SlideShare ist ein Scribd-Unternehmen logo

NetGains Infrastructure Security

Als PPT, PDF herunterladen
N
NetGains Technologies Pvt. Ltd.

NetGains Infrastructure Security provides rock solid email messaging platform

Technologie
1 von 8
NetGains Mail & Application Server Confidentiality & Security – Layered Approach Layered approach for securing NetGains Mail & Application Servers. It is a technical strategy, espousing adequate measures be put in place at different levels within the network infrastructure. It is also an organizational strategy, requiring participation from the clients, users, administrators & business owners. The layered-security approach centers on maintaining appropriate security measures and procedures at five different levels within the IT environment
NetGains Mail & Application Server Confidentiality & Security – Layered Approach Security level Applicable security measures 1. Perimeter • Firewall • Network-based anti-virus 2. Network • Intrusion detection /prevention system • Vulnerability management system • Endpoint security compliance • Access control /user authentication 3. Host Host 4. Application • Host IDS & Host VA • Access control/user authentication • Input validation 5. Data • Encryption • Access control/user authentication IDS & Host VA Endpoint security compliance Anti-virus Access control/user authentication
NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 1: PERIMETER SECURITY    The perimeter is the first line of defense from outside, un-trusted networks. The perimeter acts as the first and last point of contact for security defenses protecting the network. It is the area where your network ends and the Internet begins. Sonic FireWALL PRO 3060      Real-Time Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention. Powerful Content Filtering. Deep Packet Inspection Firewall Real-Time Blacklist Spam Filtering Policy-based NAT
NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 2: NETWORK SECURITY The network level of the layered-security model refers to internal LAN and WAN. • Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) • Vulnerability management - Vulnerability management systems perform two related functions: (1) they scan the network for vulnerabilities and (2) they manage the process of repairing the vulnerabilities found. • Endpoint security compliance (for VPN & RAS devices) • Access control/authentication (Network Level access) Answer: The Network level done administration is done by the ISP
NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 3: HOST SECURITY In the layered-security model, the host level pertains to the servers configurable parameters that, when set inappropriately, can create exploitable security holes. These parameters include registry settings, services (applications) operating on the device, or patches to the operating system or important applications.  Host-based intrusion detection systems (IDSs)  Host-based vulnerability assessment (VA)  Endpoint security compliance  Anti-virus  Access control/authentication Answer: * For this we use Trend Micro Interscan Messaging Security Suite which gives protection against Viruses, Spam and FTP traffic.
NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 4: APPLICATION SECURITY Application-level security is currently receiving a great deal of attention.      Poorly protected applications can provide easy access to confidential data and records. The hard truth is that most programmers don’t code with security in mind. Application shield - application-level firewall. Access control/authentication - only authorized users are able to access the application. Input validation - Input validation measures verify that application input traveling across your network is safe to process.
NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 5: DATA SECURITY Data-level security entails a blend of policy and encryption. Encrypting data where it resides and as it travels across your network is a recommended best practice because, if all other security measures fail, a strong encryption scheme protects your proprietary data. Encryption Important Customer data is stored in the SQL Server Database and is completely encrypted. Access control / authentication There is a role based access to data. Eg  A programmer has access only to Application files.  Important Customer data & Profile is stored in Database and only DBA can access it.  An Administrator of the system can only administer the data and has no access to database & applications.  RAID 10 for Hard-disk redundancy.  TAPE backup
NetGains Mail & Application Server Confidentiality & Security – Layered Approach Thank You ! NetGains Technologies 708/709, Corporate Avenue, Sonawala Lane, Goregaon(E) Mumbai – 400 063. Sales: +91-22-6525 7000 / +91-22-6139 7000 Mobile : 9820089256 / 989200782

Empfohlen

Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1 Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1Tripwire
 
Fighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityFighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityDavid Zaizar
 
F secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF-Secure Corporation
 
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array NetworksVirtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks Array Networks
 
Shashikant Chavan_Resume
Shashikant Chavan_ResumeShashikant Chavan_Resume
Shashikant Chavan_ResumeShashikant Chavan CCNA, C|EH, ITIL V3
 
6 Steps to Secure Network Devices
6 Steps to Secure Network Devices6 Steps to Secure Network Devices
6 Steps to Secure Network DevicesLisa Kearney
 
