host (node) Master Service Service... Compute Nodes... Hosts Internal Network Dragon Image: 7

12 Security Layers to Consider External Network Supercomputer (cluster) Other Attack External Network Login Login IO Login Attacker Gateway Nodes Internal Network Host (node) Master Service Service... Compute Nodes... Hosts Internal Network Dragon Image: 7

13 Security Layers to Consider External Network Supercomputer (cluster) Other Attack External Network Login Login IO Login Attacker Gateway Nodes Internal Network Host (node) Master Service Service... Compute Nodes... Hosts Internal Network Dragon Image: 7

14 Security Layers to Consider External Network Supercomputer (cluster) Other Attack External Network Login Login IO Login Attacker Gateway Nodes Internal Network Host (node) Master Service Service... Compute Nodes... Hosts Internal Network Dragon Image: 7

15 Host Case Study: TeraGrid Cluster Configuration Management Unnecessary Services Protect Shared File System Network Prevent IP Address spoofing Prevent source routing Block services that cannot be access controlled at host level 8

16 Case Study: TeraGrid (2) Auditing Have Monitoring and Events Detection Have Centralized logs Have Process Accounting 9

17 Installation and Configuration Experiments Configured a Cluster of Five Nodes Configured the network on a Local Area Network (LAN) Installed Ubuntu Server Security Model was Implemented, Analyzed and Tested 10

18 Experiment Configuration Intruder Master/ Login Service Compute Compute 11

19 Security Model Configuration Network Configuration Operating System Setup Scheduler File System 12

20 Security Model Configuration Network Configuration Operating System Setup Scheduler File System 12

21 Security Model Configuration Network Configuration Operating System Setup Scheduler File System Monitoring Tools 12

22 Security Model Configuration Network Configuration Operating System Setup Scheduler File System Monitoring Tools 12

23 Security Model Configuration Network Configuration Operating System Setup Scheduler File System Decision Maker Monitoring Tools 12

24 Security Model Configuration Network Configuration Operating System Setup Scheduler File System Monitoring Tools Monitoring System logs Intrusion Detection Sys Decision Maker 12

25 Security Model Configuration Network Configuration Operating System Setup Scheduler File System Monitoring Tools Monitoring System logs Intrusion Detection Sys Decision Maker Fuzzy Logic Decision Engine Interval Computation Multi Criteria Decision Making 12

26 Personal Challenges OS Server Installation Linux novice Networking Network File System Services configuration 13

27 Summary Identify unique challenges of securing large HPC clusters Study the TeraGrid security baseline Provide a secure architecture Built a cluster with 5 nodes Implemented, analyzed, and tested on cluster 14

28 Future Work Establish benchmarks for a security and usability setup environment. Incorporate uncertainty models based on monitored records 15

29 Other SIParCS Achievements Participated in the CSG Summer Workshop Participated & observed the Bluefire upgrade Attended various vendor conference conference calls meetings Observed & Learned in day by day SSG activities 16

30 Special Thanks 17

31 Questions Thank you for your attention Christian Servin 18

Why Firewalls? Firewall Characteristics

Why Firewalls? Firewall Characteristics Why Firewalls? Firewalls are effective to: Protect local systems. Protect network-based security threats. Provide secured and controlled access to Internet. Provide restricted and controlled access from

More information

Unit 11 Computer Network Introduction to Network Operating Systems

Unit 11 Computer Network Introduction to Network Operating Systems Unit 11 Computer Network Introduction to Network Operating Systems Network Operating Systems Just as a computer cannot operate without a computer operating system, a network of computers cannot operate

More information

Wireless Honeypots. Created by: Sponsored by: Final Documentation. Volume 2 Product and Process Documentation

Wireless Honeypots. Created by: Sponsored by: Final Documentation. Volume 2 Product and Process Documentation Wireless Honeypots Created by: Sponsored by: Final Documentation Volume 2 Product and Process Documentation April 25, 2005 Product and Process Documentation Introduction A honeypot is a node on a network

More information

Means for Intrusion Detection. Intrusion Detection. INFO404 - Lecture 13. Content

Means for Intrusion Detection. Intrusion Detection. INFO404 - Lecture 13. Content Intrusion Detection INFO404 - Lecture 13 21.04.2009 nfoukia@infoscience.otago.ac.nz Content Definition Network vs. Host IDS Misuse vs. Behavior Based IDS Means for Intrusion Detection Definitions (1) Intrusion:

