Security Management - IT Library : ZDNet Asia

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Intrusion Detection and Security Auditing in Oracle 2007-10-18 Application Security

Monitoring the database applications is a critical component of achieving a strong defense-in-depth around the sensitive data. However, to be efficient and effective one must use the right combination of tools. Monitoring should never replace other layers in the security stack, instead it should complement the existing pieces. Database intrusion detection and security auditing continues to grow in importance because of the rising volume of successful database attacks, and the resulting security legislation and regulations. Clearly, database intrusion detection and security auditing comes with its complexities. Monitoring the databases is a useful tactic, but only if used in conjunction with a well-conceived and balanced security plan.

Tags: Security Tools, Intrusion Detection Systems

Biometrics - How to Render Portable Data Security Convenient 2007-10-01 CoSoSys SRL

As storage technology breakthroughs become a day to day fact, the world shifts focus to smaller and smaller devices to store data. From laptops and notebooks to pocket PCs and external hard drives, the trend is easy to understand. This is why USB flash drives, also known as UFDs, are so popular these days: they are small enough to be placed in one's tiniest pockets and carry large amounts of data. But the features one is mostly looking for in such devices - their portability and convenience that entail enhanced mobility, also make them an easy target to theft and even easier to misplace.

Tags: Data Recovery - Security

Sendmail 8.13.3 Secure Mailing Solution 2007-10-01 Hewlett-Packard (HP)

This white paper discusses the STARTTLS and AUTH features that are supported in Sendmail 8.13.3. It also describes how to configure these features on HP-UX systems, to provide an effective secure mailing solution. In addition, this white paper includes selected usage models and examples, and discusses the benefits of using these Sendmail 8.13.3 features on HP-UX systems. This whitepaper also describes how to create a Certificate Authority (CA) and to prepare or sign certificates for Sendmail 8.13.3 servers.

Tags: Email, HP-UX

The Threat to Data Center Hard Drives 2007-10-01 Seagate Technology

In addition to online threats, sensitive information stored in data centers can be compromised by physical theft or misplacement of hard drives, or by a lack of vigilance in managing routine processes such as off-site maintenance and retirement. This exposure has been amply demonstrated by a series of reported data center security breaches that prove storage network hard drives are not nearly as static or safe as once thought. No matter how the data is compromised, the legal and financial repercussions can be severe. Security administrators must take steps to protect confidential information stored on data center drives. Encryption provides safe harbor for compliance with a growing body of regulatory requirements.

Tags: Data Center

Security Best Practices Guide for ICM and IPCC Enterprise & Hosted Editions 2007-10-01 Cisco Systems

This paper describes security hardening configuration guidelines for Cisco ICM Software Release 7.0(0) on Windows Server 2003. The term "ICM software" includes IP Contact Center (IPCC) Enterprise and Hosted Editions, System IPCC, and ICM Enterprise and Hosted Editions. Optional ICM applications applying to these server configurations are also addressed here, with the exception of the Web Collaboration Option Collaboration Server, Media Blender (when not co-resident with a PG; if co-resident with a PG then these best practices is applicable), Dynamic Content Adapter and E-mail Manager Option. The configurations presented in this paper represent parameters used internally within Cisco to develop and test the applications.

Tags: Security Tools, Best Practices

Automating McAfee ePO: Practical Ways to Use McAfee ePolicy Orchestrator 4.0 to Save Time and Improve Compliance 2007-10-01 McAfee

This paper describes some of the most beneficial ways to apply new McAfee ePolicy Orchestrator (ePO) 4.0 workflow automation and management tools. These new ePO capabilities will help to eliminate errors, save precious administration time, and speed decision-making. Using three typical user scenarios - McAfee point product deployment, virus outbreak, and auditor visit - it briefly demonstrates key techniques that will benefit most organizations.

