Documente Academic
Documente Profesional
Documente Cultură
LOGO
Company
LOGO
BSNL
Agenda
1.
1.Introduction
Introduction
2.
2.Security
Securitytypes
types
3.
3.Activities
Activitiesin
inBSNL
BSNLAP
AP
4.
4.Conclusion
Conclusion
Company
LOGO
BSNL
NW & IS Security
What is Security:
}
Company
LOGO
BSNL
NW & IS Security
Information Security
Protection of information systems against unauthorized
access to or modification of information, whether in
storage, processing or transit, and against the denial of
service to authorized users or the provision of service to
unauthorized users, including those measures necessary
to detect, document, and counter such threats.
Company
LOGO
BSNL
NW & IS Security
}
}
Source:http://www.microsoft.com/canada/smallbiz/sgc
/articles/why_security_matters.mspx
Company
LOGO
BSNL
Company
LOGO
BSNL
Company
LOGO
BSNL
Company
LOGO
BSNL
BS 7799 - Standards
Company
LOGO
BSNL
Phase-1
stage1:Penetration Testing(2 IP & 2 Hosts)
stage2:vulnerability assessment of servers(14
servers)
stage3:Vulnerability assessment of Network
stage4:Remote SSA internal Network
stage5:Roadmap
stage6:roles,BCP
Phase-2
Post Implementation
Periodic auditing for every 6 months
Company
LOGO
BSNL
Company
LOGO
BSNL
1.
2.
3.
4.
Company
LOGO
BSNL
Company
LOGO
BSNL
Phase-1 stage 4:
Head Office Network Assessment :
Phase-1 Stage 5
--Implementation should be planned in 2
phases as given below:
(Proposed plan will be submitted)
a). High risks which can be eliminated by
configuration with out any purchase of security
components (involves post implementation audit).
b). Very critical risks which can be eliminated with
purchase of security components.(without involving
post implementation audit)
Company
LOGO
BSNL
Phase 1 Stage 6
i). An IT Security Policy Document based on BS7799.
Company
LOGO
BSNL
SQL Injection
Running of unwanted services and ports
Weak password policies
Auditing not enabled
Improper ACL implementation
Insecured dial up access
SNMP
Need for firewalls
Identification of critical resources and need for network
seperation
Usage of Hubs
Company
LOGO
BSNL
Company
LOGO
BSNL
Company
LOGO
BSNL
Company
LOGO
BSNL
Idle Time
Sessions per user
Failed login attempts
Password Life time
Password Verify Function
Password Reuse Time
Password Grace Time
Company
LOGO
BSNL
Company
LOGO
BSNL
Security patch
Blocking SQL access to menu users.
Individual modules cannot be opened. All
modules will work only through Menu
Object grants given to individual users/public will
be revoked.
DBA grants given to any user will be revoked
Roles/Sys privileges given to public will be
revoked.
Usage of any Third party tools like TOAD/ODBC
will be blocked from all users Except DBA
Company
LOGO
BSNL
Eseva
Network connectivity
Server hardening
Determination of roles and responsibilites
Configuration of security elements
Others
Rural Eseva
BSNL Portal
Centralised and Convergent Customer Care and Billing
.
Company
LOGO
BSNL
Conclusion
Company
LOGO
BSNL
Q&A
Company
LOGO
BSNL
.
G Srinivas ITS
DGM(Dotsoft & Computers)
BSNL AP
Email : gsrinivas@bsnl.co.in