Está en la página 1de 14

PRESENTATION ON UNIFIED THREAT MANAGEMENT(UTM)

By Guneet Garg Sahil Arora Dhruv Agrawal

Current Trends

Speed & sophistication of cyber-attacks is dramatically increasing


Blended threats, hybrid attacks and automated tools have become popular and getting them is easy Critical infrastructure is dependent on Internet, and threats are progressively more unpredictable Security problems cost time, money and pain

E-mail Viruses

E-mail has become the primary means for distributing threats Trojans are easy to deliver and install

Corp Network

HTML viruses (no user intervention) with webmail


E-mails with attachments containing:

Macros, VB scripts, java scripts and html scripts

File Based Threats


File Server

Example: Internet download Viruses and malicious code infection:


Peer to Peer Instant Messaging apps Shareware sites Compromised servers

Corp Network

Legitimate corporations
Web based email

Threats pass through firewalls Once inside the network, others are easily affected

Firewall Technology

Typical firewalls are effective for port blocking If a port is open it is assumed any data can pass Intrusion detection is a reactive approach that does not actively protect

Security must be built upon deep packet inspection, AV/Spy/Intrusion prevention with dynamic updates

User Zone

Server Zone

The New Standard - UTM

Unified Threat Management Integration of Firewall


Deep Packet Inspection Intrusion Prevention for blocking network threats Anti-Virus for blocking file based threats Anti-Spyware for blocking Spyware

Faster updates to the dynamic changing threat environment and elimination of False Positives

Unified Threat Management Applications


Firewall VPN Basic bandwidth Management

Content Filtering Reporting Secure Wireless High Availability - Appliance

Gateway AV, Intrusion Prevention and Antispyware

ISP LoadBalancing/Failover
Central Management

Dynamic Host Configuration Protocol (DHCP)

Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope) configured for a given network. When a computer uses a static IP address, it means that the computer is manually configured to use a specific IP address. One problem with static assignment, which can result from user error or inattention to detail, occurs when two computers are configured with the same IP address. This creates a conflict that results in loss of service. Using DHCP to dynamically assign IP addresses minimizes these conflicts.

Domain Name System (DNS)


The Internet, and many larger private Internet Protocol (IP) networks, rely on the Domain Name System (DNS) to help direct traffic. The DNS maintains a distributed database of network names and addresses, and it provides methods for computers to remotely query the database. Some people call DNS the "phone book of the Internet." DNS uses a client/server network architecture. DNS servers are the computers designated to store DNS database records (names and addresses), while clients of the DNS include PCs, phones and other devices of end users. DNS servers also interface with each other, acting as clients to each other when needed.

WEB SERVER

At the most basic level, a web server is simply a computer program that dispenses web pages as they are requested. The machine the program runs on is usually also called a server, and the two references are interchangeable in everyday conversation. When someone sits down at a computer and enters an address into an internet browser like Internet Explorer or Firefox, the browser sends a request off into the internet asking to view the web page found at that address. The web server is the program or machine that responds to that request, and delivers the content of the page back to the user.

MAIL SERVER

A mail server is a computer that serves as an electronic post office for email. Mail exchanged across networks is passed between mail servers that run specially designed software. This software is built around agreed-upon, standardized protocols for handling mail messages and the graphics they might contain. Citadel/UX (typically referred to simply as "Citadel") is a collaboration suite (messaging and groupware) that is descended from the Citadel family of programs which became popular in the 1980s and 1990s as a bulletin board system platform. It is designed to run on open source operating systems such as Linux or BSD.

FUTURE SCOPE
For enterprises with remote networks or distantly located offices, UTMs are a means to provide centralized security with complete control over their globally distributed networks. Key advantages Reduced complexity: Single security solution. Single Vendor. Single AMC Simplicity: Avoidance of multiple software installation and maintenance Easy Management: Plug & Play Architecture, Webbased GUI for easy management Reduced technical training requirements, one product to learn. Regulatory compliance

REFRENCES
Web Server http://computernetworkingnotes.com/network-administrations/web-server.html http://www.linuxnix.com/2012/05/setup-ip-address-single-nic-linux.html http://www.linuxforums.org/forum/suse-linux/124680-how-create-virtual-nic.html DHCP Server http://www.johncooke.info/linux/dhcpdconf.php http://docstore.mik.ua/orelly/networking/tcpip/appd_03.htm http://www.tldp.org/HOWTO/DHCP/x369.html http://oob.freeshell.org/nzwireless/dhcpd.html http://www.qnx.com/developers/docs/6.3.2/neutrino/utilities/d/dhcpd.conf.html Man Pages in linux DNS Server http://theos.in/desktop-linux/resolve-conf-linux-example/ http://www.cyberciti.biz/tips/linux-how-to-setup-as-dns-client.html http://www.cyberciti.biz/tips/how-do-i-improve-dns-performance-on-linuxwindows-desktop.html Man Pages in linux Mail Server http://en.wikipedia.org/wiki/Message_transfer_agent http://en.wikipedia.org/wiki/List_of_mail_servers Citadel http://en.wikipedia.org/wiki/Citadel/UX http://citadel.org/doku.php?id=documentation:start