Welcome to Scribd!

ESP Technical Overview1

Uploaded by

0% found this document useful (0 votes)

13 views22 pages

Software Engineering Institute ESP Technical Overview Marty Lindner September 2000 Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by the U.S. Department of Defense. ESP is a web site that is used by a group of people sharing a common interest or need Software Engineering Institute What is the "ESP"

Original Description:

Copyright

Available Formats

PPT, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

13 views22 pages

ESP Technical Overview1

Uploaded by

Juan Jose Ventura

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 22

Search inside document

Carnegie Mellon University

Software Engineering Institute

ESP Technical Overview

Marty Lindner September 2000
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890
Sponsored by the U.S. Department of Defense 2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

Agenda
What is ESP Goals of the ESP ESP Technology Overview

2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

What is the ESP

Extranet for Security Professional

2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

What is the ESP

From a users perspective the ESP is a
web site that is used by a group of people sharing a common interest or need

2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

What is the ESP

From an IT professionals perspective the
ESP is a secure web environment created by using
Commercial Off The Shelf (COTS) products Good Programming Practices Strict network policies enforced by multiple

firewalls and intrusion detection systems Automated intrusion detection software developed for the ESP environment
2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

What is the ESP

A set of collaboration
tools used thru a common web interface
Mail Tool Calendar Tool Document

Collaboration Tool Document Library

2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

Goals of the ESP

Minimal cost to the end users Provide a mechanism for sharing
FOUO/SBU information over the public internet Maintain the highest level of security

2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

ESP Technology Overview

2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

ESP Infrastructure
The Internet

Router

Firewall

Web Servers
To: George Marty From: Steve

Workstation
2000 by Carnegie Mellon University

Database Servers

Firewall

Carnegie Mellon University

Software Engineering Institute

End User Workstation

The Internet

Router

Firewall

Web Servers
To: George Marty From: Steve

Workstation
2000 by Carnegie Mellon University

Database Servers

Firewall

Carnegie Mellon University

Software Engineering Institute

End User Workstation

One of the ESP goals is to minimize the
cost to the end user The only end user requirement is a web browser that supports U.S. domestic encryption (128 bits)

2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

The Internet
The Internet

Router

Firewall

Web Servers
To: George Marty From: Steve

Workstation
2000 by Carnegie Mellon University

Database Servers

Firewall

Carnegie Mellon University

Software Engineering Institute

The Internet
The ESP technology makes one
assumption about the Internet
You can not trust it!

To overcome this lack of trust, the ESP

uses the Secure Socket Layer (SSL) protocol and X.509 certificates to provide authenticity, integrity and confidentiality
www.ietf.org\rfc\rfc2246.txt
2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

SSL Security
The Internet

Router

Firewall

SSL provides a secure path through the Internet Web Servers

To: George Marty From: Steve

Workstation
2000 by Carnegie Mellon University

Database Servers

Firewall

Carnegie Mellon University

Software Engineering Institute

Firewall Strategy
The Internet

Router

Firewall

Multiple inline firewalls create more complex maze for intruders to navigate
To: George Marty From: Steve

Web Servers

Workstation
2000 by Carnegie Mellon University

Database Servers

Firewall

Carnegie Mellon University

Software Engineering Institute

Firewall Strategy
Multiple firewalls randomly inserted
into the network topology
Sidewinder 5.0 www.securecomputing.com Guardian www.netguard.com Cisco Secure PIX Firewall www.cisco.com Linux IPchains www.linuxdocs.org
2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

Network Monitoring
The Internet

Router

Firewall

Passive network monitoring tools assist and automate the intrusion detection process
To: George Marty From: Steve

Web Servers

Workstation
2000 by Carnegie Mellon University

Database Servers

Firewall

Carnegie Mellon University

Software Engineering Institute

Network Monitoring
Several passive network monitoring
agents are used to detect signs of intrusion
Real Secure 3.2 www.iss.net Snort 1.6.3 www.snort.org

2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

Web Server Security

The Internet

Router

Firewall

To:

George Marty From: Steve

The middleware enhances security by incorporating additional authentication techniques

Web Servers

Workstation
2000 by Carnegie Mellon University

Database Servers

Firewall

Carnegie Mellon University

Software Engineering Institute

Web Server Security

System is dedicated to web services only No additional services offered Software
Hardened Windows NT 4.0 www.microsoft.com Tripwire system integrity software 2.2.1 www.tripwire.com Netscape Enterprise Server 3.63 home.netscape.com Cold Fusion Server 4.5.1 www.alliare.com

