SlideShare uma empresa Scribd logo

IP NGN Security Framework

Transferir como PPT, PDF
D
draacon

IP NGN security provides a framework for securing next generation networks through a hierarchical model. It describes key security principles of visibility, control and business relevance. The framework involves iteratively developing security policies through threat and risk assessment. It then outlines six fundamental security actions - identify, monitor, correlate, harden, isolate, and enforce - which apply policies to increase visibility and control through relevant technologies and improve security, resiliency and reliability for subscribers and operators.

1 de 17
IP NGN Security Framework Mikhail Kader, Distinguished Systems Engineer, Cisco, Russia [email_address] ITU-T Workshop on “New challenges for Telecommunication Security Standardizations" Geneva, 9(pm)-10 February 2009 Geneva, 9(pm)-10 February 2009
Scott Borg, Dartmouth College, Institute for Security Technology Studies Mischief of course, but mostly money – a miscreant economy has evolved to steal or extort money from attractive targets IP NGN Security A Paradigm Shift in Miscreant Economy Geneva, 9(pm)-10 February 2009 Yesterday’s Threats ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Today’s Threats ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
IP NGN Secure Platform What is IP NGN Security? A hierarchical model for framing security discussions with service providers Geneva, 9(pm)-10 February 2009 Security Principals Describes the primary Security Principals that are affected by security policies Visibility Control Security Actions Describes essential actions that enable Visibility and Control Identify Monitor Correlate Harden Isolate Enforce Business Relevance Describes customer-specific business goals , and the threats to goal attainment Business Goals and Objectives Threats to Goals and Objectives Security Policies Describes the iterative development and monitoring of security policies Threat and Risk Assessment Security Policies Security Operations
Security helps meet all key business goals and objectives for service providers: Business Relevance Business Goals and Objectives Geneva, 9(pm)-10 February 2009 Adherence to social and legal requirements for parental control, data retention, and service monitoring is mandated in many markets ,[object Object],[object Object],Public disclosure of security or privacy breaches can destroy carefully managed marketing campaigns and brand reputation ,[object Object],Business disruptions due to security events can result in both immediate and long-term loss of revenue ,[object Object],Customers expect safe, private, reliable services, and they’re willing to change operators to get them…
Migration to 3.5G or IP networks brings changes threat landscape hence a Risk Analysis is necessary. An example for Mobile: Illustrate the effects of the evolution from 2G to 3.5G Business Relevance Threats to Business Goals Leads to Risk Analysis Geneva, 9(pm)-10 February 2009 2G 3.5G Isolated  Highly Networked No IP  IP End-to-End Simple Devices  Sophisticated Devices Proprietary Services  Open Services Few Security Targets  Numerous Security Targets Little Risk  Much Risk
IP NGN Security requires the definition of security policies, but is agnostic to the methodologies needed to create them Developing Security Policies Risk Assessment Methodologies eTOM – enhanced Telecom Operators Map ITIL – Information Technology Infrastructure Library Geneva, 9(pm)-10 February 2009
Regardless of the risk assessment methodology utilized, the core steps are the same: These steps result in the creation of security policies and guidelines that define the acceptable and secure use of each device, system, and service Developing Security Policies Many Methodologies – One Goal Geneva, 9(pm)-10 February 2009 Threat Models How can the device, service, or system be attacked, disrupted, compromised, or exploited? Risk Assessments What impact would an attack have on my business? How important is the asset? Policy Development What entities, attributes, processes, or behaviors can be controlled to prevent or mitigate each attack?
IP NGN Security Principles Visibility and Control Security Policies always define a need or means to increase Visibility or Control ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Geneva, 9(pm)-10 February 2009 No visibility means no control; no control means no security 
IP NGN Security Actions Increasing Visibility and Control IP NGN Security defines six fundamental actions that apply defined policies, improving Visibility and Control These actions, properly taken, enhance service security, resiliency, and reliability – primary goals for subscribers and operators alike Geneva, 9(pm)-10 February 2009 Identify Monitor Correlate Isolate Enforce Harden
IP NGN Security Actions Identify Identifying and assigning trust-levels to subscribers, networks, devices, services, and traffic is a crucial first step to infrastructure security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Geneva, 9(pm)-10 February 2009 Identify Monitor Correlate Isolate Enforce Harden Principal Actions Relevant Technologies
IP NGN Security Actions Monitor Any device that touches a packet or delivers a service can provide data describing policy compliance, subscriber behavior, and network health ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Geneva, 9(pm)-10 February 2009 Identify Monitor Correlate Isolate Enforce Harden Principal Actions Relevant Technologies
IP NGN Security Actions Correlate Important macro trends and events can often go unrecognized until other numerous – seemingly unrelated – events are correlated ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Geneva, 9(pm)-10 February 2009 Identify Monitor Correlate Isolate Enforce Harden Principal Actions Relevant Technologies
IP NGN Security Actions Harden Hardening is the application of tools and technologies to prevent known – or unknown – attacks from affecting network or service infrastructures ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Geneva, 9(pm)-10 February 2009 Identify Monitor Correlate Isolate Enforce Harden Principal Actions Relevant Technologies
IP NGN Security Actions Isolate Isolating is a critical design practice then helps prevent access to critical resources, protect data, and limit the scope of disruptive events ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Geneva, 9(pm)-10 February 2009 Identify Monitor Correlate Isolate Enforce Harden Principal Actions Relevant Technologies
IP NGN Security Actions Enforce Shaping the behavior of subscribers, traffic, and services, as well as the mitigation of detected security events are the primary goals of enforcement ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Geneva, 9(pm)-10 February 2009 Identify Monitor Correlate Isolate Enforce Harden Principal Actions Relevant Technologies
IP NGN Security Implementation and Operations IP NGN Security defines the actions and technologies to be implemented and operated by an organization The security of any given IP service depends greatly upon the network architecture, implementation, and organizational competence Geneva, 9(pm)-10 February 2009
IP NGN Security Summary Define a security model to reach operational excellence based on security policies and process gaining enhanced visibility, control and high availability. Geneva, 9(pm)-10 February 2009 Security Principals Describes the primary Security Principals that are affected by security policies Visibility Control Security Actions Describes essential actions that enable Visibility and Control Identify Monitor Correlate Harden Isolate Enforce Business Relevance Describes customer-specific business goals , and the threats to goal attainment Business Goals and Objectives Threats to Goals and Objectives Security Policies Describes the iterative development and monitoring of security policies Threat and Risk Assessment Security Policies Security Operations

