DOCSLIB.ORG

End Point Security Patch Automation WP

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
End Point Security Patch Automation WP Sponsor Gold © 2017 Security Current. All rights reserved. All trademarks and service marks are the property of their respective owners. CISOs INVESTIGATE: ENDPOINT SECURITY 2 Table of Contents INTRODUCTION.......................................................................................................................................................................................................4 A CISO LOOKS AT THE CONTINUING EVOLUTION OF ENDPOINT SECURITY......................................................................................................6 TECHNOLOGY OVERVIEW..............................................................................................................................................................................................10 Key Considerations........................................................................................................................................................................................10 Endpoint Security Core Features...........................................................................................................................................................11 A Deeper Dive Into Endpoint Security.....................................................................................................................................................12 What’s In Your Architecture Drawing?......................................................................................................................................................14 What Do Solution Vendors Provide?...........................................................................................................................................................15 What’s In Your Minimum Security Baseline?..........................................................................................................................................16 SELLING TO THE C-SUITE..............................................................................................................................................................................................19 Reducing Potential Losses From a Breach.............................................................................................................................................20 Endpoint Security’s Role in the Defense-In-Depth Approach.........................................................................................................20 Calculating Return on Investment..........................................................................................................................................................21 Staffing Implications.....................................................................................................................................................................................22 Maintaining Compliance through Endpoint Security......................................................................................................................24 Beyond Security: Other Business Cases...........................................................................................................................................25 To Deploy Or Not to Deploy.......................................................................................................................................................................26 Market Assessment........................................................................................................................................................................................28 KEY TAKEAWAYS...............................................................................................................................................................................................................30 IS NEXT GENERATION ENDPOINT SECURITY REALLY NECESSARY?...............................................................................................................32 SUMMARY........................................................................................................................................................................................................34 CISO CONTRIBUTIONS...................................................................................................................................................................................................35 ADP..............................................................................................................................................................................................................................35 American Bureau Of Shipping.......................................................................................................................................................................38 ASRC Federal....................................................................................................................................................................................................40 Freeport-McMoRan Inc..................................................................................................................................................................................42 National Life Group.......................................................................................................................................................................................44 The Ohio State University............................................................................................................................................................................46 Oppenheimer & Co.................................................................................................................................................................................................48 Perdue Farms...................................................................................................................................................................................................50 RWJBarnabas Health..................................................................................................................................................................................52 Western Digital Corporation.......................................................................................................................................................................55 Wisconsin Department of Health Services..........................................................................................................................................57 APPENDIX A – IBM RFI.....................................................................................................................................................................................................59 APPENDIX B – IBM SPONSORED ADDENDUM.........................................................................................................................................................63 APPENDIX C – SUPPLEMENTAL INFORMATION......................................................................................................................................................64 The views and opinions expressed in this report by the lead writer and each CISO (executive) Contributor are the author’s own views and opinions and do not reflect the views or opinions of any other person or entity, including any other author or any author’s associated organization. CISOs INVESTIGATE: ENDPOINT SECURITY 3 INTRODUCTION Introduction The rise of the cloud and mobile computing has rapidly changed the nature of enterprise cybersecurity. The old paradigm, where all work was done behind a company firewall, has been breaking down. Employees work not just at the office, but also on the road and at home, on mobile devices and on their own personal computers. They’re no longer using a limited stack of enterprise applications. Instead, they increasingly require access to a wide variety of apps, cloud services, and new communication platforms. The result is a much larger attack surface, one that is hard to protect with traditional approaches – and one that is growing faster than ever before as users adopt new types of devices, new applications, and new services. Often, companies don’t even know all the tools that their employees are using. At the same time, the potential threats that enterprises are facing have grown significantly in variety, capabilities, and size. Today, companies are beset not only by hackers looking for a thrill, but also by nation-state actors, hacktivists, corporate spies, small time crooks, and large criminal organizations. These adversaries have at their disposal an ever-growing collection of open-source hacking tools and commercial software. There are also online services offering ready-to-go ransomware campaigns. Meanwhile, with zero-days and other stealthy attacks, enterprises have less and less time to spot intrusions and take steps to contain them. Today’s malware, once it gets a foothold, can spread quickly. Once in an enterprise, attackers can secretly infiltrate more and more systems and collect more and more data. Or they can quickly and immediately launch large-scale ransomware attacks that can take down large numbers of computers and and lock up enterprise data. As a result, the damage caused by the attacks has also been increasing at a staggering pace, with ransomware alone reportedly crossing the $1 billion revenue threshold in
Load more

Recommended publications
  • The Application Usage and Risk Report an Analysis of End User Application Trends in the Enterprise
    The Application Usage and Risk Report An Analysis of End User Application Trends in the Enterprise 8th Edition, December 2011 Palo Alto Networks 3300 Olcott Street Santa Clara, CA 94089 www.paloaltonetworks.com Table of Contents Executive Summary ........................................................................................................ 3 Demographics ............................................................................................................................................. 4 Social Networking Use Becomes More Active ................................................................ 5 Facebook Applications Bandwidth Consumption Triples .......................................................................... 5 Twitter Bandwidth Consumption Increases 7-Fold ................................................................................... 6 Some Perspective On Bandwidth Consumption .................................................................................... 7 Managing the Risks .................................................................................................................................... 7 Browser-based Filesharing: Work vs. Entertainment .................................................... 8 Infrastructure- or Productivity-Oriented Browser-based Filesharing ..................................................... 9 Entertainment Oriented Browser-based Filesharing .............................................................................. 10 Comparing Frequency and Volume of Use
    [Show full text]
  • Contract Number: 4400016179
    Page 1 of 2 FULLY EXECUTED Contract Number: 4400016179 Original Contract Effective Date: 12/13/2016 Valid From: 01/01/2017 To: 12/31/2018 All using Agencies of the Commonwealth, Participating Political Subdivision, Authorities, Private Colleges and Universities Purchasing Agent Name: Millovich Joseph Your SAP Vendor Number with us: 102380 Phone: 717-214-3434 Fax: 717-783-6241 Supplier Name/Address: IBM CORPORATION P.O. Box 643600 PITTSBURGH PA 15264-3600 US Please Deliver To: To be determined at the time of the Purchase Order unless specified below. Supplier Phone Number: 7175477069 Contract Name: Payment Terms IBM Software & Related Services NET 30 Solicitation No.: Issuance Date: Supplier Bid or Proposal No. (if applicable): Solicitation Submission Date: This contract is comprised of: The above referenced Solicitation, the Supplier's Bid or Proposal, and any documents attached to this Contract or incorporated by reference. Item Material/Service Qty UOM Price Per Total Desc Unit 2 Licenses/Appliances/Subscriptions/SaaS 0.000 0.00 1 0.00 Item Text Software: includes, but is not limited to, commercially available licensed software, software appliances, software subscriptions and software as a service (SaaS). Agencies must develop and attach the Requirements for Non-Commonwealth Hosted Applications/Services when purchasing SaaS (see Appendix H). -------------------------------------------------------------------------------------------------------------------------------------------------------- 3 Services/Support/Maintenance 0.000 0.00
    [Show full text]
  • Apple Remote Desktop Protocol Specification
    Apple Remote Desktop Protocol Specification Demonology and foreknowable Bobby powwows almost dishonorably, though Rolland intoning his repassages aspiring. Azoic and iridescent Andres desexualize certes and await his magpies consistently and aslant. Ungrudged Virgil reacquires ornately. Free Rdp Demo Animals Way SA. Deciphering the Messages of Apple's T2 Coprocessor Duo. Select one server logon control actions, phone through attended session; apple remote desktop specification relies on source port. Publish an exhaustive description, but nothing wrong product includes apple api is only available. Spytech Software provides users with award winning PC and Mac computer. Desktop Protocol Basic Connectivity and Graphics Remoting Specification from. Remote fork and a Desktop ready for your PC Mac and Linux devices. Rdesktop A long Desktop Protocol Client. Nx client linux skarban. Realvnc multiple monitors mac Arte in zucca. For RDP exist for Microsoft Windows Mic04d and Mac OS X Mic04c. The remote desktop feature a compatible with direct mode run the Apple. VMWare Apple Remote Desktop Microsoft Remote Desktop Connection. Enter your machines. CudaLaunch Barracuda Networks. No longer need this is included in using notepad on? Recipe how the Apple Wireless Direct Link Ad hoc Protocol arXiv. Apple remote and free download mac. Ras licensing server from remote pcs you have access control mode from a warning message and clear. Open source vnc Symmetry Scribes. Live video streaming production software Tech Specs. Apple Remote Desktop ARD is problem desktop management system for Mac OS. Record level accessibility api decides what you can! Remote not Software BeyondTrust aka Bomgar Jump. Remote desktop retina display. Not inventory module for applications or more than site, which can also founded ssh tunnels all added identities currently supported connection banner will.