2000 by Carnegie Mellon University

Carnegie Mellon University

Software Engineering Institute

Database Security
The Internet

Router

Firewall

The database only responds to authenticated requests from the Web servers
To: George Marty From: Steve

Web Servers

Workstation
2000 by Carnegie Mellon University

Database Servers

Firewall

Carnegie Mellon University

Software Engineering Institute

Database Security
Database servers only except
communications from an authenticated IPsec session
www.ietf.org\rfc\rfc2401.txt

2000 by Carnegie Mellon University

Electronic Security Systems: A Manager's Guide to Evaluating and Selecting System Solutions
From Everand
Electronic Security Systems: A Manager's Guide to Evaluating and Selecting System Solutions
Robert Pearson
No ratings yet
Build Internet Infrastructure
Document88 pages
Build Internet Infrastructure
ÑätÎnk Et
100% (2)
Information Security Assessment Process
Document23 pages
Information Security Assessment Process
Narender Kumar
No ratings yet
SSL VPN : Understanding, evaluating and planning secure, web-based remote access
From Everand
SSL VPN : Understanding, evaluating and planning secure, web-based remote access
Tim Speed
No ratings yet
Cisco
Document12 pages
Cisco
aswathi1
100% (2)
Network Security v1.0 - Module 22
Document16 pages
Network Security v1.0 - Module 22
Hussein Kipkoech
No ratings yet
Sample
Document172 pages
Sample
Ech Sec04
No ratings yet
Fortinet Teleworker Solution
Document54 pages
Fortinet Teleworker Solution
greenpeacerom
No ratings yet
IPSec VPNs - An Overview - Presentation
Document157 pages
IPSec VPNs - An Overview - Presentation
namalka_omar
No ratings yet
Fireware Essentials - Exam.47q: Number: Fireware Essentials Passing Score: 800 Time Limit: 120 Min
Document30 pages
Fireware Essentials - Exam.47q: Number: Fireware Essentials Passing Score: 800 Time Limit: 120 Min
Testing fool
No ratings yet
Tutorial Mikrotik Komplet
Document432 pages
Tutorial Mikrotik Komplet
Indra S Wahyudi
67% (3)
Ec Council Certified Security Analyst Ecsa v8
Document5 pages
Ec Council Certified Security Analyst Ecsa v8
fazli3036
No ratings yet
CSCUv2
Document6 pages
CSCUv2
Kriz Anthony Zuniega
100% (1)
Ddos Detect Mikrotik
Document30 pages
Ddos Detect Mikrotik
Alin
No ratings yet
Troubleshooting ASA Firepower NGFW
Document190 pages
Troubleshooting ASA Firepower NGFW
Majnu Sm
No ratings yet
Ec Council Certified Security Analyst Ecsa v8
Document5 pages
Ec Council Certified Security Analyst Ecsa v8
Junaid Habibullaha
No ratings yet
Ec Council Certified Security Analyst Ecsa v8
Document5 pages
Ec Council Certified Security Analyst Ecsa v8
Junaid Habibullaha
No ratings yet
Ec Council Certified Security Analyst Ecsa v8
Document5 pages
Ec Council Certified Security Analyst Ecsa v8
CArlos chile
No ratings yet
CCNA Security - Chapter 1 - Modern Network Security Threats PDF
Document73 pages
CCNA Security - Chapter 1 - Modern Network Security Threats PDF
blackcatnogo
No ratings yet
How To Secure
Document12 pages
How To Secure
trq
No ratings yet
Scope and Coverage: Topic 8 - Security Software Computer Networks
Document20 pages
Scope and Coverage: Topic 8 - Security Software Computer Networks
Sarge Chisanga
No ratings yet
Build Internate Infrastructure Handout PDF
Document28 pages
Build Internate Infrastructure Handout PDF
Jalel Bejo Gudina
50% (6)
Netsec
Document33 pages
Netsec
hk3987gmailcom
No ratings yet
CCNA Security 06
Document99 pages
CCNA Security 06
Mohammad Taslim Majid
No ratings yet
Practical - Deploying Windows Firewall and IPsec Policies
Document75 pages
Practical - Deploying Windows Firewall and IPsec Policies
TharsanJeyachandran
No ratings yet
Cybersecurity Course Packet
Document8 pages
Cybersecurity Course Packet
Micky Elonga
No ratings yet
Security Best Practices2