Recomendados

Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simpleSameer Paradia
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...Andris Soroka
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012Jimmy Saigon
 
IBM Security Intelligence
IBM Security IntelligenceIBM Security Intelligence
IBM Security IntelligenceAnna Landolfi
 
Cisco Managed Security
Cisco Managed SecurityCisco Managed Security
Cisco Managed SecuritySrivatsan Desikan
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalArrow ECS UK
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Andris Soroka
 

Recomendados

Cloud Security - Made simple
Cloud Security - Made simpleCloud Security - Made simple
Cloud Security - Made simpleSameer Paradia
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...Andris Soroka
 
Watchguard security proposal 2012
Watchguard security proposal 2012Watchguard security proposal 2012
Watchguard security proposal 2012Jimmy Saigon
 
IBM Security Intelligence
IBM Security IntelligenceIBM Security Intelligence
IBM Security IntelligenceAnna Landolfi
 
Cisco Managed Security
Cisco Managed SecurityCisco Managed Security
Cisco Managed SecuritySrivatsan Desikan
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalArrow ECS UK
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Andris Soroka
 
Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsTom Kopko
 
Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0Oscar Ferreira
 
IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & VflowCamilo Fandiño Gómez
 
Building a Security Architecture
Building a Security ArchitectureBuilding a Security Architecture
Building a Security ArchitectureCisco Canada
 
Throughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlThroughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlAruj Thirawat
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceCamilo Fandiño Gómez
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsIBM Security
 
What affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burnsWhat affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burnsBill Burns
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution TaarakMohit8780
 
VMworld 2014: The Goldilocks Zone
VMworld 2014: The Goldilocks ZoneVMworld 2014: The Goldilocks Zone
VMworld 2014: The Goldilocks ZoneVMworld
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsIncheon Park
 
What is micro segmentation?
What is micro segmentation?What is micro segmentation?
What is micro segmentation?Mir Mustafa Ali
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallAli Kapucu
 
Nac market
Nac marketNac market
Nac marketSumit Bhat
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Ahmed Al Enizi
 
Making Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management TogetherMaking Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management TogetherAnton Chuvakin
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune SystemJuan Pablo Coelho
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Ahmed Al Enizi
 
2012-12-12 Seminar McAfee ESM
2012-12-12 Seminar McAfee ESM2012-12-12 Seminar McAfee ESM
2012-12-12 Seminar McAfee ESMPinewood
 