    [Show full text]
  • IBM Bigfix: Installation Guide Chapter 1
    IBM BigFix Version 9.2 Installation Guide IBM IBM BigFix Version 9.2 Installation Guide IBM Note Before using this information and the product it supports, read the information in “Notices” on page 189. This edition applies to version 9, release 2, modification level 0 of IBM BigFix and to all subsequent releases and modifications until otherwise indicated in new editions. © Copyright IBM Corporation 2010, 2015. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Chapter 1. Introduction ........ 1 Step 2 - Requesting a license certificate and What is new in V9.2 ............ 1 creating the masthead .......... 42 Service Management Connect......... 3 Step 3 - Installing the components ...... 50 Architectural components overview....... 3 Removing the Primary Server on Windows systems 88 Uninstalling a Windows replication server .... 88 Chapter 2. Sample deployment scenarios .............. 5 Chapter 9. Installing on Linux systems 89 Basic deployment............. 6 Installing and configuring DB2 ........ 89 Main Office with Fast-WAN Satellites ...... 7 Installation Steps ............ 90 Disaster Server Architecture ......... 9 Step 1 - Downloading IBM Endpoint Manager.. 90 Efficient relay setup ........... 10 Step 2 - Installing the Server........ 91 Hub and spoke ............. 11 Step 3 - Verifying Server Installation ..... 98 Remote Citrix / Terminal Services Configuration .. 13 Installation Command Options ........ 98 Silent installation ............ 99 Chapter 3. Assumptions and Installation Folder Structure ........ 106 Configuration, Masthead, and Log Files .... 107 requirements ............ 17 Managing the BigFix Services ........ 108 Assumptions .............. 17 Changing the database password ....... 108 Server requirements ........... 18 Changing the DB2 port .......... 109 Console requirements ........... 19 Authenticating Additional Servers (DSA) .... 109 Client requirements............ 19 Using DB2 Authentication .......
    [Show full text]
  • Insight Manufacturers, Publishers and Suppliers by Product Category
    Manufacturers, Publishers and Suppliers by Product Category 2/15/2021 10/100 Hubs & Switch ASANTE TECHNOLOGIES CHECKPOINT SYSTEMS, INC. DYNEX PRODUCTS HAWKING TECHNOLOGY MILESTONE SYSTEMS A/S ASUS CIENA EATON HEWLETT PACKARD ENTERPRISE 1VISION SOFTWARE ATEN TECHNOLOGY CISCO PRESS EDGECORE HIKVISION DIGITAL TECHNOLOGY CO. LT 3COM ATLAS SOUND CISCO SYSTEMS EDGEWATER NETWORKS INC Hirschmann 4XEM CORP. ATLONA CITRIX EDIMAX HITACHI AB DISTRIBUTING AUDIOCODES, INC. CLEAR CUBE EKTRON HITACHI DATA SYSTEMS ABLENET INC AUDIOVOX CNET TECHNOLOGY EMTEC HOWARD MEDICAL ACCELL AUTOMAP CODE GREEN NETWORKS ENDACE USA HP ACCELLION AUTOMATION INTEGRATED LLC CODI INC ENET COMPONENTS HP INC ACTI CORPORATION AVAGOTECH TECHNOLOGIES COMMAND COMMUNICATIONS ENET SOLUTIONS INC HYPERCOM ADAPTEC AVAYA COMMUNICATION DEVICES INC. ENGENIUS IBM ADC TELECOMMUNICATIONS AVOCENT‐EMERSON COMNET ENTERASYS NETWORKS IMC NETWORKS ADDERTECHNOLOGY AXIOM MEMORY COMPREHENSIVE CABLE EQUINOX SYSTEMS IMS‐DELL ADDON NETWORKS AXIS COMMUNICATIONS COMPU‐CALL, INC ETHERWAN INFOCUS ADDON STORE AZIO CORPORATION COMPUTER EXCHANGE LTD EVGA.COM INGRAM BOOKS ADESSO B & B ELECTRONICS COMPUTERLINKS EXABLAZE INGRAM MICRO ADTRAN B&H PHOTO‐VIDEO COMTROL EXACQ TECHNOLOGIES INC INNOVATIVE ELECTRONIC DESIGNS ADVANTECH AUTOMATION CORP. BASF CONNECTGEAR EXTREME NETWORKS INOGENI ADVANTECH CO LTD BELDEN CONNECTPRO EXTRON INSIGHT AEROHIVE NETWORKS BELKIN COMPONENTS COOLGEAR F5 NETWORKS INSIGNIA ALCATEL BEMATECH CP TECHNOLOGIES FIRESCOPE INTEL ALCATEL LUCENT BENFEI CRADLEPOINT, INC. FORCE10 NETWORKS, INC INTELIX
    [Show full text]
  • What Did You Do in School Today Junior? an Analysis of Application Usage on K-12 School Networks
    What Did You Do In School Today Junior? An Analysis of Application Usage on K-12 School Networks March 2012 Palo Alto Networks 3300 Olcott Street Santa Clara, CA 95054 www.paloaltonetworks.com Table of Contents Key Findings ....................................................................................................................................................... 3 Introduction ....................................................................................................................................................... 4 Tools That Enable Circumvention ....................................................................................................................... 5 Encrypted Tunnels: Protection or Evasion? ................................................................................................................ 5 Remote Desktop Applications: What is the Use Case? .............................................................................................. 6 External Proxies: K‐12 Usage is Double Enteprise Usage ........................................................................................... 7 P2P FileSharing: Solution Of Choice For Moving Large Files ................................................................................. 8 Browser‐based Filesharing: Education or Entertainment? ................................................................................... 9 Browser‐based Filesharing use Case: Productivity ..................................................................................................