More information

Nexpose. Hardening Guide. Product version: 6.0

Nexpose. Hardening Guide. Product version: 6.0 Nexpose Hardening Guide Product version: 6.0 Table of contents Table of contents 2 Revision history 3 File System 4 Installation 5 Configuration 6 Users 6 Services 6 Kernel Settings 6 CIS Benchmarks 8

More information

VMware Mirage Getting Started Guide

VMware Mirage Getting Started Guide Mirage 5.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document,

More information

Intruders. significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders:

Intruders. significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders: Intruders significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders: masquerader misfeasor clandestine user varying levels of competence

More information

Cryptzone AppGate. AX-V Virtual Appliance Getting Started Guide. Context Aware. Content Secure.

Cryptzone AppGate. AX-V Virtual Appliance Getting Started Guide. Context Aware. Content Secure. AppGate AX-V Virtual Appliance Getting Started Guide Author: Malcolm Hamilton and Adam Rose Version: 2.3 Date: 12.8.2015 1 Table of Constance INTRODUCTION 3 PREREQUISITES 3 REQUIREMENTS 3 TECHNICAL SPECIFICATIONS

More information

County of El Paso Purchasing Department 800 E. Overland Room 300 El Paso, Texas (915) / Fax: (915)

County of El Paso Purchasing Department 800 E. Overland Room 300 El Paso, Texas (915) / Fax: (915) County of El Paso Purchasing Department 800 E. Overland Room 300 El Paso, Texas 79901 (915) 546-2048 / Fax: (915) 546-8180 www.epcounty.com ADDENDUM 1 To: From: All Interested Proposers Blanca Güereca,

More information

10 Defense Mechanisms

10 Defense Mechanisms SE 4C03 Winter 2006 10 Defense Mechanisms Instructor: W. M. Farmer Revised: 23 March 2006 1 Defensive Services Authentication (subject, source) Access control (network, host, file) Data protection (privacy

More information

Table of Contents. Page 1 of 6 (Last updated 27 April 2017)

Table of Contents. Page 1 of 6 (Last updated 27 April 2017) Table of Contents What is Connect?... 2 Physical Access Controls... 2 User Access Controls... 3 Systems Architecture... 4 Application Development... 5 Business Continuity Management... 5 Other Operational

More information

VMware Mirage Getting Started Guide

VMware Mirage Getting Started Guide Mirage 5.8 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document,

More information

Your Data and Artificial Intelligence: Wise Athena Security, Privacy and Trust. Wise Athena Security Team

Your Data and Artificial Intelligence: Wise Athena Security, Privacy and Trust. Wise Athena Security Team Your Data and Artificial Intelligence: Wise Athena Security, Privacy and Trust Wise Athena Security Team Contents Abstract... 3 Security, privacy and trust... 3 Artificial Intelligence in the cloud and

More information

Security Correlation Server System Deployment and Planning Guide

Security Correlation Server System Deployment and Planning Guide CorreLog Security Correlation Server System Deployment and Planning Guide The CorreLog Server provides a method of collecting security information contained in log messages generated by network devices

More information

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013 Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive

More information

Using DNS Service for Amplification Attack

Using DNS Service for Amplification Attack Using DNS Service for Amplification Attack Outline Use DNS service to achieve load balancing for a server cluster Carry out an amplification attack by taking advantage of DNS service Enforce firewall rules

More information

CompTIA Security+ CompTIA SY0-401 Dumps Available Here at: https://www.certification-questions.com/comptia-exam/sy0-401-dumps.html

CompTIA Security+ CompTIA SY0-401 Dumps Available Here at: https://www.certification-questions.com/comptia-exam/sy0-401-dumps.html CompTIA Security+ CompTIA SY0-401 Dumps Available Here at: /comptia-exam/sy0-401-dumps.html Enrolling now you will get access to 1776 questions in a unique set of SY0-401 dumps Question 1 Sara, the security

More information

SAULT COLLEGE OF APPLIED ARTS AND TECHNOLOGY SAULT STE. MARIE, ONTARIO COURSE OUTLINE

SAULT COLLEGE OF APPLIED ARTS AND TECHNOLOGY SAULT STE. MARIE, ONTARIO COURSE OUTLINE SAULT COLLEGE OF APPLIED ARTS AND TECHNOLOGY SAULT STE. MARIE, ONTARIO Sault College COURSE OUTLINE COURSE TITLE: Internet / Intranet / Extranet : SEMESTER: Five PROGRAM: AUTHOR: Computer Systems Support