MPLS
MPLSMPLS
MPLSElyes Naouar
 
Pstn Migration To Ngn
Pstn Migration To NgnPstn Migration To Ngn
Pstn Migration To NgnMike Fisher
 

Mais conteúdo relacionado

Mais procurados

Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsTom Kopko
 
Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0Oscar Ferreira
 
Building a Security Architecture
Building a Security ArchitectureBuilding a Security Architecture
Building a Security ArchitectureCisco Canada
 
Throughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlThroughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlAruj Thirawat
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceCamilo Fandiño Gómez
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsIBM Security
 
What affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burnsWhat affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burnsBill Burns
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution TaarakMohit8780
 
VMworld 2014: The Goldilocks Zone
VMworld 2014: The Goldilocks ZoneVMworld 2014: The Goldilocks Zone
VMworld 2014: The Goldilocks ZoneVMworld
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsIncheon Park
 
What is micro segmentation?
What is micro segmentation?What is micro segmentation?
What is micro segmentation?Mir Mustafa Ali
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallAli Kapucu
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Ahmed Al Enizi
 
Making Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management TogetherMaking Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management TogetherAnton Chuvakin
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Ahmed Al Enizi
 
2012-12-12 Seminar McAfee ESM
2012-12-12 Seminar McAfee ESM2012-12-12 Seminar McAfee ESM
2012-12-12 Seminar McAfee ESMPinewood
 

Mais procurados (20)

Gigamon - Network Visibility Solutions
Gigamon - Network Visibility SolutionsGigamon - Network Visibility Solutions
Gigamon - Network Visibility Solutions
 
Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0Cybersecurity domains-map-3.0
Cybersecurity domains-map-3.0
 
IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & Vflow
 
Building a Security Architecture
Building a Security ArchitectureBuilding a Security Architecture
Building a Security Architecture
 
Throughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlThroughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security Control
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPs
 
What affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burnsWhat affects security program confidence? - may2014 - bill burns
What affects security program confidence? - may2014 - bill burns
 
NAC Solution Taarak
NAC Solution TaarakNAC Solution Taarak
NAC Solution Taarak
 
VMworld 2014: The Goldilocks Zone
VMworld 2014: The Goldilocks ZoneVMworld 2014: The Goldilocks Zone
VMworld 2014: The Goldilocks Zone
 
Network Control Access for Non-IT Professionals
Network Control Access for Non-IT ProfessionalsNetwork Control Access for Non-IT Professionals
Network Control Access for Non-IT Professionals
 
What is micro segmentation?
What is micro segmentation?What is micro segmentation?
What is micro segmentation?
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation Firewall
 
Nac market
Nac marketNac market
Nac market
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
 
Making Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management TogetherMaking Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management Together
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune System
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
Dubai Cyber Security 02 Ics Scada Cyber Security Standards, Solution Tips...
 
2012-12-12 Seminar McAfee ESM
2012-12-12 Seminar McAfee ESM2012-12-12 Seminar McAfee ESM
2012-12-12 Seminar McAfee ESM
 

Destaque

Pstn Migration To Ngn
Pstn Migration To NgnPstn Migration To Ngn
Pstn Migration To NgnMike Fisher
 
Creating an Ecosystem for Next Generation Network (NGN)
Creating an Ecosystem for Next Generation Network (NGN)Creating an Ecosystem for Next Generation Network (NGN)
Creating an Ecosystem for Next Generation Network (NGN)Dr. Mazlan Abbas
 
Maristes montserrat
Maristes montserratMaristes montserrat
Maristes montserratgemmagodia
 
Ngn presentation
Ngn presentationNgn presentation
Ngn presentationFrikha Nour
 
NGN Next Generation Networks
NGN Next Generation NetworksNGN Next Generation Networks
NGN Next Generation Networksabdulquyyum
 

Destaque (11)

MPLS
MPLSMPLS
MPLS
 
Pstn Migration To Ngn
Pstn Migration To NgnPstn Migration To Ngn
Pstn Migration To Ngn
 
Creating an Ecosystem for Next Generation Network (NGN)
Creating an Ecosystem for Next Generation Network (NGN)Creating an Ecosystem for Next Generation Network (NGN)
Creating an Ecosystem for Next Generation Network (NGN)
 
Maristes montserrat
Maristes montserratMaristes montserrat
Maristes montserrat
 
NGN Network (ETE 521 L10.2)
NGN Network (ETE 521 L10.2)NGN Network (ETE 521 L10.2)
NGN Network (ETE 521 L10.2)
 
