tailieunhanh - Network Security Case Study

Retention of logs for purposes of audit is mandated by the LCG Audit Requirements document . Sufficient information should be retained to enable a complete trace from resource usage back to initial user authentication. This information can be useful for troubleshooting purposes and may also be needed in the investigation of security incidents as described in the Agreement on Incident Response document . Care should be taken to ensure that the logs gathered are securely archived and the integrity of these archives is guaranteed and access appropriately restricted. . | Case Study o o o o o o o o o o o o o o o o o o Network Security Case Study bye7è Iemetry A security breach has just occurred on your corporate network. It could be a virus or worm that is spreading quickly it could be an unauthorized wireless access point that was just plugged into the network it could be an insider logging into the corporate mainframe and stealing intellectual property. The reality is that every Internet-connected network will come under attack eventually and unless your enterprise is extremely unusual one of those attacks will eventually succeed. Okay now what How will your network staff or security staff if you re lucky enough to have one deal with these and other threats This case study examines how one company used eTelemetry s Locate product to deal with three different security incidents that occurred during a single week. Sarbanes-Oxley Compliance Since this company is publicly traded it is required to maintain ongoing compliance with the Sarbanes-Oxley Act of 2002. In order to meet its compliance obligations the company implemented eTelemetry s Locate product as part of its security infrastructure and controls. Locate provides the company with additional layers of security controls or defense-in-depth by identifying unauthorized users on the network unauthorized access points and users flagged by internal IDS systems. Locate also provides a way to assess the effectiveness of the company s security controls as required by the Act through the historical records of user-to-IP address mapping. This historical mapping is critical for effective auditing assessment and forensics analysis of the company s security systems. Locate also provides a way to assess the effectiveness of the company s security controls. Company Background The company in this case study like many companies has a network that has grown over time to meet the ever-changing needs of the users. The company headquarters is located in the suburbs of Washington DC. It is a campus