More information

IE156: ICS410: ICS/SCADA Security Essentials

IE156: ICS410: ICS/SCADA Security Essentials IE156: ICS410: ICS/SCADA Security Essentials IE156 Rev.001 CMCT COURSE OUTLINE Page 1 of 6 Training Description: In this five-day intensive training, participants will develop and reinforce a common language

More information

Ethical Hacking and Prevention

Ethical Hacking and Prevention Ethical Hacking and Prevention This course is mapped to the popular Ethical Hacking and Prevention Certification Exam from US-Council. This course is meant for those professionals who are looking for comprehensive

More information

IEEE 802 Plenary Kauai Nov Criteria 10GBASE-CX4 10GBASE-CX4 1

IEEE 802 Plenary Kauai Nov Criteria 10GBASE-CX4 10GBASE-CX4 1 10GBASE-CX4 5 Criteria 10GBASE-CX4 1 Broad Market Potential Broad set( s) of applications Multiple vendors, multiple users Balanced cost, LAN Vs. attached stations As customers move to 1000BASE-T attached

More information

Measure S Technology Subcommittee

Measure S Technology Subcommittee Measure S Technology Subcommittee Monday, February 25, 2013 (Revised March 6, 2013) Proposed Agenda 10 Preparation Meeting Notes from February 14, 2013 Review Agenda Member Updates 15 Final Recommendations

More information

Virtual Private Networks (VPN)

Virtual Private Networks (VPN) CYBR 230 Jeff Shafer University of the Pacific Virtual Private Networks (VPN) 2 Schedule This Week Mon September 4 Labor Day No class! Wed September 6 VPN Project 1 Work Fri September 8 IPv6? Project 1

More information

Understanding Cisco Unified Communications Security

Understanding Cisco Unified Communications Security Cisco Support Community Presents Tech-Talk Series Understanding Cisco Unified Communications Security Akhil Behl Solutions Architect, akbehl@cisco.com Author of Securing Cisco IP Telephony Networks 2010

More information

Network Security: Firewall, VPN, IDS/IPS, SIEM

Network Security: Firewall, VPN, IDS/IPS, SIEM Security: Firewall, VPN, IDS/IPS, SIEM Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr What is a Firewall? A firewall is hardware, software, or a combination of both that is used to prevent unauthorized

More information

Distributed Systems. 29. Firewalls. Paul Krzyzanowski. Rutgers University. Fall 2015

Distributed Systems. 29. Firewalls. Paul Krzyzanowski. Rutgers University. Fall 2015 Distributed Systems 29. Firewalls Paul Krzyzanowski Rutgers University Fall 2015 2013-2015 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive data & systems not accessible Integrity:

More information

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips Table of Contents Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips 2 Current State of BYOD in the Enterprise Defining BYOD Bring-Your-Own-Device (BYOD): a business practice

More information

VMware vsphere with ESX 4.1 and vcenter 4.1

VMware vsphere with ESX 4.1 and vcenter 4.1 QWERTYUIOP{ Overview VMware vsphere with ESX 4.1 and vcenter 4.1 This powerful 5-day class is an intense introduction to virtualization using VMware s vsphere 4.1 including VMware ESX 4.1 and vcenter.

More information

CoreMax Consulting s Cyber Security Roadmap

CoreMax Consulting s Cyber Security Roadmap CoreMax Consulting s Cyber Security Roadmap What is a Cyber Security Roadmap? The CoreMax consulting cyber security unit has created a simple process to access the unique needs of each client and allows

More information

VREDPro HPC Raytracing Cluster

VREDPro HPC Raytracing Cluster 1 HPC Raytracing Cluster... 1 1.1 Introduction... 1 1.2 Configuration... 2 1.2.1 Cluster Options... 4 1.2.2 Network Options... 5 1.2.3 Render Node Options... 6 1.2.4 Preferences... 6 1.2.5 Starting the

More information

Securing the FOSS VistA Stack

Securing the FOSS VistA Stack Securing the FOSS VistA Stack K.S. Bhaskar Development Director, FIS GT.M 2011 Fidelity National Information Services, Inc. and its subsidiaries. What is Security? 2 What is Security? Simplistic View Ensuring

More information

SD-WAN Recommended Test Plan

SD-WAN Recommended Test Plan SD-WAN Recommended Test Plan The following test plan can be used to test and verify the functionality of the SD-WAN solution. Test Outline The suggested tests described below are: 1. Standard Tests a.