    [Show full text]
  • List of New Applications Added in ARL #2558
    List of New Applications Added in ARL #2558 Application Name Publisher xUnit.net 2.2 .NET Foundation xUnit.net 2.3 .NET Foundation xUnit.net 2.4 .NET Foundation Collaboration Synchronizer 19.21 Adobe Creative Cloud 1.1 Adobe Capture Classic FormFlow Filler 2.0 Adobe Collaboration Synchronizer 20.6 Adobe FlexDesk 1.40 Advanced Micro Devices FlexDesk 1.52 Advanced Micro Devices ChartDirector 1.5 Advanced Software Engineering PACES 7.0 AECOM Photos 6.0 Amazon Photos 5.9 Amazon mintty 2.6 Andy Koppe mintty 2.4 Andy Koppe mintty 2.5 Andy Koppe mintty 3.2 Andy Koppe mintty 2.2 Andy Koppe Electronics Desktop 2016 Ansys Rigid Body Dynamics 18.1 Ansys Electronics Desktop 2014 Ansys ECAD Translators 2016 Ansys Radio Toolbar 5.27 AOL Lucene.Net 2.0 Apache Software Foundation Watershed Modeling System 6.0 Aquaveo Engage 360 4.23 Articulate Global Quizmaker 360 5.23 Articulate Global Presenter 360 8.23 Articulate Global GDSFILT 1.46 Artwork Conversion Software GDSFILT 1.76 Artwork Conversion Software Unified Agent Desktop Client 7.2 Aspect Software Unified IP Chat Email OCX 7.2 Aspect Software Interactive Tiles 6.5 Aspect Software Producer 7.2 Aspect Software TIDAL 2.9 Aspiro Client Utility 2.4 Atheros OpenScape Desktop Client Personal Atos Secure Search 17.3 AVG Technologies Secure Search 4.2 AVG Technologies Secure Search 4.1 AVG Technologies Wireless Client Utility Belkin International RAM Frame 14.04 Bentley Systems Parametric Cell Studio 8.11 Bentley Systems STAAD.Pro 1.5 Bentley Systems ProjectWise InterPlot 1.02 Bentley Systems STAAD Foundation
    [Show full text]
  • The Paper Investigates the Role of Remote Working in Export Management, Determining How Virtual Organizations Can Manage Remote Working Effectively
    Texila International Journal of Management Volume 4, Issue 2, Jul 2018 The Paper Investigates the Role of Remote Working in Export Management, Determining How Virtual Organizations can Manage Remote Working Effectively Article by Seun Onakoya Management, Texila American University, Nigeria E-mail: [email protected] Abstract Remote working is becoming a growing trend within all technological & organizational business. However, in Export Management, its growing trend has voiced concerns over the containment of remote working and the determined impact it has on business. Communication continues to involve in Export Management especially, with the explosion of technology has meant that flexible working legislations have been introduced. However, there are managerial personnel who adhere to remote working without determining the effect it has on export performance. There are number of factors that have not been addressed and this article looks to highlight & investigate the impact remote working has on export management, how it can be managed and the influence it has on effectiveness, productivity and sales in export organizations, not to mention from an employee personnel point of view, identifying the positive role remote working may have on employee personnel and whether it develops a positive working environment and determine the attitude towards personnel within Export Management organizations. Because many of these antecedents can be controlled managerially, these findings suggest important ways in which a remote employee's work performance can be enhanced, through the intermediary effect of improved remote work self‐efficacy. The research will be tested with self-efficacy theory and critical research & historical evidence to investigate the global impact remote-working employees have, a type of psychology model that determines the adoptions of positive psychology.