Document35 pages
Security Best Practices2
Arsalan Khan
No ratings yet
Part-Time Online Cybersecurity Bootcamp: 24 Weeks To A Cyber Career
Document8 pages
Part-Time Online Cybersecurity Bootcamp: 24 Weeks To A Cyber Career
Ken
No ratings yet
Chapter 9 Case Study
Document4 pages
Chapter 9 Case Study
gabymena06
No ratings yet
Semir Lipnicevic
Document2 pages
Semir Lipnicevic
Igorruzic7
No ratings yet
ARP Poison Routing: An Attack at Indiana University
Document39 pages
ARP Poison Routing: An Attack at Indiana University
Joshua Harris
No ratings yet
Everything You Need To Know About Cybersecurity - THAT CYBERSECURITY DUDE
Document20 pages
Everything You Need To Know About Cybersecurity - THAT CYBERSECURITY DUDE
Akhilesh Jadhav
No ratings yet
Computer Network Administration and Security Management
Document22 pages
Computer Network Administration and Security Management
Yeiayel Ngoumtsop
No ratings yet
Securing The Internet of Things: Mark Horowitz Stanford School of Engineering
Document37 pages
Securing The Internet of Things: Mark Horowitz Stanford School of Engineering
Anonymous LUIwju87AR
No ratings yet
CCNP Security - CCIE - CCNP Security Training in Hyderabad - Golars Networks
Document8 pages
CCNP Security - CCIE - CCNP Security Training in Hyderabad - Golars Networks
GolarsNetworks
No ratings yet
Module 09: Configuring Threat Protection: MD-100 Windows 10
Document35 pages
Module 09: Configuring Threat Protection: MD-100 Windows 10
CourageMarume
No ratings yet
Challenges of Network Security
Document13 pages
Challenges of Network Security
Mathanasegar Abiserck
No ratings yet
Network Security Topics
Document6 pages
Network Security Topics
giahuytk12
No ratings yet
UrviShrivastava (8 0) PDF
Document3 pages
UrviShrivastava (8 0) PDF
swaroopa Rani
No ratings yet
Cisco Security Appliance Technology and Features: Lesson 1
Document21 pages
Cisco Security Appliance Technology and Features: Lesson 1
didij99
No ratings yet
GNIIT Tracks
Document50 pages
GNIIT Tracks
Arunita Wilson
No ratings yet
MD 100T00 ENU PowerPoint - M09
Document32 pages
MD 100T00 ENU PowerPoint - M09
A
No ratings yet
ملخص شابتر١
Document6 pages
ملخص شابتر١
Norah Khalil
No ratings yet
Chapter: 11.2 Overview of Internet Security Topic: 11.2.1 Overview of Internet Security
Document7 pages
Chapter: 11.2 Overview of Internet Security Topic: 11.2.1 Overview of Internet Security
ETL LABS
No ratings yet
9670 Greg Brown Presentation v1
Document21 pages
9670 Greg Brown Presentation v1
Tom Wang
No ratings yet
Network Security SRS for Software Requirements
Document26 pages
Network Security SRS for Software Requirements
Samar Jeet
No ratings yet
LTE Security Presentation
Document11 pages
LTE Security Presentation
soueee
No ratings yet
5 Cisco
Document16 pages
5 Cisco
abhiraj1234
No ratings yet
TM Apex One Training Course Overview
Document2 pages
TM Apex One Training Course Overview
Lisa
No ratings yet
CCNA Exp4 - Chapter04 - Network Security
Document139 pages
CCNA Exp4 - Chapter04 - Network Security
http://heiserz.com/
No ratings yet
CCNA Sec Slides
Document92 pages
CCNA Sec Slides
yassine rezgui
No ratings yet
EL Cyber Security Product Portfolio
Document7 pages
EL Cyber Security Product Portfolio
aaa
No ratings yet
Alphabetical Reference of Terms
Document95 pages
Alphabetical Reference of Terms
kabi6713
No ratings yet
CNS Main File
Document43 pages
CNS Main File
dbmsvipin762
No ratings yet
07 PENDIENTE ECSS-brochure-2023
Document14 pages
07 PENDIENTE ECSS-brochure-2023
enrique prats perez
No ratings yet
Electronic Commerce Security
Document48 pages
Electronic Commerce Security
priya siju
No ratings yet
Reg. No.: 090907185 Roll No.:198, Section: D (21) : Department of Electronics and Communication Engineering, MIT, Manipal
Document18 pages
