Information security management system of a corporate network
Дипломная работа - Компьютеры, программирование
Другие дипломы по предмету Компьютеры, программирование
some aspects of commercial use cases, such as audit support;
.No policy distribution and attestation function.IT GRCM capability complements Trustwave's other business units, which specialize in consulting and PCI compliance. Trustwave GRC has great flexibility through customization, but little out-of-the-box content. While the product does provide some out-of-the-box mappings into common regulations and frameworks, there are gaps for major regulations and control standards. The product lacks a native automated general computer control collection capability, and it does not support out-of-the-box integrations with common third-party products to import configuration and vulnerability data - although there is a general data integration interface. Trustwave is developing a new technology base for its IT GRCM offering that will support unified compliance framework. Trustwave will need to carry both products and define a migration path to the new technology.products main strengths are the following.
1.Product is a good fit for organisations that are looking for a flexibility, and that wish to have consultants customize and configure their IT GRCM functions;
2.Surveys, workflow and policy attestation support control self-assessment., the product has the following problems.
1.Although Trustwave GRC supports drag-and-drop associations between controls and control objectives, it doesn't provide out-of-the-box mappings into common regulations and frameworks;
2.The product doesn't provide native general computer control collection, nor does it support out-of-the-box integrations with common third-party products to import configuration and vulnerability data (although it can be customized to do so);
.Trustwave will be moving to a new technology base - and it will need to carry both products and define a migration path to the new technology.
1.4.2 The most integrated existent IS management solution
Information security management products presently offered on the Ukrainian market include mostly the narrow solutions: risk managers, compliance scanners and penetration tests (network perimeter tests).most integrated IS management solution present in the Ukrainian market today is Lumension Endpoint Management and Security Suite (L.E.M.S.S.) produced by Lumension Security, Inc., a worldwide leader in operational security. The company became famous due to its developments, integrations and marketing of endpoint security software solutions that help businesses protect their critical information and manage the most important risks in the computer network assets.product itself is a composition of five special-purpose sections: vulnerability management, endpoint protection, data protection, compliance and it risk management, endpoint operations. The fig. 1.5 below is a generalised scheme of the products structure from the official datasheet [13].
. 1.5. The official illustration of the Lumension Endpoint Management and Security Suite structure
of the sections are subdivided into product modules. Endpoint Operations Product Modules are Patch and Remediation, Security Configuration Management, Enterprise Reporting. Endpoint Security and IT Risk Management Product Modules are Application Control, AntiVirus, Device Control, Risk Manager. The structure is described more in detail below.
1.Endpoint operations product modules
1.1.Patch and Remediation: Reduces corporate risk and optimizes IT operations through the timely, proactive elimination of operating system and application vulnerabilities across all endpoints and servers.
1.2.Security Configuration Management: Ensures that endpoints are securely configured and in compliance with industry best practices and regulatory mandates.
.3.Enterprise Reporting: Provides centralized visibility of IT assets and consolidates vulnerability and configuration data across the enterprise.
2.Endpoint security and it risk management product modules
2.1.Application Control: Enables the enforcement of application usage policies to ensure that only software that is explicitly authorized or trusted is allowed to execute.
2.2.AntiVirus: Provides comprehensive protection against all malware including viruses, spyware, Trojans and adware.
.3.Device Control: Identifies all removable devices that are now or have ever been connected to your endpoints and enforces device / port access and data encryption policies to prevent data loss and/or theft.
.4.Risk Manager: Automates compliance and IT risk management workflows and provides necessary visibility of people, processes and technology across the entire organisation. Imports scan data from multiple Lumension products and 3rd party scanning devices to its standalone interface..E.M.S.S. is positioned as a solution that will provide an extended control over the corporate workstations, at the same time reducing the control complexity by centralising the management functions and automating the network data mining.s rapidly changing IT network is more distributed and virtual than ever sensitive data is often stored on remote endpoints, such as laptops and mobile PDAs, and accessed through public Wi-Fi networks connected to an organisations IT network via the Internet. Mounting budget pressures are forcing companies to look increasingly at virtual and cloud-based computing alternatives. In addition, traditional point-based technologies and solutions have added more complexity and cost to organisations, because IT teams are focusing on the integration of disparate technologies and have to use many different consoles across multiple products.IT environments have become increasingly dynamic and distributed with data flowing across a myriad of devices and platforms, companies have effectively lost control of their information.approaches and solutions are required to ensure enhanced security and compliance with the lowest total cost of ownership possible. The once-separate IT functions of operations and security must collaborate and share information seamlessly to proactively address IT risk in a more effective and efficient manner. Lumension Endpoint Management and Security Suite is an extensible solution suite developed on the Lumension Endpoint Management Platform that reduces management complexity, minimizes TCO, improves visibility and delivers information control back to IT..E.M.S.S. is intended to provide the following:
1.Reduced complexity and TCO via an agile infrastructure, which delivers modularly licensed product capabilities through an integrated console and single-agent architecture;
2.Greater visibility and control with an end-to-end approach that includes capabilities to meet endpoint operations, security, compliance and IT risk management needs;
.Enhanced security, reduced operational friction and greater control of endpoints via Lumension Intelligent Whitelisting, which combines Lumension AntiVirus, Lumension Application Control, and Lumension Patch and Remediation with a trusted change management engine into a unified workflow;
.Endpoint power management which reduces power consumption costs and enables the management and security of both online and offline endpoints.key benefits of the product are stated to be the following:
1.Reduce it environment complexity;
2.Decrease endpoint total cost of ownership;
.Provide greater visibility into and control over customers networks endpoints;
.Raise security and compliance posture;
.Support customers it operational and security mandates within a dynamic business environment;
.Rationalize endpoint management and security workflows;
.Ensure continuous endpoint protection.features of the product are stated as the following
1.Integrated endpoint management console: Web-based console and workflow-based navigation simplify and optimize IT operations.
2.Modularly licensed capabilities: An extensible platform that enables both Lumension capabilities as well as 3rd party developed capabilities to be easily integrated.
.Comprehensive and automated reporting: Delivers a holistic view of your environmental risk with a full range of operational and management reports that consolidate information within a single management console.
.Continuous and full discovery of the it Environment: Integrates award-winning solution capabilities to provide complete discovery of whats in your IT environment, including capabilities such as application whitelisting, device control, patch management, anti-virus and configuration management.
.Scalable and agile architecture: Delivers both pull and push approaches to endpoint communication and policy distribution.
.Optimized compliance and it risk management: Streamlines compliance and IT risk management workflows and ensures continuous monitoring of compliance and IT risk postures.
.Power management policy enforcement: Centralizes power management policies to achieve maximum energy efficiency for both online and offline machines. Wake- On-LAN capability ensures that offline machines receive critical patches and software updates.
.Single promotable agent: Flexible agent architecture delivers services on the fly without requiring burdensome upgrades or agent bloat, provides easy agent install / uninstall capabilities, and offers self-monitoring and recovery capabilities., L.E.M.S.S. lacks top-level management instruments that would provide understandable control interface for anyone from the board of directors, independently on profession.
1.4.3 Common problems of the existent solutions
Of existent solutions on the Ukrainian market, none covers all the aspects (requirements) of the standards.the most integrated IS management solution present on the Ukrainia