More information

HikCentral V1.3 for Windows Hardening Guide

HikCentral V1.3 for Windows Hardening Guide HikCentral V1.3 for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1Strict Password Policy... 2 1.2Turn Off Windows Remote

More information

Introduction to UNIX/LINUX Security. Hu Weiwei

Introduction to UNIX/LINUX Security. Hu Weiwei Introduction to UNIX/LINUX Security Hu Weiwei Operation System Security The Security Problems in Operation Systems become more and more important The Security techniques improved rapidly The number of

More information

CIS Controls Measures and Metrics for Version 7

CIS Controls Measures and Metrics for Version 7 Level One Level Two Level Three Level Four Level Five Level Six 1.1 Utilize an Active Discovery Tool Utilize an active discovery tool to identify devices connected to the organization's network and update

More information

The Cray Rainier System: Integrated Scalar/Vector Computing

The Cray Rainier System: Integrated Scalar/Vector Computing THE SUPERCOMPUTER COMPANY The Cray Rainier System: Integrated Scalar/Vector Computing Per Nyberg 11 th ECMWF Workshop on HPC in Meteorology Topics Current Product Overview Cray Technology Strengths Rainier

More information

Cyber Criminal Methods & Prevention Techniques. By

Cyber Criminal Methods & Prevention Techniques. By Cyber Criminal Methods & Prevention Techniques By Larry.Boettger@Berbee.com Meeting Agenda Trends Attacker Motives and Methods Areas of Concern Typical Assessment Findings ISO-17799 & NIST Typical Remediation

More information

Security+ SY0-501 Study Guide Table of Contents

Security+ SY0-501 Study Guide Table of Contents Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators

More information

An evaluation of the Performance and Scalability of a Yellowstone Test-System in 5 Benchmarks

An evaluation of the Performance and Scalability of a Yellowstone Test-System in 5 Benchmarks An evaluation of the Performance and Scalability of a Yellowstone Test-System in 5 Benchmarks WRF Model NASA Parallel Benchmark Intel MPI Bench My own personal benchmark HPC Challenge Benchmark Abstract

More information

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications GLOBALPROTECT Prevent Breaches and Secure the Mobile Workforce GlobalProtect extends the protection of Palo Alto Networks Next-Generation Security Platform to the members of your mobile workforce, no matter

More information

CIS Controls Measures and Metrics for Version 7

CIS Controls Measures and Metrics for Version 7 Level 1.1 Utilize an Active Discovery Tool 1.2 Use a Passive Asset Discovery Tool 1.3 Use DHCP Logging to Update Asset Inventory 1.4 Maintain Detailed Asset Inventory 1.5 Maintain Asset Inventory Information

More information

The Ranger Virtual Workshop

The Ranger Virtual Workshop The Ranger Virtual Workshop 1 INTRODUCTION The Ranger Virtual Workshop (VW) is a set of online modules covering topics that help TeraGrid users learn how to effectively use the 504 teraflop supercomputer

More information

Graphene-SGX. A Practical Library OS for Unmodified Applications on SGX. Chia-Che Tsai Donald E. Porter Mona Vij

Graphene-SGX. A Practical Library OS for Unmodified Applications on SGX. Chia-Che Tsai Donald E. Porter Mona Vij Graphene-SGX A Practical Library OS for Unmodified Applications on SGX Chia-Che Tsai Donald E. Porter Mona Vij Intel SGX: Trusted Execution on Untrusted Hosts Processing Sensitive Data (Ex: Medical Records)

More information

Distributed telecommunications network access using the TMOS IntraWeb Gateway

Distributed telecommunications network access using the TMOS IntraWeb Gateway Distributed telecommunications access using the IntraWeb Gateway Magnus Ekhed, Peter Gundersen and Olav Queseth In an increasingly competitive marketplace, operator success depends more and more on usage.

