IT RoadMap
Transcript: Intrusion Detection System Information Security Monitoring Vulnerabilities Identification: - Operating System Level - Service (IIS, ...) Level - ASP application Level: Amazon side possibilities Blocking the countries out of business scope Cluster appliance installation alternative Tailor-made solution alternative Performance SLA (Amazon dependency) 7/24 monitoring of the services Monitoring software installation/configuration Escalation Penetration Test OS/Services Hardening Firewall IDS/IPS Information Security Monitoring Firewall IIS/DB Performance Tuning Backup Monitoring Geographical Redundancy Operating System Level IIS Level: - Intrusion module tuning/review - Pros / Cons - Evaluating other alternatives Application Level: - Disabling unused functions - Disable not necessary parametrization Performing DoS attack and monitor Brute-force authentication attack Blocking suspicious country IPs . Roadmap ., Availability Backup Penetration Test OS/Services Hardening Installation of software consolidating the logs from the Operation System/Services Tuning of the reporting according to the application dynamics Periodic monitoring of the reports Monitoring Compliance Network Determination of the Best Practices/Standards: - Operating System level - Services(IIS, Intrusion module, DB, …) level - Codebase - Naming Documentation Applying the standards on all projects Clarify Amazon dependencies Load Balancing 14 Subat Intrusion Detection/Prevention (IDS/IPS) Penetration Test, fixing, retest Rule based IDS Statistical IDS Firewall integration (Amazon dependency) Reporting IIS tunings (kernel-mode, user-mode) DB level execution plans DB indexes review Latency limitation tests Bandwidth limitation tests QoS (Amazon dependency) Active/passive instances on another EC2 region/Turkey Codebase & DB replication Security Operation System Tuning Network Operating System Load Balancing IIS/DB Performance Tuning TCP parameters I/O priorities Queue lengths File System block-size SQL injection URL manipulation GET/POST methods CSS ... Information Security Monitoring Geographical Redundancy Review of the current load balancer (Parameterization, switchover test) DB based vs. HTTP based sessions performance analysis (Amazon Dependency) Backup schedules review Codebase backups Restore Procedure/Test