Internet gatekeeper
Internet gatekeeperInternet gatekeeper
Internet gatekeeperF-Secure Corporation
 
CDM….Where do you start? (OA Cyber Summit)
CDM….Where do you start? (OA Cyber Summit)CDM….Where do you start? (OA Cyber Summit)
CDM….Where do you start? (OA Cyber Summit)Open Analytics
 

Empfohlen

Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1 Automating for NERC CIP-007-5-R1
Automating for NERC CIP-007-5-R1Tripwire
 
Fighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityFighting The Top 7 Threats to Cloud Cybersecurity
Fighting The Top 7 Threats to Cloud CybersecurityDavid Zaizar
 
F secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF-Secure Corporation
 
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array NetworksVirtual Web Application Firewall (vAWF) Data Sheet - Array Networks
Virtual Web Application Firewall (vAWF) Data Sheet - Array Networks Array Networks
 
Shashikant Chavan_Resume
Shashikant Chavan_ResumeShashikant Chavan_Resume
Shashikant Chavan_ResumeShashikant Chavan CCNA, C|EH, ITIL V3
 
6 Steps to Secure Network Devices
6 Steps to Secure Network Devices6 Steps to Secure Network Devices
6 Steps to Secure Network DevicesLisa Kearney
 
Internet gatekeeper
Internet gatekeeperInternet gatekeeper
Internet gatekeeperF-Secure Corporation
 
CDM….Where do you start? (OA Cyber Summit)
CDM….Where do you start? (OA Cyber Summit)CDM….Where do you start? (OA Cyber Summit)
CDM….Where do you start? (OA Cyber Summit)Open Analytics
 
Critical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseCritical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseRishu Mehra
 
Powerful email protection
Powerful email protectionPowerful email protection
Powerful email protectionF-Secure Corporation
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profileAmit Sardar
 
Willard_Grayson_2015
Willard_Grayson_2015Willard_Grayson_2015
Willard_Grayson_2015Will Grayson
 
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability AssessmentTALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability AssessmentDawn Yankeelov
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsAnthony Daniel
 
Protection Service for Business
Protection Service for BusinessProtection Service for Business
Protection Service for BusinessF-Secure Corporation
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentationtswong
 
Slides
SlidesSlides
SlidesFungayi Makoni
 
Cloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceCloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceSoumitra Bhattacharyya
 
Business Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityBusiness Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityF-Secure Corporation
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure Corporation
 
Attachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseAttachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseHai Nguyen
 
Inside forti os-v524-r5
Inside forti os-v524-r5Inside forti os-v524-r5
Inside forti os-v524-r5Lan & Wan Solutions
 
Virtual Security
Virtual SecurityVirtual Security
Virtual SecurityF-Secure Corporation
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksBeyondTrust
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Corporation
 
5 Important Secure Coding Practices
5 Important Secure Coding Practices5 Important Secure Coding Practices
5 Important Secure Coding PracticesThomas Kurian Ambattu,CRISC,ISLA-2011 (ISC)²
 
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance FiresLiraz Goldstein
 
Hyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesHyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesKim Bookout
 
00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3Eoin Keary
 
Thick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdfThick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdfElanusTechnologies
 

Weitere ähnliche Inhalte

Was ist angesagt?

Critical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseCritical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseRishu Mehra
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profileAmit Sardar
 
Willard_Grayson_2015
Willard_Grayson_2015Willard_Grayson_2015
Willard_Grayson_2015Will Grayson
 
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability AssessmentTALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability AssessmentDawn Yankeelov
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsAnthony Daniel
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentationtswong
 
Cloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceCloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceSoumitra Bhattacharyya
 
Business Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityBusiness Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityF-Secure Corporation
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure Corporation
 
Attachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseAttachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseHai Nguyen
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksBeyondTrust
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Corporation
 
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance FiresLiraz Goldstein
 
Hyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesHyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesKim Bookout
 

Was ist angesagt? (20)

Critical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseCritical Controls Of Cyber Defense
Critical Controls Of Cyber Defense
 
Powerful email protection
Powerful email protectionPowerful email protection
Powerful email protection
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profile
 
Willard_Grayson_2015
Willard_Grayson_2015Willard_Grayson_2015
Willard_Grayson_2015
 