More information

Configuring a Secure Survivable Remote Site Telephony (SRST) Reference

Configuring a Secure Survivable Remote Site Telephony (SRST) Reference CHAPTER 6 Configuring a Secure Survivable Remote Site Telephony (SRST) Reference This chapter contains information on the following topics: Overview for Securing the SRST, page 6-1 Secure SRST Configuration

More information

Firewall Identification: Banner Grabbing

Firewall Identification: Banner Grabbing Honey POt Firewall Identification: Banner Grabbing Banners are messages sent out by network services during the connection to the service. Banners announce which service is running on the system. Banner

More information

Secure Access & SWIFT Customer Security Controls Framework

Secure Access & SWIFT Customer Security Controls Framework Secure Access & SWIFT Customer Security Controls Framework SWIFT Financial Messaging Services SWIFT is the world s leading provider of secure financial messaging services. Their services are used and trusted

More information

T Yritysturvallisuuden seminaari

T Yritysturvallisuuden seminaari T-110.5690 Yritysturvallisuuden seminaari Chapter 10: Conceptual Security Architecture Lauri Helkkula 22.10.2007 Sources Chapter 10 of the book Sherwood, Clark, Lynas: Enterprise Security Architecture,

More information

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

PrepAwayExam.   High-efficient Exam Materials are the best high pass-rate Exam Dumps PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : 642-541 Title : VPN and Security Cisco SAFE Implementation Exam (CSI) Vendors : Cisco

More information

Delivers cost savings, high definition display, and supercharged sharing

Delivers cost savings, high definition display, and supercharged sharing TM OpenText TM Exceed TurboX Delivers cost savings, high definition display, and supercharged sharing OpenText Exceed TurboX is an advanced solution for desktop virtualization and remote access to enterprise

More information

PCI DSS Compliance. White Paper Parallels Remote Application Server

PCI DSS Compliance. White Paper Parallels Remote Application Server PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3

More information

Last time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control

Last time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control Last time Security Policies and Models Bell La-Padula and Biba Security Models Information Flow Control Trusted Operating System Design Design Elements Security Features 10-1 This time Trusted Operating

More information

SQL Server AlwaysOn setup on ObserveIT environment

SQL Server AlwaysOn setup on ObserveIT environment SQL Server AlwaysOn setup on ObserveIT environment Overview ObserveIT can be easily installed on a SQL Server AlwaysOn environment. The AlwaysOn is part of Microsoft SQL Server Enterprise Edition and should

More information

USER MANUAL SNMP-RC210 SNMP WEB MANAGEMENT CARD. bxterra.com

USER MANUAL SNMP-RC210 SNMP WEB MANAGEMENT CARD. bxterra.com USER MANUAL SNMP-RC210 SNMP WEB MANAGEMENT CARD bxterra.com TABLE OF CONTENTS INTRODUCTION... INSTALLATION... SNMP MANAGER GUI... SNMP MANAGER FUNCTIONS MENU... SETTINGS... ONLINE UPGRADE... SYSTEM MANAGER...

More information

Introduction and Statement of the Problem

Introduction and Statement of the Problem Chapter 1 Introduction and Statement of the Problem 1.1 Introduction Unlike conventional cellular wireless mobile networks that rely on centralized infrastructure to support mobility. An Adhoc network

More information

SNMP Manager User s Manual

SNMP Manager User s Manual SNMP Manager User s Manual Table of Contents 1. Introduction...1 2. SNMP Manager Install, Quick Start and Uninstall...2 2.1. Software Installation...2 2.2. Software Quick Start...2 2.3. Software Uninstall...3

More information

OpenSees on Teragrid

OpenSees on Teragrid OpenSees on Teragrid Frank McKenna UC Berkeley OpenSees Parallel Workshop Berkeley, CA What isteragrid? An NSF sponsored computational science facility supported through a partnership of 13 institutions.

More information

QualiWare 6.5 System Requirements

QualiWare 6.5 System Requirements QualiWare 6.5 System Requirements QualiWare ApS Ryttermarken 15 DK-3520 Farum Denmark Tel: +45 4547 0700 Fax:+45 4547 0770 qualiware.com Content 1. PREFACE 2 2. HISTORY 2 3. WORKSTATIONS/CLIENTS 3 3.1.