    [Show full text]
  • IBM Bigfix IBM
    IBM BigFix IBM Installation Guide Version 9.5 IBM BigFix IBM Installation Guide Version 9.5 Note Before using this information and the product it supports, read the information in “Notices” on page 349. This edition applies to version 9, release 5, modification level 11 of IBM BigFix and to all subsequent releases and modifications until otherwise indicated in new editions. © Copyright IBM Corporation 2010, 2018. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. © HCL Technologies Limited 2018 Contents Chapter 1. Introduction ........ 1 A typical installation .......... 57 What is new in V9.5 ............ 1 A multiple server installation ....... 57 Service Management Connect ........ 11 Moving from evaluation installation to production Terms used in this guide .......... 11 installation .............. 58 Architectural components overview ...... 11 Chapter 7. Managing licenses ..... 61 Chapter 2. BigFix Platform Unicode Creating the License Authorization File ..... 62 Support Overview .......... 13 Licensing Assistance ........... 63 Masthead encoding parameters ........ 13 Extending the license entitlements ....... 63 Top-down data flow: from the BigFix server to the Distributing the Updated License and Masthead .. 64 clients ................ 14 Distributing the masthead from the Windows Bottom-up data flow: from BigFix clients to BigFix server to clients ............ 65 server ................ 14 Distributing the masthead from the Linux server Unicode support requirements and limitations... 15 to the clients ............. 67 Reading and writing files in the specific encodings 18 Background information ......... 18 Chapter 8. Before installing ...... 69 Reading file inspectors ......... 18 Configuring a Local Firewall ........ 69 Writing file with the encode command .... 19 Modifying port numbers .......... 69 Reading and writing files with encode ...
    [Show full text]
  • The Application Usage and Risk Report an Analysis of End User Application Trends in the Enterprise
    The Application Usage and Risk Report An Analysis of End User Application Trends in the Enterprise 9th Edition, June 2012 Palo Alto Networks 3300 Olcott Street Santa Clara, CA 94089 www.paloaltonetworks.com Table of Contents Executive Summary ........................................................................................................ 3 Demographics ................................................................................................................. 4 Streaming Media Bandwidth Consumption Triples ......................................................... 5 Streaming Video Business Risks ................................................................................................................ 6 Streaming Video Security Risks ................................................................................................................. 7 P2P Streaming and Unknown Malware ................................................................................................. 8 P2P Filesharing Bandwidth Consumption Increases 700% ............................................ 9 Business and Security Risks Both Old and New ...................................................................................... 10 Browser-based Filesharing Maintains Popularity ................................................................................... 10 Where Did The Megaupload Traffic Go? ................................................................................................... 11 Which Ports Do Filesharing Applications
    [Show full text]
  • Academic Freedom Or Application Chaos an Analysis of Application Usage on University Networks
    Academic Freedom or Application Chaos An Analysis of Application Usage on University Networks 3rd Edition, April 2012 Palo Alto Networks 3300 Olcott Street Santa Clara, CA 95054 www.paloaltonetworks.com Table of Contents Key Findings ....................................................................................................................................................... 3 Introduction ....................................................................................................................................................... 4 Circumvention Tools: Steady Or Increasing In Use .............................................................................................. 5 Encrypted Tunnels: Security or Evasion? .................................................................................................................... 5 Remote Desktop Applications: Teamviewer Gains Popularity ................................................................................... 6 External Proxies: Usage Remains High But Flat ......................................................................................................... 8 P2P Filesharing: Solution Of Choice For Moving Large Files ................................................................................. 9 Browser‐based Filesharing: Popularity Drives Segmentation .............................................................................. 10 Browser‐based Filesharing use Case: Productivity ..................................................................................................
    [Show full text]
  • An Analysis of End User Application Trends in the Enterprise, 7The Edition
    The Application Usage and Risk Report An Analysis of End User Application Trends in the Enterprise 7th Edition, May 2011 Palo Alto Networks www.paloaltonetworks.com Table of Contents Executive Summary ........................................................................................................ 3 Introduction .................................................................................................................... 4 SSL and Port Hopping Applications: The Elephant in the Room? .................................... 5 SSL on tcp/443 or Other Ports: The Majority of the Applications and Potential Risks ............................. 6 SSL on tcp/443 Only: A Small, but Significant Set of Applications ............................................................ 7 SSL on Dedicated, Non-Standard Ports: Some Business, Some Purposely Evasive ................................ 8 Applications That Can Use SSL: A Discussion of Risk vs Reward ......................................................... 9 Applications That Port Hop: The Ultimate Accessibility Feature? ............................................................. 9 Work is Increasingly Social ........................................................................................... 10 Social Networking: Big Growth for a Select Few ..................................................................................... 11 File Transfer/Sharing Applications: Will History be Repeated? ................................... 12 FTP: The Original File Transfer Application ............................................................................................
    [Show full text]