Ngn and convegence
Ngn and convegenceNgn and convegence
Ngn and convegence
 
IMS presentation
IMS presentationIMS presentation
IMS presentation
 
Ngn presentation
Ngn presentationNgn presentation
Ngn presentation
 
Ngn
NgnNgn
Ngn
 
NGN Next Generation Networks
NGN Next Generation NetworksNGN Next Generation Networks
NGN Next Generation Networks
 
Ngn
NgnNgn
Ngn
 

Semelhante a IP NGN Security Framework

Monetizing The Enterprise: Borderless Networks
Monetizing The Enterprise: Borderless NetworksMonetizing The Enterprise: Borderless Networks
Monetizing The Enterprise: Borderless NetworksCisco Service Provider
 
Knowing where the safe zone is ovum october 22 2013
Knowing where the safe zone is ovum october 22 2013 Knowing where the safe zone is ovum october 22 2013
Knowing where the safe zone is ovum october 22 2013 Mark Skilton
 
Security Delivery Platform: Best practices
Security Delivery Platform: Best practicesSecurity Delivery Platform: Best practices
Security Delivery Platform: Best practicesMihajlo Prerad
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
Light sec for service providers brochure
Light sec for service providers brochureLight sec for service providers brochure
Light sec for service providers brochureGeorge Wainblat
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...Chrysostomos Christofi
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Zernike College
 
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08NetFlowAuditor
 
Security course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationSecurity course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationPositiveTechnologies
 
Overall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxOverall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxkarlhennesey
 
Infosec cert service
Infosec cert serviceInfosec cert service
Infosec cert serviceMinh Le
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challengexKinAnx
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin RodillasTI Safe
 
Net Motion Mobility Overview - Field Service
Net Motion Mobility Overview - Field ServiceNet Motion Mobility Overview - Field Service
Net Motion Mobility Overview - Field Serviceksholes
 
Elevate Safety with Security Gen: Unraveling the Power of Signaling Security
Elevate Safety with Security Gen: Unraveling the Power of Signaling SecurityElevate Safety with Security Gen: Unraveling the Power of Signaling Security
Elevate Safety with Security Gen: Unraveling the Power of Signaling SecuritySecurityGen1
 

Semelhante a IP NGN Security Framework (20)

Monetizing The Enterprise: Borderless Networks
Monetizing The Enterprise: Borderless NetworksMonetizing The Enterprise: Borderless Networks
Monetizing The Enterprise: Borderless Networks
 
Knowing where the safe zone is ovum october 22 2013
Knowing where the safe zone is ovum october 22 2013 Knowing where the safe zone is ovum october 22 2013
Knowing where the safe zone is ovum october 22 2013
 
Security and-visibility
Security and-visibilitySecurity and-visibility
Security and-visibility
 
Security Delivery Platform: Best practices
Security Delivery Platform: Best practicesSecurity Delivery Platform: Best practices
Security Delivery Platform: Best practices
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
Light sec for service providers brochure
Light sec for service providers brochureLight sec for service providers brochure
Light sec for service providers brochure
 
Shashikant Chavan_Resume
Shashikant Chavan_ResumeShashikant Chavan_Resume
Shashikant Chavan_Resume
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009
 
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
NetFlow Auditor Anomaly Detection Plus Forensics February 2010 08
 
Security course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationSecurity course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislation
 
Overall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxOverall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docx
 
Arvind Mehrotra
Arvind MehrotraArvind Mehrotra
Arvind Mehrotra
 
Infosec cert service
Infosec cert serviceInfosec cert service
Infosec cert service
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
 
Information Security
Information SecurityInformation Security
Information Security
 
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
 
Net Motion Mobility Overview - Field Service
Net Motion Mobility Overview - Field ServiceNet Motion Mobility Overview - Field Service
Net Motion Mobility Overview - Field Service
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
 
Elevate Safety with Security Gen: Unraveling the Power of Signaling Security
Elevate Safety with Security Gen: Unraveling the Power of Signaling SecurityElevate Safety with Security Gen: Unraveling the Power of Signaling Security
Elevate Safety with Security Gen: Unraveling the Power of Signaling Security
 