McAfee Data Loss Prevention: Best Practices Guide 2007-09-01 McAfee

All companies risk the loss of sensitive data as confidential or proprietary information escapes through unauthorized channels. Data losses translate to billions in dollar losses every year, in the form of damaged brand equity, fines for regulatory violations, and opportunity costs resulting from stolen intellectual property. Given the high stakes involved, enterprises must implement strong and well-designed safeguards for sensitive data. This paper provides a road map for creating an effective enterprise Data Loss Prevention (DLP) program. It outlines the necessary steps for managing data usage, from initial risk assessment and planning, to data classification and policy architecture, to deployment and maintenance of automated loss prevention tools.

Tags: Data Recovery - Security, Best Practices

Security Implications of the Virtualized Datacenter 2007-08-17 F5 Networks

With enterprise-class virtualization software hitting the market from VMware and Microsoft (ESX Virtual Infrastructure and Virtual PC, respectively), large names and support dollars are backing the virtual data center migration. Microsoft's Longhorn platform will ship with a native hypervisor, allowing direct virtualization via the operating system without the installation of a third party VMM. CPU manufacturers are rapidly working on implementing hardware-based hypervisors, such as AMD's Pacifica project. It is now almost common-place for corporate IT divisions to replace en masse the single-purpose 1U machine hosting one operating system with a 4U machine hosting 20 independent operating systems.

Tags: Data Center, Virtualization

No Back Doors; No Open Windows 2007-08-10 SECUDE International

Full Disk Encryption (FDE) has been hailed as the final word in Data-At-Rest (DAR) security by many in the industry, but some fail to recognize that encryption is only as secure as the authentication used to access it. Encryption without strong authentication is like locking the door and then leaving the key in the lock while one walks away. Leaving authentication to the operating system is one step better, but only gives the user the security of hiding the key under the doormat.

Tags: Data Recovery - Security

Best Practices in Authentication and Access Control 2007-08-08 Nevis Networks

User authentication is necessary for identity based access control, and 802.1X clearly promises to meet this need. 802.1X has been around for a number of years and has been proposed as the user authentication solution for both wired and wireless LANs. This paper describes 802.1X and its role in pre-connect LAN Security.

