SlideShare una empresa de Scribd logo

NetGains Infrastructure Security

Descargar como PPT, PDF
N
NetGains Technologies Pvt. Ltd.

NetGains Infrastructure Security provides rock solid email messaging platform

Tecnología
1 de 8
NetGains Mail & Application Server Confidentiality & Security – Layered Approach Layered approach for securing NetGains Mail & Application Servers. It is a technical strategy, espousing adequate measures be put in place at different levels within the network infrastructure. It is also an organizational strategy, requiring participation from the clients, users, administrators & business owners. The layered-security approach centers on maintaining appropriate security measures and procedures at five different levels within the IT environment
NetGains Mail & Application Server Confidentiality & Security – Layered Approach Security level Applicable security measures 1. Perimeter • Firewall • Network-based anti-virus 2. Network • Intrusion detection /prevention system • Vulnerability management system • Endpoint security compliance • Access control /user authentication 3. Host Host 4. Application • Host IDS & Host VA • Access control/user authentication • Input validation 5. Data • Encryption • Access control/user authentication IDS & Host VA Endpoint security compliance Anti-virus Access control/user authentication
NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 1: PERIMETER SECURITY    The perimeter is the first line of defense from outside, un-trusted networks. The perimeter acts as the first and last point of contact for security defenses protecting the network. It is the area where your network ends and the Internet begins. Sonic FireWALL PRO 3060      Real-Time Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention. Powerful Content Filtering. Deep Packet Inspection Firewall Real-Time Blacklist Spam Filtering Policy-based NAT
NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 2: NETWORK SECURITY The network level of the layered-security model refers to internal LAN and WAN. • Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) • Vulnerability management - Vulnerability management systems perform two related functions: (1) they scan the network for vulnerabilities and (2) they manage the process of repairing the vulnerabilities found. • Endpoint security compliance (for VPN & RAS devices) • Access control/authentication (Network Level access) Answer: The Network level done administration is done by the ISP
NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 3: HOST SECURITY In the layered-security model, the host level pertains to the servers configurable parameters that, when set inappropriately, can create exploitable security holes. These parameters include registry settings, services (applications) operating on the device, or patches to the operating system or important applications.  Host-based intrusion detection systems (IDSs)  Host-based vulnerability assessment (VA)  Endpoint security compliance  Anti-virus  Access control/authentication Answer: * For this we use Trend Micro Interscan Messaging Security Suite which gives protection against Viruses, Spam and FTP traffic.
NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 4: APPLICATION SECURITY Application-level security is currently receiving a great deal of attention.      Poorly protected applications can provide easy access to confidential data and records. The hard truth is that most programmers don’t code with security in mind. Application shield - application-level firewall. Access control/authentication - only authorized users are able to access the application. Input validation - Input validation measures verify that application input traveling across your network is safe to process.
NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 5: DATA SECURITY Data-level security entails a blend of policy and encryption. Encrypting data where it resides and as it travels across your network is a recommended best practice because, if all other security measures fail, a strong encryption scheme protects your proprietary data. Encryption Important Customer data is stored in the SQL Server Database and is completely encrypted. Access control / authentication There is a role based access to data. Eg  A programmer has access only to Application files.  Important Customer data & Profile is stored in Database and only DBA can access it.  An Administrator of the system can only administer the data and has no access to database & applications.  RAID 10 for Hard-disk redundancy.  TAPE backup
NetGains Mail & Application Server Confidentiality & Security – Layered Approach Thank You ! NetGains Technologies 708/709, Corporate Avenue, Sonawala Lane, Goregaon(E) Mumbai – 400 063. Sales: +91-22-6525 7000 / +91-22-6139 7000 Mobile : 9820089256 / 989200782

Recomendados

Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1 Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1Tripwire
 
Fighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityFighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityDavid Zaizar
 
F secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF-Secure Corporation
 
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array NetworksVirtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks Array Networks
 
Shashikant Chavan_Resume
Shashikant Chavan_ResumeShashikant Chavan_Resume
Shashikant Chavan_ResumeShashikant Chavan CCNA, C|EH, ITIL V3
 
6 Steps to Secure Network Devices
6 Steps to Secure Network Devices6 Steps to Secure Network Devices
6 Steps to Secure Network DevicesLisa Kearney
 
Internet gatekeeper
Internet gatekeeperInternet gatekeeper
Internet gatekeeperF-Secure Corporation
 
CDM….Where do you start? (OA Cyber Summit)
CDM….Where do you start? (OA Cyber Summit)CDM….Where do you start? (OA Cyber Summit)
CDM….Where do you start? (OA Cyber Summit)Open Analytics
 

Recomendados

Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1 Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1Tripwire
 
Fighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityFighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityDavid Zaizar
 
F secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF-Secure Corporation
 
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array NetworksVirtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks Array Networks
 
Shashikant Chavan_Resume
Shashikant Chavan_ResumeShashikant Chavan_Resume
Shashikant Chavan_ResumeShashikant Chavan CCNA, C|EH, ITIL V3
 
