Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team

advertisement
Safeguarding OECD
Information Assets
Frédéric CHALLAL
Head, Systems Engineering Team
OECD
Agenda





Network Security
Remote Access
Anti-Virus Protection
E-mail Content Filtering and Blocking
Possible Future Directions
Network Security
SITA
Internet
Internet DMZ
External
Firewall
X25
Internal
Firewall
Extranet DMZ
Private Network
Network Security





2 levels of firewalls for access control
2 separate DMZs to protect sensitive
information
Outgoing Internet access through
application relays
Intrusion detection systems on both
DMZs
Vulnerability scanning on a regular
basis
Intrusion Detection System


Network sensor watching for attack
signatures
Responses to suspicious activity:




Connection termination
Alerts sent by E-mail
Session recorded
Other …
Remote Access
Exchange
Web
SQL
Remote Access

For portables and Outlook Web Access
users to access the OECD network, twofactor authentication based on:



A PIN number (known by the user)
An authenticator (either hardware or
software)
Also based on Windows authentication
to access network resources
Anti-Virus Protection
Network
Server
Point of Entry
Point of Entry
Gateway &
Firewall
E-mail &
SMTP relay
Point of Entry
Internet
Client
Prevention And Detection

Anti-Virus products from 2 different
vendors installed on:








Desktops and laptops
File Servers
E-mail Servers
SMTP Relays
Signature updates on a weekly basis
Scanning on PCs and servers on a weekly
basis
User Education
Being Prepared


Basic Network Security
Standard Disaster Recovery Procedures
E-mail Content Filtering and Blocking


Implemented after the ILOVEYOU
virus
SMTP relay level filtering of all
incoming and outgoing Internet
messages:




Scan for viruses
Block « program » attachments and
HTML scripts for 2 days
Search for « suspicious » text strings in
subject
Reporting to management
E-mail Content Filtering and Blocking
W32/Navidad
W32/Navidad-B
Possible Future Directions




Outsource detection and reporting of
network vulnerabilities
SSL for Outlook Web Access
Use RTBL to prevent spamming
Content inspection on HTTP/FTP
downloads
Comments and Questions?
Download