AGENDA 2 2 2002 Symantec Corporation.
70,000 (Code Red, Nimda) Number of Known Threats 60,000 50,000 40,000 30,000 20,000 DOS (Yahoo!, ebay) (Love Letter/Melissa) 10,000 (Tequila) 3 3 2002 Symantec Corporation. Source: Symantec
4 4 2002 Symantec Corporation. 2001 BP
Disappearing Perimeter IDC 5 5 2002 Symantec Corporation.
6 IT 6 2002 Symantec Corporation.
7 CSI/FBI 2001 Computer Crime and Security Survey Source: Computer Security Institute 7 2002 Symantec Corporation. Internet 2001: 384 /72% 2000: 443 /68% 1999: 324 /62% 1998: 279 /54% 1997: 391 /69% 1996: 174 /40%
8 8 2002 Symantec Corporation. LAN LAN LAN V Web Web Web
9 9 2002 Symantec Corporation. DoS
CERT 10 CERT http://www.cert.org/archive/pdf/attack_trend.pdf 10 2002 Symantec Corporation.
DoS DDoS 11 11 2002 Symantec Corporation.
CodeRed 26.2US 12 12 2002 Symantec Corporation.
20021 6 Port 80 13 13 2002 Symantec Corporation.
20022 6 20 CodeRed 14 14 2002 Symantec Corporation.
(Cyber Space) 20029 THE NATIONAL STRATEGY TO SECURER CYBER SPACE http://www.whitehouse.gov/pcipb/ 15 15 2002 Symantec Corporation.
1995 2001 OS 99% CERT 16 16 2002 Symantec Corporation. OS CERT/CC http://www.cert.org/stats
Web OpenSSH http://www.jpcert.or.jp/at/2002/at020004.txt Apache Web http://www.jpcert.or.jp/at/2002/at020003.txt IIS http://microsoft.com/japan/technet/treeview/default.asp?u rl=/japan/technet/security/bulletin/fq02-028.asp http://www.microsoft.com/technet/treeview/default.asp?ur l=/technet/security/bulletin/ms02-028.asp 17 17 2002 Symantec Corporation.
Apache SecurityFocus DB 36 18 18 2002 Symantec Corporation. SecurityFocus DB
IIS SecurityFocus DB 150 19 19 2002 Symantec Corporation. SecurityFocus DB
JNSA 54 20011 12 TOP5 Ver.1.0 http://www.ipa.go.jp/ 66% 20 20 2002 Symantec Corporation.
21 21 2002 Symantec Corporation.
OS 22 22 2002 Symantec Corporation.
1. 2. 3. 4. 23 23 2002 Symantec Corporation.
1. 2. Symantec AntiVirus Family 3. Symantec Enterprise Security Architecture 24 24 2002 Symantec Corporation.
Symantec Enterprise Security Manager Security Focus DeepSight 25 25 2002 Symantec Corporation.
Symantec Enterprise Security Manager (ESM) Security Focus DeepSight 26 26 2002 Symantec Corporation.
ESM Symantec Enterprise Security Manager 27 27 2002 Symantec Corporation.
ESM ESM XX 28, etc & 28 2002 Symantec Corporation. ESM
ESM Phase1Phase3 ISO 17799 Symantec Security Response team CERT Coordination Center SANS Institute Computer Incident Advisory Center (CIAC) Center for Internet Security (CIS) National Infrastructure Protection Center (NIPC) National Security Agency (NSA) Information Systems Audit and Control Association (ISACA) Application and operating system vendors 29 29 2002 Symantec Corporation.
21 30 30 2002 Symantec Corporation.
Windows / Unix 31 31 2002 Symantec Corporation.
2 32 32 2002 Symantec Corporation.
3 Everyone Everyone RRAS RAS TCP TCP 33 33 2002 Symantec Corporation.
4 OS OS OS OS OS 34 34 2002 Symantec Corporation.
35 35 2002 Symantec Corporation. ESM3 InternetWAN ESM ESM
HTML 36 36 2002 Symantec Corporation.
Case Study 1 ESM 37 37 2002 Symantec Corporation.
Case Study ESM Windows Unix rc 38 38 2002 Symantec Corporation.
Case Study CodeRed OS ESM OS OS 39 39 2002 Symantec Corporation.
Case Study ESM MD5 40 40 2002 Symantec Corporation.
41 ISO 17799 OS 41 2002 Symantec Corporation. WindowsNT,2000,XP,Solaris,HP-UX,AIX Web Server IIS,Apache,iPlanet Database Oracle,DB2 Firewall Checkpoint FireWall-1,Symantec Enterprise Firewall AntiVirus Norton AntiVirus Corporate Edition
DeepSight 42 42 2002 Symantec Corporation.
NEW - DeepSight 43 43 2002 Symantec Corporation.
170 14,000 44 44 2002 Symantec Corporation.
IDS Attack Correlation Engine Vulnerability & Event Databases Threat Analysts IDS Analyzer DB Threat Management Local System Global 45 45 2002 Symantec Corporation.
DB IP IDS 46 46 2002 Symantec Corporation.
ThreatCon Level 1 Level 2 Level 3 Level 4 47 47 2002 Symantec Corporation.
ISP IP 48 48 2002 Symantec Corporation.
49 49 2002 Symantec Corporation. IDS
1300 2700 11,000 DB 50 50 2002 Symantec Corporation.
/ 51 51 2002 Symantec Corporation.
52 52 2002 Symantec Corporation.