jak nie dać się podejść... - ochrona przed atakami wewnętrznymi na przykładzie systemu uac...
Post on 15-Apr-2017
409 Views
Preview:
TRANSCRIPT
Jak nie dać się podejść...Ochrona przed atakami wewnętrznymina przykładzie sysytemuUAC Juniper Networks
Wojciech GłażewskiCountry ManagerJuniper Networks
Piotr KędraInżynier SystemowyJuniper Networks
1.“Sales” user logs in from unpatched machine2.EX quarantines user – access patch server only – automatically remediated
4.User attempt to access “Finance” data blocked
3.Remediation success; full access grantedIC-EX establish VLAN, ACLs, and QoS for SessionUAC pushes role-based FW policies to SRXUAC pushes application-layer policies to IDP
Basic NAC Enforcement
1.“Sales” user logs in from unpatched machine2.Quarantined for automatic patch remediation
4.User attempt to access “Finance”5.data blocked
3.Remediation success; full access granted SA Session pushed to IC via IF-MAPUAC pushes role-based FW policies to SRXUAC pushes application-later policies to IDP
5. IDP Senses attack, informs IC SA terminates user sessionIC removes SRX/IDP access
Enterprise-wide Access Control
1.User accesses network
2.User attempts to access applications stored on Data Center
3. IDP detects network threat
4.Signals anomaly information to IC Series appliance
5. IC correlates network threat to specific user and device
6. IC pushes appropriate policy to UAC enforcement points
7.UAC enforcement points take appropriate access control actions against offending user and/or device
Coordinated Threat ControlUAC and IDP Series
top related