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability AssessmentTALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
TALK Cybersecurity Summit 2017 Slides: Chris Goggans on Vulnerability Assessment
 
Enterprise firewalls feature and benefits
Enterprise firewalls feature and benefitsEnterprise firewalls feature and benefits
Enterprise firewalls feature and benefits
 
Protection Service for Business
Protection Service for BusinessProtection Service for Business
Protection Service for Business
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentation
 
Slides
SlidesSlides
Slides
 
Cloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform ServiceCloud monitoring - An essential Platform Service
Cloud monitoring - An essential Platform Service
 
Business Suite - Gain control of your IT security
Business Suite - Gain control of your IT securityBusiness Suite - Gain control of your IT security
Business Suite - Gain control of your IT security
 
F-Secure E-mail and Server Security
F-Secure E-mail and Server SecurityF-Secure E-mail and Server Security
F-Secure E-mail and Server Security
 
Attachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromiseAttachment 1 – mitigation measures for two factor authentication compromise
Attachment 1 – mitigation measures for two factor authentication compromise
 
Inside forti os-v524-r5
Inside forti os-v524-r5Inside forti os-v524-r5
Inside forti os-v524-r5
 
Virtual Security
Virtual SecurityVirtual Security
Virtual Security
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior control
 
5 Important Secure Coding Practices
5 Important Secure Coding Practices5 Important Secure Coding Practices
5 Important Secure Coding Practices
 
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
2019 01-30 Firewalls Ablaze? Put Out Network Security Audit & Compliance Fires
 
Hyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesHyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challenges
 

Ähnlich wie NetGains Infrastructure Security

00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3Eoin Keary
 
Thick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdfThick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdfElanusTechnologies
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptxKENNEDYDONATO1
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hackingDesmond Devendran
 
Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1PROIDEA
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
Tecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentaliTecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentaliJürgen Ambrosi
 
talk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxtalk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxTrongMinhHoang1
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceMSAdvAnalytics
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera Technologies
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesMariaDB plc
 
It security
It securityIt security
It securityavi2607
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxyasirkhokhar7
 
Study of campus network security
Study of campus network securityStudy of campus network security
Study of campus network securityTrishla Thakur
 
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CloudIDSummit
 

Ähnlich wie NetGains Infrastructure Security (20)

00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3
 
Thick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdfThick Client Penetration Testing Modern Approaches and Techniques.pdf
Thick Client Penetration Testing Modern Approaches and Techniques.pdf
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptx
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
 
Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1Plnog13 2014 security intelligence_pkedra_v1
Plnog13 2014 security intelligence_pkedra_v1
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Tecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentaliTecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentali
 
talk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptxtalk6securingcloudamarprusty-191030091632.pptx
talk6securingcloudamarprusty-191030091632.pptx
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information Security
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Database Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best PracticesDatabase Security Threats - MariaDB Security Best Practices
Database Security Threats - MariaDB Security Best Practices
 
It security
It securityIt security
It security
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
 
Study of campus network security
Study of campus network securityStudy of campus network security
Study of campus network security
 
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
 
Dstca
DstcaDstca
Dstca
 

Mehr von NetGains Technologies Pvt. Ltd.

eSigner.NET - Digital Signing and Encryption the easy way
eSigner.NET - Digital Signing and Encryption the easy wayeSigner.NET - Digital Signing and Encryption the easy way
eSigner.NET - Digital Signing and Encryption the easy wayNetGains Technologies Pvt. Ltd.
 

Mehr von NetGains Technologies Pvt. Ltd. (11)

Successful employees
Successful employeesSuccessful employees
Successful employees
 
Multi channel communication center M3C
Multi channel communication center M3CMulti channel communication center M3C
Multi channel communication center M3C
 
Email + social marketing
Email + social marketingEmail + social marketing
Email + social marketing
 
Office connect hybrid microsoft exchange
Office connect hybrid microsoft exchangeOffice connect hybrid microsoft exchange
Office connect hybrid microsoft exchange
 
DR hosting & cloud
DR hosting & cloudDR hosting & cloud
DR hosting & cloud
 
Email deliverability
Email deliverabilityEmail deliverability
Email deliverability
 
Demystifying email deliverability
Demystifying email deliverabilityDemystifying email deliverability
Demystifying email deliverability
 