More information

Load Balancing Overview

Load Balancing Overview The "Load Balancing" feature is available only in the Barracuda Web Application Firewall 460 and above. A load balancer is a networking device that distributes traffic across multiple back-end servers

More information

Enterprise Information System Services Enterprise System Disaster Recovery Scheme. System Requirement Overview

Enterprise Information System Services Enterprise  System Disaster Recovery Scheme. System Requirement Overview Enterprise Information System Services Enterprise Email System Disaster Recovery Scheme This document describes the high level overview of the information and procedures that will be required to recover

More information

WIRELESS AS A BUSINESS ENABLER. May 11, 2005 Presented by: Jim Soenksen and Ed Sale, Pivot Group

WIRELESS AS A BUSINESS ENABLER. May 11, 2005 Presented by: Jim Soenksen and Ed Sale, Pivot Group WIRELESS AS A BUSINESS ENABLER May 11, 2005 Presented by: Jim Soenksen and Ed Sale, Pivot Group Presentation Goals Describe the need for and benefits of Wireless Networking Describe the risks involved

More information

A new Distributed Security Model for Linux Clusters

A new Distributed Security Model for Linux Clusters A new Distributed Security Model for Linux Clusters Makan.Pourzandi@Ericsson.Com Open Systems Lab Montréal Canada June, 2004 Rev PA1 07/05/04 1 Outline Context Distributed Security Distributed Access Control

More information

Web Security. Outline

Web Security. Outline Security CS 161/194-1 Anthony D. Joseph November 21, 2005 s Outline Static and Dynamic Content Firewall review Adding a DMZ Secure Topologies 2 1 Polls How many people have set up a personal web server?

More information

Remote Support Security Provider Integration: RADIUS Server

Remote Support Security Provider Integration: RADIUS Server Remote Support Security Provider Integration: RADIUS Server 2003-2019 BeyondTrust Corporation. All Rights Reserved. BEYONDTRUST, its logo, and JUMP are trademarks of BeyondTrust Corporation. Other trademarks

More information

CENTRAL AUTHENTICATION USING RADIUS AND 802.1X

CENTRAL AUTHENTICATION USING RADIUS AND 802.1X CENTRAL AUTHENTICATION USING RADIUS AND 802.1X This is part of my experience I implemented in the Organization while I was doing my summer interns as the Part of my Curriculum. This Entirely is a very

More information

MFP: The Mobile Forensic Platform

MFP: The Mobile Forensic Platform MFP: The Mobile Forensic Platform Abstract Digital forensics experts perform investigations of machines for triage to see if there is a problem, as well as to gather evidence and run analyses. When the

More information

Computer Network Vulnerabilities

Computer Network Vulnerabilities Computer Network Vulnerabilities Objectives Explain how routers are used to protect networks Describe firewall technology Describe intrusion detection systems Describe honeypots Routers Routers are like

More information

Active Status Guidelines for Leaders and Certification Guidelines for Master Trainers and T-Trainers Effective January 1, 2019.

Active Status Guidelines for Leaders and Certification Guidelines for Master Trainers and T-Trainers Effective January 1, 2019. Certification: Definitions Permission granted by the Self-Management Resource Center to individuals who have completed training in SMRC programs, have been recommended for certification for Master Trainer

More information

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT Open Space Security Cyber-attacks are real. Today alone, Lab technology prevented nearly 3 million of them aimed at our customers worldwide.

More information

1) Write the characteristics of a problem with suitable example. 2) Explain Hill climbing and its variant Steepest-ascent hill climbing step by step.

1) Write the characteristics of a problem with suitable example. 2) Explain Hill climbing and its variant Steepest-ascent hill climbing step by step. (DMCA 301) ASSIGNMENT - 1, MAY - 2016. PAPER- I : ARTIFICIAL INTELLIGENCE 1) Write the characteristics of a problem with suitable example. 2) Explain Hill climbing and its variant Steepest-ascent hill

More information

Linux Clusters for High- Performance Computing: An Introduction

Linux Clusters for High- Performance Computing: An Introduction Linux Clusters for High- Performance Computing: An Introduction Jim Phillips, Tim Skirvin Outline Why and why not clusters? Consider your Users Application Budget Environment Hardware System Software HPC

More information

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network Always Remember Chapter #1: Network Device Configuration There is no 100 percent secure system, and there is nothing that is foolproof! 2 Outline Learn about the Security+ exam Learn basic terminology

More information

Pasiruoškite ateičiai: modernus duomenų centras. Laurynas Dovydaitis Microsoft Azure MVP

Pasiruoškite ateičiai: modernus duomenų centras. Laurynas Dovydaitis Microsoft Azure MVP Pasiruoškite ateičiai: modernus duomenų centras Laurynas Dovydaitis Microsoft Azure MVP 2016-05-17 Tension drives change The datacenter today Traditional datacenter Tight coupling between infrastructure