Reg. No.: 090907185 Roll No.:198, Section: D (21) : Department of Electronics and Communication Engineering, MIT, Manipal
Disha Makkar
No ratings yet
University of Palestine: Information Security and Risk Management
Document48 pages
University of Palestine: Information Security and Risk Management
Luay Kronz
No ratings yet
Bug Bounty Topics
Document11 pages
Bug Bounty Topics
Aaron Prey
No ratings yet
Cissp, Cisa, Cism, Crisc, CCSP, Itil
Document4 pages
Cissp, Cisa, Cism, Crisc, CCSP, Itil
UmAiR A
No ratings yet
Network Security: Presented by
Document24 pages
Network Security: Presented by
Sharmila Saravanan
No ratings yet
Chapter 4
Document71 pages
Chapter 4
Nur Syabila Zabidi
No ratings yet
CrashOverride ADMS
Document21 pages
CrashOverride ADMS
Pedrito Orange
No ratings yet
INFO409: COMPUTER SECURITY AND IP SECURITY
Document55 pages
INFO409: COMPUTER SECURITY AND IP SECURITY
Tanaka Matend
No ratings yet
Configuring IPCop Firewalls: Closing Borders with Open Source
From Everand
Configuring IPCop Firewalls: Closing Borders with Open Source
Barrie Dempster
No ratings yet
Hotspot Mikrotik 2.8
Document13 pages
Hotspot Mikrotik 2.8
Wjos RRivera
No ratings yet
Webmin User Guide
Document808 pages
Webmin User Guide
Abe Li
100% (4)
Envision CRL Rules PDF
Document182 pages
Envision CRL Rules PDF
jerkuser
No ratings yet
Securing Networks With Cisco Firepower Next Generation Firewall SSNGFW
Document5 pages
Securing Networks With Cisco Firepower Next Generation Firewall SSNGFW
kalid
No ratings yet
TELES Training Exercises
Document16 pages
TELES Training Exercises
benhasan
No ratings yet
Lahore College For Women University: Department of Computer Science
Document2 pages
Lahore College For Women University: Department of Computer Science
saba
No ratings yet
CNS - Module-4-Network Security Notes
Document12 pages
CNS - Module-4-Network Security Notes
Aadhar Kumar Mishra
No ratings yet
Firewall Abstract)
Document2 pages
Firewall Abstract)
Nitish Yadav
100% (2)
Asm1 Security
Document55 pages
Asm1 Security
Hưng Lê
No ratings yet
Draytek Vigor 2910 & GreenBow IPSec VPN Software Configuration
Document17 pages
Draytek Vigor 2910 & GreenBow IPSec VPN Software Configuration
greenbow
100% (2)
MOUNT KENYA UNIVERSITY E-COMMERCE DOCUMENT TITLE
Document9 pages
MOUNT KENYA UNIVERSITY E-COMMERCE DOCUMENT TITLE
haggai
No ratings yet
WP BestPrac CyberSec PDF
Document16 pages
WP BestPrac CyberSec PDF
Luke Renz
No ratings yet
Advancing Automation VolumeXX Control Systems PDF
Document29 pages
Advancing Automation VolumeXX Control Systems PDF
varshimvisu01@gmail.com
No ratings yet
COMPUTER SCIENCE (083) QUESTION PAPER 70 MM
Document16 pages
COMPUTER SCIENCE (083) QUESTION PAPER 70 MM
SUPSNDI SINGH
No ratings yet
It Objektif
Document17 pages
It Objektif
Rabi'atul Adawiyah Z
No ratings yet
Soal Mtcna
Document3 pages
Soal Mtcna
Bobby Halim
No ratings yet
Unit 4
Document67 pages
Unit 4
RK K
No ratings yet
Palo Alto Networks PANOS 6 0 CEF Configuration Guide 2014
Document18 pages
Palo Alto Networks PANOS 6 0 CEF Configuration Guide 2014
Ryanb378
No ratings yet
Streamyx Troubleshooting FAQs
Document19 pages
Streamyx Troubleshooting FAQs
msccenter
No ratings yet
Atrg: Ips: Products Solution Support & Services Partners Resources
Document4 pages
Atrg: Ips: Products Solution Support & Services Partners Resources
Michel WA
No ratings yet
Fortigate 100f Series
Document10 pages
Fortigate 100f Series
bandedshark
No ratings yet
User Manual Mguard 74 en PDF
Document382 pages
User Manual Mguard 74 en PDF
Ionut Grozav
No ratings yet
Cryptography and Network Security: Chapter 20 - Firewalls
Document21 pages
Cryptography and Network Security: Chapter 20 - Firewalls
aditrup
No ratings yet
Master of Engineering in Cyber Security
Document22 pages
Master of Engineering in Cyber Security
deep
No ratings yet