IP NGN Security Framework

  • 1. IP NGN Security Framework Mikhail Kader, Distinguished Systems Engineer, Cisco, Russia [email_address] ITU-T Workshop on “New challenges for Telecommunication Security Standardizations" Geneva, 9(pm)-10 February 2009 Geneva, 9(pm)-10 February 2009
  • 2.
  • 3. IP NGN Secure Platform What is IP NGN Security? A hierarchical model for framing security discussions with service providers Geneva, 9(pm)-10 February 2009 Security Principals Describes the primary Security Principals that are affected by security policies Visibility Control Security Actions Describes essential actions that enable Visibility and Control Identify Monitor Correlate Harden Isolate Enforce Business Relevance Describes customer-specific business goals , and the threats to goal attainment Business Goals and Objectives Threats to Goals and Objectives Security Policies Describes the iterative development and monitoring of security policies Threat and Risk Assessment Security Policies Security Operations
  • 4.
  • 5. Migration to 3.5G or IP networks brings changes threat landscape hence a Risk Analysis is necessary. An example for Mobile: Illustrate the effects of the evolution from 2G to 3.5G Business Relevance Threats to Business Goals Leads to Risk Analysis Geneva, 9(pm)-10 February 2009 2G 3.5G Isolated  Highly Networked No IP  IP End-to-End Simple Devices  Sophisticated Devices Proprietary Services  Open Services Few Security Targets  Numerous Security Targets Little Risk  Much Risk
  • 6. IP NGN Security requires the definition of security policies, but is agnostic to the methodologies needed to create them Developing Security Policies Risk Assessment Methodologies eTOM – enhanced Telecom Operators Map ITIL – Information Technology Infrastructure Library Geneva, 9(pm)-10 February 2009
  • 7. Regardless of the risk assessment methodology utilized, the core steps are the same: These steps result in the creation of security policies and guidelines that define the acceptable and secure use of each device, system, and service Developing Security Policies Many Methodologies – One Goal Geneva, 9(pm)-10 February 2009 Threat Models How can the device, service, or system be attacked, disrupted, compromised, or exploited? Risk Assessments What impact would an attack have on my business? How important is the asset? Policy Development What entities, attributes, processes, or behaviors can be controlled to prevent or mitigate each attack?
  • 8.
  • 9. IP NGN Security Actions Increasing Visibility and Control IP NGN Security defines six fundamental actions that apply defined policies, improving Visibility and Control These actions, properly taken, enhance service security, resiliency, and reliability – primary goals for subscribers and operators alike Geneva, 9(pm)-10 February 2009 Identify Monitor Correlate Isolate Enforce Harden
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16. IP NGN Security Implementation and Operations IP NGN Security defines the actions and technologies to be implemented and operated by an organization The security of any given IP service depends greatly upon the network architecture, implementation, and organizational competence Geneva, 9(pm)-10 February 2009
  • 17. IP NGN Security Summary Define a security model to reach operational excellence based on security policies and process gaining enhanced visibility, control and high availability. Geneva, 9(pm)-10 February 2009 Security Principals Describes the primary Security Principals that are affected by security policies Visibility Control Security Actions Describes essential actions that enable Visibility and Control Identify Monitor Correlate Harden Isolate Enforce Business Relevance Describes customer-specific business goals , and the threats to goal attainment Business Goals and Objectives Threats to Goals and Objectives Security Policies Describes the iterative development and monitoring of security policies Threat and Risk Assessment Security Policies Security Operations

Notas do Editor

  1. Cable messaging could (conceivably) address their need to deliver wireless and quad-play ; Wireline messaging the need for a secure foundation over which to deliver managed security services …
  2. Service Providers often have well-developed security management frameworks in place IP NGN Security relies on integration with these frameworks for Sec-Ops and Policy Development
  3. Provides the foundation for proactive security services Allows the identification of end-node security posture, and the business context (roles, responsibilities, and capabilities) within which that node should be used Provides the basis for service differentiation (all services) Identification of malware Allows the implementation of white-lists for outbound services Implementation of traffic / security policies
  4. Real-time macro and micro visibility into service and ip flows, network health Provides early trend warnings versus baselines to feed to mitigation processes Can provide input for archives / data retention / baselining / network modeling Provides input into capacity planning / SLA-reporting services Tight control over the revenue stream / operations
  5. Adds context and intelligence to meta (raw) data collected during monitoring processes Allows the creation of behavioral baselines Abstraction of events to alarm instances
  6. Maintains an appropriate security posture in real time versus a threat environment Creating a reliable infrastructure upon which to deliver services Provides dynamic protection against both known and Day-Zero threats
  7. Limits collateral damage Prevents accidental data leakage / acquisition
  8. Stopping attacks and non-compliant behavior.