Documente Academic
Documente Profesional
Documente Cultură
Software Blade application is used to prevent the data loss and the Check
Point Power-1 appliance be used to address the firewall vulnerability.
Company Overview
Aircraft Solutions (AS) design and fabricate component products and
services for companies in the electronics, commercial defense, and
aerospace industry. The mission of AS is to provide the customer success
through machined products and related services, and to meet cost, quality,
and scheduled requirements.
Aircraft Solution uses Business Process Management (BPM) to handle end
to end processes that span multiple systems and organizations. BPM
system is designed to connect customers, vendors, and suppliers to share
information and maintain timely business dialogue. The system is capable
of handling multiple projects simultaneously across every department of the
company. It is set up to manage all aspects of business operations,
including accounting, human resources, sales and marketing and
compliance activities concurrently.
The system administrators are responsible for selecting and installing
hardware, software and related upgrades, implementing information
security measures, and maintaining support to ensure the manufacturing
execution system is working properly. The users at AS are employees,
suppliers, and contractors who need to access the company network.
System access by users at different levels of the network is set strictly on
need to know basis.
The current security controls include independent anti-virus software on
every workstation and server; host-based intrusion detection systems on
the servers in the corporate office. Security policy requires that all firewalls
and router rule sets are evaluated every two years and that all servers are
backed up to network attached storage devices maintained at the server
location.
Companys Assets
The assets for AS are the Business Process Management, BPM, system
and the servers used to store customer data such as project information,
Event Management
Rapid and Flexible Deployment
System requirements:
See Appendices for system software and hardware requirements.
Firewall Solution-- Security Gateways - Appliances - Power-1
The second vulnerability which is firewall/router can be addressed by the
use of Check Point IP Appliances. These appliances offer turnkey and
modular security functionality. With integrated firewall, VPN, IPS,
Application Control, Identity Awareness and more, IP Appliances deliver
unmatched extensibility, broad deployment options and lower total cost of
ownership (CheckPoint Software Technologies, 2011).
The specific appliance to use is the Security Gateways - Appliances Power-1. This appliance enables companies such as Aircraft Solution to
maximize security in high performance environments. It combines
integrated firewall, IPSEC, VPN and intrusion prevention with advanced
acceleration technologies delivering a high performance security platform
that can block application layer threats in multi-Gbps environments. Even
as new threats appear, Power-1 appliances maintain increased
performance while protecting network against attacks (CheckPoint
Software Technologies, 2011).
This is an excellent complement to the Check Point Data Loss Prevention
software blade. This appliance supports an unlimited amount of concurrent
users.
It is recommended that this appliance is placed at
Cost: $64,000.00 each (one year warranty).
Features:
Proven, enterprise class firewall, VPN and high performance IPS
Accelerated security performance, including Secure XL, and Core XL,
technologies
impact of using this software can create comprehensive data flow and
usage map to identify data leakage points in the companys system. By
using the data loss prevention software, it makes for a holistic solution that
enables content awareness among all communication channels and all
systems at all times. The loss of data can impact the organizations
reputation; damage its competitive standing, and tarnish the Aircraft
Solutions name.
The Security Gateways - Appliances - Power-1 fire wall hardware will
eliminate or minimize the intrusion of spyware, malware, or any harmful
virus that could potentially bring the network to a halt costing the company
thousands. The firewall solution in combination with the software makes for
a thorough security system.
APPENDIX
Software Specifications
The DLP Software Blade is a software solution based on the Software
Blade architecture. For deployment on open servers, it is tested for
compatibility with a wide variety of currently shipping and pre-release
hardware platforms.
|Inspection |
|Inspection Options |Over 250 pre-defined data content types |
| |Pattern, keyword matching and dictionaries |
| |Multi-parameter data classification and correlation |
| |Advanced inspection based on structured content |
| |Similarity to commonly-used templates |
| |File attribute-based matching |
| |Use open scripting language to tailor and create specific data types |
|File Types |Inspection of content for more than 600 file types |
| |Log all incidents - with option to correlate events and audit incidents |
|View Incident |An administrator with DLP permissions (a dedicated
password) can view the actual message sent, |
| |including attachments. An audit log is created each time a message is
viewed. |
|Log All Emails |All outgoing emails (including non-incidents) are logged for
sender, recipients and subject |
|Policy Management |
|Central Management |Integrated with SmartCenter Dashboard |
| |Simple and intuitive policy creation |
| |Easy data content type creation |
| |Powerful data content type categorization and search options |
|Event Management |Additional integrated functionality within SmartEvent |
| |Log reporting and real-time timeline monitoring |
| |Pie-chart with violation distributions per user or per network |
|Deployment |
|Installation Options |Software Blade running on Check Point security
gateways |
| |Dedicted appliance |
|Network Deployment Options |Inline connectivity |
|Installation Wizard |Simple wizard that assists in first stage operation of the
DLP Software Blade, including connectivity |
| |to Active Directory and different initial required configurations |
|Minimum Hardware Requirements for Installing DLP Software Blade |
| Physical Specifications | | |
|Enclosure |1U |2U |
|Dimensions (standard) |17.4 x 15 x 1.73 in. |17 x 20 x 3.46 in. |
|Dimensions (metric) |443 x 381 x 44mm |431 x 509.5 x 88mm |
|Weight |6.5 kg (14.3 lbs) |16.5 kg (36.3 lbs) |
| Power | | |
|Dual, Hot-swappable Power Supplies|No |No |
|Power Input |100 ~ 240V; 50 ~ 60Hz |
|Power Supply Spec (max) |250W |400W |
|Power Consumption Spec (max) |77.5W |200.7W |
|Operating Environment Range |Temperature: 5 to 40 C, Humidity: 10%85% non-condensing, Altitude: 2,500m |
|Compliance |UL 60950; FCC Part 15, Subpart B, Class A; EN 55024; EN
55022; VCCI V-3AS/NZS 3548:1995; CNS 13438 Class A|
| |(test passed; country approval pending); KN22KN61000-4 Series, TTA;
IC-950; ROHS |
[pic]
Revised Network Infrastructure using Security Gateway Appliance
Power 1
References:
CheckPoint Software Technologies, L. (2011). CheckPoint Software
Products Application. Retrieved March 23, 2011, from CheckPoint Software
Technologies, Ltd: http://www.checkpoint.com/products/application-controlsoftware-blade/index.html