6 Steps to Secure Network Devices
6 Steps to Secure Network Devices6 Steps to Secure Network Devices
6 Steps to Secure Network DevicesLisa Kearney
 
Internet gatekeeper
Internet gatekeeperInternet gatekeeper
Internet gatekeeperF-Secure Corporation
 
CDM….Where do you start? (OA Cyber Summit)
CDM….Where do you start? (OA Cyber Summit)CDM….Where do you start? (OA Cyber Summit)
CDM….Where do you start? (OA Cyber Summit)Open Analytics
 
Critical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseCritical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseRishu Mehra
 
Powerful email protection
Powerful email protectionPowerful email protection
Powerful email protectionF-Secure Corporation
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profileAmit Sardar
 
Willard_Grayson_2015
Willard_Grayson_2015Willard_Grayson_2015
Willard_Grayson_2015Will Grayson
 
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability AssessmentTALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability AssessmentDawn Yankeelov
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsAnthony Daniel
 
Protection Service for Business
Protection Service for BusinessProtection Service for Business
Protection Service for BusinessF-Secure Corporation
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentationtswong
 
Slides
SlidesSlides
SlidesFungayi Makoni
 
Cloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceCloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceSoumitra Bhattacharyya
 
Business Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityBusiness Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityF-Secure Corporation
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure Corporation
 
Attachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseAttachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseHai Nguyen
 
Inside forti os-v524-r5
Inside forti os-v524-r5Inside forti os-v524-r5
Inside forti os-v524-r5Lan & Wan Solutions
 
Virtual Security
Virtual SecurityVirtual Security
Virtual SecurityF-Secure Corporation
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksBeyondTrust
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Corporation
 
5 Important Secure Coding Practices
5 Important Secure Coding Practices5 Important Secure Coding Practices
5 Important Secure Coding PracticesThomas Kurian Ambattu,CRISC,ISLA-2011 (ISC)²
 
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance FiresLiraz Goldstein
 
Hyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesHyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesKim Bookout
 
00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3Eoin Keary
 
Thick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdfThick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdfElanusTechnologies
 

Más contenido relacionado

La actualidad más candente

Critical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseCritical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseRishu Mehra
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profileAmit Sardar
 
Willard_Grayson_2015
Willard_Grayson_2015Willard_Grayson_2015
Willard_Grayson_2015Will Grayson
 
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability AssessmentTALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability AssessmentDawn Yankeelov
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsAnthony Daniel
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentationtswong
 
Cloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceCloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceSoumitra Bhattacharyya
 
Business Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityBusiness Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityF-Secure Corporation
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure Corporation
 
Attachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseAttachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseHai Nguyen
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksBeyondTrust
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Corporation
 
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance FiresLiraz Goldstein
 
Hyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesHyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesKim Bookout
 

La actualidad más candente (20)

Critical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseCritical Controls Of Cyber Defense
Critical Controls Of Cyber Defense
 
Powerful email protection
Powerful email protectionPowerful email protection
Powerful email protection
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profile
 
Willard_Grayson_2015
Willard_Grayson_2015Willard_Grayson_2015
Willard_Grayson_2015
 
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability AssessmentTALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefits
 
Protection Service for Business
Protection Service for BusinessProtection Service for Business
Protection Service for Business
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentation
 
Slides
SlidesSlides
Slides
 
Cloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceCloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform Service
 
Business Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityBusiness Suite - Gain control of your IT security
Business Suite - Gain control of your IT security
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server Security
 
Attachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseAttachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromise
 
Inside forti os-v524-r5
Inside forti os-v524-r5Inside forti os-v524-r5
Inside forti os-v524-r5
 
Virtual Security
Virtual SecurityVirtual Security
Virtual Security
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior control
 
5 Important Secure Coding Practices
5 Important Secure Coding Practices5 Important Secure Coding Practices
5 Important Secure Coding Practices
 
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
 
Hyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesHyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challenges
 

Similar a NetGains Infrastructure Security

00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3Eoin Keary
 
Thick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdfThick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdfElanusTechnologies
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptxKENNEDYDONATO1
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hackingDesmond Devendran
 
Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1PROIDEA
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
Tecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentaliTecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentaliJürgen Ambrosi
 
talk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxtalk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxTrongMinhHoang1
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceMSAdvAnalytics
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera Technologies
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesMariaDB plc
 
It security
It securityIt security
It securityavi2607
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxyasirkhokhar7
 
Study of campus network security
Study of campus network securityStudy of campus network security
Study of campus network securityTrishla Thakur
 
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CloudIDSummit
 

Similar a NetGains Infrastructure Security (20)

00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3
 
Thick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdfThick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdf
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptx
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
 
Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Tecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentaliTecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentali
 
talk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxtalk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptx
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information Security
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best Practices
 
It security
It securityIt security
It security
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
 
Study of campus network security
Study of campus network securityStudy of campus network security
Study of campus network security
 
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
 
Dstca
DstcaDstca
Dstca
 

Más de NetGains Technologies Pvt. Ltd.

eSigner.NET - Digital Signing and Encryption the easy way
eSigner.NET - Digital Signing and Encryption the easy wayeSigner.NET - Digital Signing and Encryption the easy way
eSigner.NET - Digital Signing and Encryption the easy wayNetGains Technologies Pvt. Ltd.
 