Tags: Best Practices

Jump to 1 2 3 4 [5] 6 7 8 9 10

Title	Date Added	Company
Intrusion Detection and Security Auditing in Oracle	2007-10-18	Application Security
Monitoring the database applications is a critical component of achieving a strong defense-in-depth around the sensitive data. However, to be efficient and effective one must use the right combination of tools. Monitoring should never replace other layers in the security stack, instead it should complement the existing pieces. Database intrusion detection and security auditing continues to grow in importance because of the rising volume of successful database attacks, and the resulting security legislation and regulations. Clearly, database intrusion detection and security auditing comes with its complexities. Monitoring the databases is a useful tactic, but only if used in conjunction with a well-conceived and balanced security plan. Tags: Security Tools, Intrusion Detection Systems
Biometrics - How to Render Portable Data Security Convenient	2007-10-01	CoSoSys SRL
As storage technology breakthroughs become a day to day fact, the world shifts focus to smaller and smaller devices to store data. From laptops and notebooks to pocket PCs and external hard drives, the trend is easy to understand. This is why USB flash drives, also known as UFDs, are so popular these days: they are small enough to be placed in one's tiniest pockets and carry large amounts of data. But the features one is mostly looking for in such devices - their portability and convenience that entail enhanced mobility, also make them an easy target to theft and even easier to misplace. Tags: Data Recovery - Security
Sendmail 8.13.3 Secure Mailing Solution	2007-10-01	Hewlett-Packard (HP)
This white paper discusses the STARTTLS and AUTH features that are supported in Sendmail 8.13.3. It also describes how to configure these features on HP-UX systems, to provide an effective secure mailing solution. In addition, this white paper includes selected usage models and examples, and discusses the benefits of using these Sendmail 8.13.3 features on HP-UX systems. This whitepaper also describes how to create a Certificate Authority (CA) and to prepare or sign certificates for Sendmail 8.13.3 servers. Tags: Email, HP-UX
The Threat to Data Center Hard Drives	2007-10-01	Seagate Technology
In addition to online threats, sensitive information stored in data centers can be compromised by physical theft or misplacement of hard drives, or by a lack of vigilance in managing routine processes such as off-site maintenance and retirement. This exposure has been amply demonstrated by a series of reported data center security breaches that prove storage network hard drives are not nearly as static or safe as once thought. No matter how the data is compromised, the legal and financial repercussions can be severe. Security administrators must take steps to protect confidential information stored on data center drives. Encryption provides safe harbor for compliance with a growing body of regulatory requirements. Tags: Data Center
Security Best Practices Guide for ICM and IPCC Enterprise & Hosted Editions	2007-10-01	Cisco Systems
This paper describes security hardening configuration guidelines for Cisco ICM Software Release 7.0(0) on Windows Server 2003. The term "ICM software" includes IP Contact Center (IPCC) Enterprise and Hosted Editions, System IPCC, and ICM Enterprise and Hosted Editions. Optional ICM applications applying to these server configurations are also addressed here, with the exception of the Web Collaboration Option Collaboration Server, Media Blender (when not co-resident with a PG; if co-resident with a PG then these best practices is applicable), Dynamic Content Adapter and E-mail Manager Option. The configurations presented in this paper represent parameters used internally within Cisco to develop and test the applications. Tags: Security Tools, Best Practices
Automating McAfee ePO: Practical Ways to Use McAfee ePolicy Orchestrator 4.0 to Save Time and Improve Compliance	2007-10-01	McAfee
This paper describes some of the most beneficial ways to apply new McAfee ePolicy Orchestrator (ePO) 4.0 workflow automation and management tools. These new ePO capabilities will help to eliminate errors, save precious administration time, and speed decision-making. Using three typical user scenarios - McAfee point product deployment, virus outbreak, and auditor visit - it briefly demonstrates key techniques that will benefit most organizations.
McAfee Data Loss Prevention: Best Practices Guide	2007-09-01	McAfee
All companies risk the loss of sensitive data as confidential or proprietary information escapes through unauthorized channels. Data losses translate to billions in dollar losses every year, in the form of damaged brand equity, fines for regulatory violations, and opportunity costs resulting from stolen intellectual property. Given the high stakes involved, enterprises must implement strong and well-designed safeguards for sensitive data. This paper provides a road map for creating an effective enterprise Data Loss Prevention (DLP) program. It outlines the necessary steps for managing data usage, from initial risk assessment and planning, to data classification and policy architecture, to deployment and maintenance of automated loss prevention tools. Tags: Data Recovery - Security, Best Practices
Security Implications of the Virtualized Datacenter	2007-08-17	F5 Networks
With enterprise-class virtualization software hitting the market from VMware and Microsoft (ESX Virtual Infrastructure and Virtual PC, respectively), large names and support dollars are backing the virtual data center migration. Microsoft's Longhorn platform will ship with a native hypervisor, allowing direct virtualization via the operating system without the installation of a third party VMM. CPU manufacturers are rapidly working on implementing hardware-based hypervisors, such as AMD's Pacifica project. It is now almost common-place for corporate IT divisions to replace en masse the single-purpose 1U machine hosting one operating system with a 4U machine hosting 20 independent operating systems. Tags: Data Center, Virtualization
No Back Doors; No Open Windows	2007-08-10	SECUDE International
Full Disk Encryption (FDE) has been hailed as the final word in Data-At-Rest (DAR) security by many in the industry, but some fail to recognize that encryption is only as secure as the authentication used to access it. Encryption without strong authentication is like locking the door and then leaving the key in the lock while one walks away. Leaving authentication to the operating system is one step better, but only gives the user the security of hiding the key under the doormat. Tags: Data Recovery - Security
Best Practices in Authentication and Access Control	2007-08-08	Nevis Networks
User authentication is necessary for identity based access control, and 802.1X clearly promises to meet this need. 802.1X has been around for a number of years and has been proposed as the user authentication solution for both wired and wireless LANs. This paper describes 802.1X and its role in pre-connect LAN Security. Tags: Best Practices

Security

Featured Whitepapers

Member Login

10 million IT Folks can't be wrong with their server choice.

Oracle Technology Solutions for Midsize Businesses

Country Report: India