M3C email-marketing_sms_platform
M3C email-marketing_sms_platformM3C email-marketing_sms_platform
M3C email-marketing_sms_platform
 
Website redesign tips-tricks_1
Website redesign tips-tricks_1Website redesign tips-tricks_1
Website redesign tips-tricks_1
 
Digital signature & certificate
Digital signature & certificateDigital signature & certificate
Digital signature & certificate
 
eSigner.NET - Digital Signing and Encryption the easy way
eSigner.NET - Digital Signing and Encryption the easy wayeSigner.NET - Digital Signing and Encryption the easy way
eSigner.NET - Digital Signing and Encryption the easy way
 

Kürzlich hochgeladen

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 

Kürzlich hochgeladen (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 

NetGains Infrastructure Security

  • 1. NetGains Mail & Application Server Confidentiality & Security – Layered Approach Layered approach for securing NetGains Mail & Application Servers. It is a technical strategy, espousing adequate measures be put in place at different levels within the network infrastructure. It is also an organizational strategy, requiring participation from the clients, users, administrators & business owners. The layered-security approach centers on maintaining appropriate security measures and procedures at five different levels within the IT environment
  • 2. NetGains Mail & Application Server Confidentiality & Security – Layered Approach Security level Applicable security measures 1. Perimeter • Firewall • Network-based anti-virus 2. Network • Intrusion detection /prevention system • Vulnerability management system • Endpoint security compliance • Access control /user authentication 3. Host Host 4. Application • Host IDS & Host VA • Access control/user authentication • Input validation 5. Data • Encryption • Access control/user authentication IDS & Host VA Endpoint security compliance Anti-virus Access control/user authentication
  • 3. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 1: PERIMETER SECURITY    The perimeter is the first line of defense from outside, un-trusted networks. The perimeter acts as the first and last point of contact for security defenses protecting the network. It is the area where your network ends and the Internet begins. Sonic FireWALL PRO 3060      Real-Time Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention. Powerful Content Filtering. Deep Packet Inspection Firewall Real-Time Blacklist Spam Filtering Policy-based NAT
  • 4. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 2: NETWORK SECURITY The network level of the layered-security model refers to internal LAN and WAN. • Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) • Vulnerability management - Vulnerability management systems perform two related functions: (1) they scan the network for vulnerabilities and (2) they manage the process of repairing the vulnerabilities found. • Endpoint security compliance (for VPN & RAS devices) • Access control/authentication (Network Level access) Answer: The Network level done administration is done by the ISP
  • 5. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 3: HOST SECURITY In the layered-security model, the host level pertains to the servers configurable parameters that, when set inappropriately, can create exploitable security holes. These parameters include registry settings, services (applications) operating on the device, or patches to the operating system or important applications.  Host-based intrusion detection systems (IDSs)  Host-based vulnerability assessment (VA)  Endpoint security compliance  Anti-virus  Access control/authentication Answer: * For this we use Trend Micro Interscan Messaging Security Suite which gives protection against Viruses, Spam and FTP traffic.
  • 6. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 4: APPLICATION SECURITY Application-level security is currently receiving a great deal of attention.      Poorly protected applications can provide easy access to confidential data and records. The hard truth is that most programmers don’t code with security in mind. Application shield - application-level firewall. Access control/authentication - only authorized users are able to access the application. Input validation - Input validation measures verify that application input traveling across your network is safe to process.
  • 7. NetGains Mail & Application Server Confidentiality & Security – Layered Approach LEVEL 5: DATA SECURITY Data-level security entails a blend of policy and encryption. Encrypting data where it resides and as it travels across your network is a recommended best practice because, if all other security measures fail, a strong encryption scheme protects your proprietary data. Encryption Important Customer data is stored in the SQL Server Database and is completely encrypted. Access control / authentication There is a role based access to data. Eg  A programmer has access only to Application files.  Important Customer data & Profile is stored in Database and only DBA can access it.  An Administrator of the system can only administer the data and has no access to database & applications.  RAID 10 for Hard-disk redundancy.  TAPE backup
  • 8. NetGains Mail & Application Server Confidentiality & Security – Layered Approach Thank You ! NetGains Technologies 708/709, Corporate Avenue, Sonawala Lane, Goregaon(E) Mumbai – 400 063. Sales: +91-22-6525 7000 / +91-22-6139 7000 Mobile : 9820089256 / 989200782