IF-MAP: Open Standards for Coordinating Security - PowerPoint PPT Presentation

About This Presentation
Title:

IF-MAP: Open Standards for Coordinating Security

Description:

Host Anti-Virus. Host. Security. Network. Firewall. Network ... Network Anti-Virus. Network. Security. Information Security Present. Partial Coordination ... – PowerPoint PPT presentation

Number of Views:101
Avg rating:3.0/5.0
Slides: 13
Provided by: stephe120
Learn more at: https://www.ietf.org
Category:

less

Transcript and Presenter's Notes

Title: IF-MAP: Open Standards for Coordinating Security


1
IF-MAP Open Standards for Coordinating Security
  • Presentation for SAAG
  • IETF 72, July 31, 2008
  • Steve Hanna shanna_at_juniper.net

2
Information Security Past - Isolation
3
Information Security Present Partial
Coordination
Network AccessControl (NAC)
4
Information Security Future Full Coordination
NAC withIF-MAP
5
Basic NAC Architecture
Access Requestor (AR)
Policy Decision Point (PDP)
Policy Enforcement Point (PEP)
6
Integrating Other Security Systems
Access Requestor (AR)
Policy Decision Point (PDP)
Policy Enforcement Point (PEP)
Metadata Access Point (MAP)
Sensors, Flow Controllers
7
TNC Architecture
PolicyEnforcementPoint
MetadataAccessPoint
Sensors and Flow Controllers
Access Requestor
8
What is IF-MAP?
  • Standard Published by Trusted Computing Group
  • https//www.trustedcomputinggroup.org/groups/netwo
    rk
  • Standard Requests Responses
  • Publish, Search, Subscribe, Poll
  • Standard Identifiers
  • device, identity, ip-address, mac-address,
    access-request
  • Standard Metadata
  • device-attribute, event, role, capability,
    layer2-information
  • Standard Links (marked with metadata)
  • access-request-device, access-request-ip,
    access-request-mac, authenticated-as,
    authenticated-by, ip-mac
  • Protocol Binding for SOAP
  • Ability to define optional vendor-specific
    extensions

9
Example IF-MAP Graph
10
IF-MAP Benefits
  • More Informed Sensors
  • Sensors can tune by role and other things
  • Should reduce false alarms
  • Policy and Reports in Business Terms
  • User identity and role vs. IP address
  • Simpler, easier to manage
  • Automated Response (if desired)
  • Faster response stronger security
  • Less expense due to automation
  • Customer Choice and Flexibility
  • No need to buy all security products from one
    vendor
  • Can reuse and integrate existing security systems

11
Security and PrivacyConsiderations
  • MAP Storehouse of Sensitive Data, Critical
    Nerve Center
  • MUST
  • TLS with mutual auth for IF-MAP clients
  • publisher-id and timestamp to track changes
  • SHOULD
  • authorization, DOS protection, anomaly detection,
    physical and operational security, hardening,
    etc.
  • not keep historical data

12
Discussion
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "IF-MAP: Open Standards for Coordinating Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!