enterprise security management protection profiles: global threat ...

yourcreativesolutions.nl

enterprise security management protection profiles: global threat ...

enterprise security managementprotection profiles:global threat analysis and protectionprofile selectionJoshua Brickman, CA TechnologiesSeptember 2010


agenda Review Enterprise Security Management— a review…what arethese products? Some PP stats Schedule Survey instrument and demographics Results How can you get involved (participants)2Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


schedule— Sept 2008 proposal− received well at 9 th ICCC--interest by multiple vendors, NIAP, consultants and other schemes— May 2009: NIAP pledges support for creation of the ESM PP’s.— May-Aug 2009: concurrence of ESM product categories among Microsoft, IBM, EMC, Oracle Symantec, and CA Inc solidified— Sept 2009 implementation plan presented at 10 th ICCC— Fall 2009 global threat analysis— Winter 2010: global threat survey— May 2010: PP development3TodayCopyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong totheir respective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


what is ESMIdentitymanagementStandardizedloggingEnterprise Security ManagementCompliance&configurationPolicy/AccessDataLossPreventionMonitoring&response4Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


Validated PP'sIDSFirewallOSBio-MetricWLANAnti-VirusAuth ServerCIMCDBMSDirectoryHW SwitchPKPrinterRouterSep KernelUSDAVPNWeb Serverexisting PPs9876543225%38%47%53%59%63%66%69%72%75%78%81%84%88%91%94%97%100% 100%90%80%70%60%50%40%30%20%110%00%Technology60% of existing PP’s cover only five technologies (out of 18)5Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


number of ESM products availableby major vendors•Policy & Access Mgmt make up 42% of ESM products available•At least 64 products in the space6Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong totheir respective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


CC evaluations in the US•23 PP’s in the US only support 25% of products evaluated•16% of compliant evaluations had multiple claims•With new ESM PPs, at least 64 products would be PP compliant•18 out of 23 CA evaluations would have been eligible for ESM PP’s if they existed (78%)7Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


goal of the survey Two goals: Prioritization of the 1 st ESM PP Importance of the CC and its elements togovernment customers8Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey demographicsincludes selection of 12 data points (survey questions) Data sampling: 27 completed surveys E-mailed to US DoD agencies and Australasianagencies Survey posted on NIAP, Australasian, and Britishscheme sites Available for five weeks on NIAP, three on other sites Survey respondents included representatives fromJapan, Canada, US, Australia, and SpainData Source: Confirmit survey tool (250 records)9Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong totheir respective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results: operational mission5 4 3 2 1Strongly Agree Agree Neutral Disagree Strongly Disagree Avg: 3.72/3 of respondents use ESM tools10Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results: operational mission5 4 3 2 1Strongly Agree Agree Neutral Disagree Strongly Disagree Avg: 3.146% Agree, but 31% are unsatisfied with their ESM products11Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results: operational mission5 4 3 2 1Strongly Agree Agree Neutral Disagree Strongly Disagree Avg: 4.1Almost 50% believe that integrated products are very important12Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results: common criteria5 4 3 2 1Strongly Agree Agree Neutral Disagree Strongly Disagree Avg: 3.565% believe that CC evaluated products are more trustworthy13Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results: common criteria5 4 3 2 1Strongly Agree Agree Neutral Disagree Strongly Disagree Avg: 3.8Only 15% do not require CC on the Procurement clipboard14Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results: common criteriaOne interpretationof this question isthat this decisionis on a case by casebasis5 4 3 2 1Strongly Agree Agree Neutral Disagree Strongly Disagree Avg: 3.4This decision varies based on agency , country and other factors15Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results: procurement decisions5 4 3 2 1Strongly Agree Agree Neutral Disagree Strongly Disagree Avg: 3.569% of procurement officers read Security Targets16Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong totheir respective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results: procurement decisionsPP’s are the onlyway gov’t agenciescan compareapples to apples –clearlyrespondentsrecognize thevalue5 4 3 2 1Strongly Agree Agree Neutral Disagree Strongly Disagree Avg: 3.873% of respondents think PP’s are important17Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results: procurement decisions5 4 3 2 1Strongly Agree Agree Neutral Disagree Strongly Disagree Avg: 3.550% are planning on purchasing new ESM products18Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong totheir respective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results- 1 st ESM PP choiceaccess control is CLEAR #1 priority63% of respondents said that AC was in top 2 priorities19Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong totheir respective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey resultsaccess control is CLEAR #1 priorityRank in order of importance:54 .4 44 .2 243 .9 333 .1 13 .0 02 .3 0210C entralized PolicyM anagement, anddis tributedE nforc ementA c c ess ControlC ompliantI mplementation andE ffec tiveness of ISP olic ies andP roc eduresP rovis ioning and de-provis ioningus ers /I dentityM anagementData Los sP reventionC ollec ting, auditing,analyzing, s ec urityevent logsAVG86% of respondents said that either AC or Policy were highest priority20Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