More information

Overview Intrusion Detection Systems and Practices

Overview Intrusion Detection Systems and Practices Overview Intrusion Detection Systems and Practices Chapter 13 Lecturer: Pei-yih Ting Intrusion Detection Concepts Dealing with Intruders Detecting Intruders Principles of Intrusions and IDS The IDS Taxonomy

More information

NetSupport Manager v11

NetSupport Manager v11 Remote Support For Any Environment NetSupport Manager v11 NetSupport Manager has been helping organisations optimise the delivery of their IT support services since 1989 and, while the use of Remote Control

More information

Audit Network Security. University System of New Hampshire

Audit Network Security. University System of New Hampshire Audit Network Security Presenter Ashish Jain, CPA, CIA, CISA, CA Director of Internal Audit University System of New Hampshire 1 University System of New Hampshire 34,000 enrolled students 4 institutions

More information

High Performance Computing Course Notes Course Administration

High Performance Computing Course Notes Course Administration High Performance Computing Course Notes 2009-2010 2010 Course Administration Contacts details Dr. Ligang He Home page: http://www.dcs.warwick.ac.uk/~liganghe Email: liganghe@dcs.warwick.ac.uk Office hours:

More information

Implementing and Administering Security in a Microsoft Windows 2000 Network Course 2820 Five days Instructor-led Published: February 17, 2004

Implementing and Administering Security in a Microsoft Windows 2000 Network Course 2820 Five days Instructor-led Published: February 17, 2004 Implementing and Administering Security in a Microsoft Windows 2000 Network Course 2820 Five days Instructor-led Published: February 17, 2004 Introduction This five-day instructor-led course provides students

More information

How to Respond to Solicitations on The University of Texas at El Paso Sourcing Manager

How to Respond to Solicitations on The University of Texas at El Paso Sourcing Manager How to Respond to Solicitations on The University of Texas at El Paso Sourcing Manager Once you are a registered Supplier on Sourcing Manager, log in to your Account. Go to the Bids tab. Under My Recent

More information

Cisco Next Generation Firewall Services

Cisco Next Generation Firewall Services Toronto,. CA May 30 th, 2013 Cisco Next Generation Firewall Services Eric Kostlan Cisco Technical Marketing 2011 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1 Objectives At the

More information

50+ Incident Response Preparedness Checklist Items.

50+ Incident Response Preparedness Checklist Items. 50+ Incident Response Preparedness Checklist Items Brought to you by: Written by: Buzz Hillestad, Senior Information Security Consultant at SBS, LLC 1 and Blake Coe, Vice President, Network Security at

More information

Security and Reliability of the SoundBite Platform Andy Gilbert, VP of Operations Ed Gardner, Information Security Officer

Security and Reliability of the SoundBite Platform Andy Gilbert, VP of Operations Ed Gardner, Information Security Officer Security and Reliability of the SoundBite Platform Andy Gilbert, VP of Operations Ed Gardner, Information Security Officer 2007 SoundBite Communications, Inc. All Rights Reserved. Agenda Scalability Capacity

More information

Unified Communications Manager FAQ

Unified Communications Manager FAQ Unified Communications Manager FAQ Document ID: 111900 Contents Introduction Is it possible to control the quota for outside calls with Cisco Unified Communications Manager? How many calls can be handled

More information

Elivepatch Flexible distributed Linux Kernel live patching. Alice Ferrazzi

Elivepatch Flexible distributed Linux Kernel live patching. Alice Ferrazzi Elivepatch Flexible distributed Linux Kernel live patching Alice Ferrazzi 1 Summary Live patch explanation Current live patch services Motivation for elivepatch Elivepatch solution Implementation Challenge

More information

Introduction to IA Class Notes. 2 Copyright 2018 M. E. Kabay. All rights reserved. 4 Copyright 2018 M. E. Kabay. All rights reserved.

