Global Security Week - doing my bit..

  • Article

As you may (or may not) know, this week is Global Security Week.

I'm going to try and post this week just about security related stuff.

So, today's security related message for you IT Professionals is to take some time and watch these presentations by John Craddock (Principle Infrastructure & Security Architect, Kimberry Associates) and Sally Storey ( Senior Consultant, Kimberry Associates).  We've had John and Sally present this session both in Dublin and Belfast.  It really is great content and there is a lot of it, but it is broken up into smaller (ten minutes or so) segments - so you don't have to allocate too much time for it (in one go).

Is Your IT Infrastructure Secure?

In this session we step back from the infrastructure and provide a methodology for classifying your business requirements and identifying business assets. Armed with this knowledge you can create a threat model and categorize risks. You will learn how to create a design that will truly support your organization. Topics covered include: Identifying business assets; Threat modeling; Security policy and response planning; Patch management and compliance testing; Least privileged access. (1hour 34 minutes in total).

Securing Your Network

Network connectivity is the life blood of your infrastructure but the TCP/IP stack, listening services and applications provide many entry points through which systems can be discovered and attacked. In this session we show you how to assess your systems through the use of network scanners, provide maximum protection through the use of host based firewalls and implement IPSec. Topics covered include: Firewall configurations, troubleshooting connectivity; Identifying protocol and port requirements; Network scanners and monitors; Deploying IPSec for domain and server isolation; Building rules, filters and filter actions.  (1hour 33 minutes in total).

Locking Down Servers and Workstations

Server and workstation security is normally managed through the use of group policy, but what are the options? In this session you will learn about best practice solutions for lockdown. We will also show you how to manage security templates, use the Security Configuration Wizard and implement Software Restriction Policies. Topics covered include:  Managing server roles and lockdown policies; Using security templates; The Security Configuration Wizard; Delegating group policy management; Creating Software Restriction Policies (SRP).  (47 minutes in total).

Vista Technologies

In this session we look at the key Vista security enhancements that impact our overall look at end-to end security framework. We explore User Account Control and the Secure Desktop. Examine how Vista can virtualize file and registry access and how solutions can be provided for Windows XP. You will learn about new core features including the enhanced stack, firewall and group policy. Topics covered include: Core security and networking enhancements; User Account Control (UAC); Application compatibility; Vista group policy; Network Access Protection (NAP).  (51 minutes in total).

Enjoy,

Dave.