survey results– deployed productsAccess Control Protection Profile21Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


1st protection profile--decisionCustomers suggest AC as the 1 stoneAccess Control PP is focused onimplementing the policy from aPolicy Manager (another PP later).End UserRequestsAccess toObjectHost MachinePolicyEnforcementPoint(PEP)ObjectConfigurationFilesAudit StoreKey threats to Access Controlenforcement is communicationto/from the Policy Manager andConfiguration filesKeyTarget of EvaluationIT EnvironmentPolicyManagerPolicyAdministratorFunctional requirements include:Audit Generation (FAU)Access Control Policy (FDP)Data Authentication (new)Non-Repudiation (new)Authorization Validation (new)Data Validation (new)Fault Tolerance (new)Self Testing (new)22Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


products that could be evaluated againstnew PP (sample)IdentityManagementComplianceandconfigurationPolicy/AccessMonitoringandresponseStandardizedloggingCA Identity Manager CA GRC Manager CA Siteminder CA Auditor for z/OS CA Enterprise LogManagerSC Operations Manager,SC ConfigurationManager & SC VMMSC Operations Manager,SC ConfigurationManager, SC EssentialsSC Operations Manager&SC EssentialsSC Operations Manager*Symantec Alteris Symantec CCS/FTK Symantec Alteris Symantec SSIM Symantec AlterisOracle Identity ManagerIBM Tivoli IdentityManagerEMC RSA AccessManagerOracle EnterpriseManagerIBM Tivoli ComplianceInsight Manager (TCIM) ,Security InformationEvent Manager (TSIEM)EMC RSA EnvisionEMC RSA EnvisionOracle Access Manager Oracle Audit Vault Oracle Audit VaultIBM Tivoli Unified SingleSign-On , Tivoli SecurityPolicy ManagerIBM Common Audit andReporting (CARS) &TCIM23Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


the team, so far (growing!)We are always looking for more participants!24Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


Questions?Joshua Brickman, PMPCA TechnologiesDirector of Federal Certification Program Office(508) 628-8917Joshua.Brickman@ca.com25Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


Legal Notice— THIS PRESENTATION IS FOR YOUR INFORMATIONAL PURPOSES ONLY. CA assumes no responsibility for the accuracy or completeness of the information. TOTHE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENT “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING, WITHOUT LIMITATION,ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. In no event will CA be liable for any loss ordamage, direct or indirect, in connection with this presentation, including, without limitation, lost profits, lost investment, business interruption, goodwill, orlost data, even if CA is expressly advised of the possibility of such damages.— CA does not provide legal advice. Neither this presentation nor any CA software product shall serve as a substitute for your compliance with any laws(including but not limited to any act, statute, regulation, rule, directive, policy, standard, guideline, measure, requirement, administrative order, executiveorder, etc. (collectively, “Laws”)) referenced in this document. You should consult with competent legal counsel regarding any Laws referenced herein.26 Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


Backup27 Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to theirrespective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


data collection plan28 Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong totheir respective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


data collection plan, continued29 Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong totheir respective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.


data collection plan, continued30 Copyright © 2010 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong totheir respective companies. CA confidential and proprietary. No unauthorized copying or distribution permitted.

More magazines by this user
Similar magazines