Introduction to IA Class Notes. 2 Copyright 2018 M. E. Kabay. All rights reserved. 4 Copyright 2018 M. E. Kabay. All rights reserved. IDS & IPD CSH6 Chapter 27 Intrusion Detection & Intrusion Prevention Devices Rebecca Gurley Bace Topics Security Behind the Firewall Main Concepts Intrusion Prevention Information Sources Analysis Schemes

More information

Performance Monitor. Version: 7.3

Performance Monitor. Version: 7.3 Performance Monitor Version: 7.3 Copyright 2015 Intellicus Technologies This document and its content is copyrighted material of Intellicus Technologies. The content may not be copied or derived from,

More information

Information Technology (IT) Skill Standards Checklist

Information Technology (IT) Skill Standards Checklist of Workforce Development Division of Employment and Training Information Technology (IT) Skill Standards Checklist Student Name YA Coordinator School District YA Consortium High School Graduation Date

More information

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,

More information

The Blue Water s File/Archive System. Data Management Challenges Michelle Butler

The Blue Water s File/Archive System. Data Management Challenges Michelle Butler The Blue Water s File/Archive System Data Management Challenges Michelle Butler (mbutler@ncsa.illinois.edu) NCSA is a World leader in deploying supercomputers and providing scientists with the software

More information

IBM Systems: Helping the world use less servers

IBM Systems: Helping the world use less servers Agenda Server Consolidation Reasons Server Consolidation Methodology Power Systems Server Consolidation Server Consolidation Examples Demo of SCON Tool Mike Rede Field Technical Sales Specialist mrede@us.ibm.com

More information

WB-Analysis of the Nakula & Antareja Incident

WB-Analysis of the Nakula & Antareja Incident WB-Analysis of the Nakula & Antareja Incident A WB-Analysis of a system security-related incident 5.5th Bieleschweig Workshop Bielefeld, June 6-7 2005 Overview Introduction The WB-Analysis Conclusion Discussion

More information

HikCentral V.1.1.x for Windows Hardening Guide

HikCentral V.1.1.x for Windows Hardening Guide HikCentral V.1.1.x for Windows Hardening Guide Contents Introduction... 1 1. The Operating System - Microsoft Windows Security Configuration... 2 1.1 Strict Password Policy... 2 1.2 Turn Off Windows Remote

More information

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1 Revision A McAfee Network Security Platform 9.1 (9.1.7.73-9.1.3.11 Manager-M-series, Mxx30-series, and XC Cluster Release Notes) Contents About the release New features Enhancements Resolved Issues Installation

More information

1. Broad Market Potential o Broad set(s) of applications o Multiple vendors, multiple users o Balance cost, LAN vs. attached stations 802.

1. Broad Market Potential o Broad set(s) of applications o Multiple vendors, multiple users o Balance cost, LAN vs. attached stations 802. 1. Broad Market Potential o Broad set(s) of applications o Multiple vendors, multiple users o Balance cost, LAN vs. attached stations The fast growth of CPU speed is forcing the development of new LANs

More information

Business Strategy Theatre

Business Strategy Theatre Business Strategy Theatre Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014 In the midst of chaos, there is also opportunity. - Sun-Tzu Security:

More information

Cascade Vulnerability Problem Simulator Tool

Cascade Vulnerability Problem Simulator Tool Cascade Vulnerability Problem Simulator Tool Christian Servin and Martine Ceberio Department of Computer Science University of Texas at El Paso El Paso, TX 79968-0518, USA christians@miners.utep.edu Abstract

More information

A Security Model for Space Based Communication. Thom Stone Computer Sciences Corporation

A Security Model for Space Based Communication. Thom Stone Computer Sciences Corporation A Security Model for Space Based Communication Thom Stone Computer Sciences Corporation Prolog Everything that is not forbidden is compulsory -T.H. White They are after you Monsters in the Closet Virus

More information

Cisco TelePresence Video Sales Engineer.

Cisco TelePresence Video Sales Engineer. Cisco 650-296 TelePresence Video Sales Engineer http://killexams.com/exam-detail/650-296 QUESTION: 31 Which is the primary function of the Cisco MSE 8321 ISDN GW blade? A. To provide up to 60 1080p high-definition

More information

TPM v.s. Embedded Board. James Y

TPM v.s. Embedded Board. James Y TPM v.s. Embedded Board James Y What Is A Trusted Platform Module? (TPM 1.2) TPM 1.2 on the Enano-8523 that: How Safe is your INFORMATION? Protects secrets from attackers Performs cryptographic functions

More information

Network+ Guide to Networks 5 th Edition. Chapter 1 An Introduction to Networking

Network+ Guide to Networks 5 th Edition. Chapter 1 An Introduction to Networking Network+ Guide to Networks 5 th Edition Chapter 1 An Introduction to Networking Goals of This Chapter List the advantages of networked computing relative to standalone computing Distinguish between client/server

More information