1. NetGains Mail & Application Server
Confidentiality & Security – Layered Approach
Layered approach for securing NetGains Mail & Application
Servers.
It is a technical strategy, espousing adequate measures be put
in
place at different levels within the network infrastructure.
It is also an organizational strategy, requiring participation
from the clients, users, administrators & business owners.
The layered-security approach centers on maintaining
appropriate security measures and procedures at five different
levels within the IT environment
3. NetGains Mail & Application Server
Confidentiality & Security – Layered Approach
LEVEL 1: PERIMETER SECURITY
The perimeter is the first line of defense from outside,
un-trusted networks.
The perimeter acts as the first and last point of contact for security
defenses protecting the network.
It is the area where your network ends and the Internet begins.
Sonic FireWALL PRO 3060
Real-Time Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention.
Powerful Content Filtering.
Deep Packet Inspection Firewall
Real-Time Blacklist Spam Filtering
Policy-based NAT
4. NetGains Mail & Application Server
Confidentiality & Security – Layered Approach
LEVEL 2: NETWORK SECURITY
The network level of the layered-security model refers to internal LAN and WAN.
•
Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs)
•
Vulnerability management - Vulnerability management systems perform two
related functions:
(1) they scan the network for vulnerabilities and
(2) they manage the process of repairing the vulnerabilities found.
•
Endpoint security compliance (for VPN & RAS devices)
•
Access control/authentication (Network Level access)
Answer: The Network level done administration is done by the ISP
5. NetGains Mail & Application Server
Confidentiality & Security – Layered Approach
LEVEL 3: HOST SECURITY
In the layered-security model, the host level pertains to the servers
configurable parameters that, when set inappropriately, can create
exploitable security holes. These parameters include registry settings,
services (applications) operating on the device, or patches to the operating
system or important applications.
Host-based intrusion detection systems (IDSs)
Host-based vulnerability assessment (VA)
Endpoint security compliance
Anti-virus
Access control/authentication
Answer:
* For this we use Trend Micro Interscan Messaging Security Suite which
gives protection against Viruses, Spam and FTP traffic.
6. NetGains Mail & Application Server
Confidentiality & Security – Layered Approach
LEVEL 4: APPLICATION SECURITY
Application-level security is currently receiving a great deal of attention.
Poorly protected applications can provide easy access to confidential data
and records.
The hard truth is that most programmers don’t code with security in
mind.
Application shield - application-level firewall.
Access control/authentication - only authorized users are able to access the
application.
Input validation - Input validation measures verify that
application input traveling across your network is safe to process.
7. NetGains Mail & Application Server
Confidentiality & Security – Layered Approach
LEVEL 5: DATA SECURITY
Data-level security entails a blend of policy and encryption.
Encrypting data where it resides and as it travels across your network is a
recommended best practice because, if all other security measures fail, a
strong encryption scheme protects your proprietary data.
Encryption
Important Customer data is stored in the SQL Server Database and is
completely encrypted.
Access control / authentication
There is a role based access to data. Eg
A programmer has access only to Application files.
Important Customer data & Profile is stored in Database and only DBA
can access it.
An Administrator of the system can only administer the data and has no
access to database & applications.
RAID 10 for Hard-disk redundancy.
TAPE backup
8. NetGains Mail & Application Server
Confidentiality & Security – Layered Approach
Thank You !
NetGains Technologies
708/709, Corporate Avenue,
Sonawala Lane,
Goregaon(E)
Mumbai – 400 063.
Sales: +91-22-6525 7000 / +91-22-6139 7000
Mobile : 9820089256 / 989200782