Más de NetGains Technologies Pvt. Ltd. (11)

Successful employees
Successful employeesSuccessful employees
Successful employees
 
Multi channel communication center M3C
Multi channel communication center M3CMulti channel communication center M3C
Multi channel communication center M3C
 
Email + social marketing
Email + social marketingEmail + social marketing
Email + social marketing
 
Office connect hybrid microsoft exchange
Office connect hybrid microsoft exchangeOffice connect hybrid microsoft exchange
Office connect hybrid microsoft exchange
 
DR hosting & cloud
DR hosting & cloudDR hosting & cloud
DR hosting & cloud
 
Email deliverability
Email deliverabilityEmail deliverability
Email deliverability
 
Demystifying email deliverability
Demystifying email deliverabilityDemystifying email deliverability
Demystifying email deliverability
 
M3C email-marketing_sms_platform
M3C email-marketing_sms_platformM3C email-marketing_sms_platform
M3C email-marketing_sms_platform
 
Website redesign tips-tricks_1
Website redesign tips-tricks_1Website redesign tips-tricks_1
Website redesign tips-tricks_1
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificate
 
eSigner.NET - Digital Signing and Encryption the easy way
eSigner.NET - Digital Signing and Encryption the easy wayeSigner.NET - Digital Signing and Encryption the easy way
eSigner.NET - Digital Signing and Encryption the easy way
 

Último

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Último (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

NetGains Infrastructure Security

  • 1. NetGains Mail & Application Server Confidentiality & Security – Layered Approach Layered approach for securing NetGains Mail & Application Servers. It is a technical strategy, espousing adequate measures be put in place at different levels within the network infrastructure. It is also an organizational strategy, requiring participation from the clients, users, administrators & business owners. The layered-security approach centers on maintaining appropriate security measures and procedures at five different levels within the IT environment
  • 2. NetGains Mail & Application Server Confidentiality & Security – Layered Approach Security level Applicable security measures 1. Perimeter • Firewall • Network-based anti-virus 2. Network • Intrusion detection /prevention system • Vulnerability management system • Endpoint security compliance • Access control /user authentication 3. Host Host 4. Application • Host IDS & Host VA • Access control/user authentication • Input validation 5. Data • Encryption • Access control/user authentication IDS & Host VA Endpoint security compliance Anti-virus Access control/user authentication
  • 3. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 1: PERIMETER SECURITY    The perimeter is the first line of defense from outside, un-trusted networks. The perimeter acts as the first and last point of contact for security defenses protecting the network. It is the area where your network ends and the Internet begins. Sonic FireWALL PRO 3060      Real-Time Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention. Powerful Content Filtering. Deep Packet Inspection Firewall Real-Time Blacklist Spam Filtering Policy-based NAT
  • 4. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 2: NETWORK SECURITY The network level of the layered-security model refers to internal LAN and WAN. • Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) • Vulnerability management - Vulnerability management systems perform two related functions: (1) they scan the network for vulnerabilities and (2) they manage the process of repairing the vulnerabilities found. • Endpoint security compliance (for VPN & RAS devices) • Access control/authentication (Network Level access) Answer: The Network level done administration is done by the ISP
  • 5. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 3: HOST SECURITY In the layered-security model, the host level pertains to the servers configurable parameters that, when set inappropriately, can create exploitable security holes. These parameters include registry settings, services (applications) operating on the device, or patches to the operating system or important applications.  Host-based intrusion detection systems (IDSs)  Host-based vulnerability assessment (VA)  Endpoint security compliance  Anti-virus  Access control/authentication Answer: * For this we use Trend Micro Interscan Messaging Security Suite which gives protection against Viruses, Spam and FTP traffic.
  • 6. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 4: APPLICATION SECURITY Application-level security is currently receiving a great deal of attention.      Poorly protected applications can provide easy access to confidential data and records. The hard truth is that most programmers don’t code with security in mind. Application shield - application-level firewall. Access control/authentication - only authorized users are able to access the application. Input validation - Input validation measures verify that application input traveling across your network is safe to process.
  • 7. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 5: DATA SECURITY Data-level security entails a blend of policy and encryption. Encrypting data where it resides and as it travels across your network is a recommended best practice because, if all other security measures fail, a strong encryption scheme protects your proprietary data. Encryption Important Customer data is stored in the SQL Server Database and is completely encrypted. Access control / authentication There is a role based access to data. Eg  A programmer has access only to Application files.  Important Customer data & Profile is stored in Database and only DBA can access it.  An Administrator of the system can only administer the data and has no access to database & applications.  RAID 10 for Hard-disk redundancy.  TAPE backup
  • 8. NetGains Mail & Application Server Confidentiality & Security – Layered Approach Thank You ! NetGains Technologies 708/709, Corporate Avenue, Sonawala Lane, Goregaon(E) Mumbai – 400 063. Sales: +91-22-6525 7000 / +91-22-6139 7000 Mobile : 9820089256 / 989200782