Security Management for Large Computer Networks

1. By Sowmya.Y Security Management for Large Computer Networks

2. Index • Definition • Aspects of Security Management • Assessment criteria for designing Security Management System • Conclusion • References

3. ISO has defined five key functional areas of network management: • fault management • accounting management • configuration management • performance management • security management

4. Security Management: Security Management is the process of controlling the security of a complex data network so as to maximize the security level that provides to its users.

5. Aspects of Security Management: • Security Management is one of the five management functions defined by ISO/OSI, which covers two aspects: • Management of Security(MoS) • Security of Management(SoM)

6. Management of Security(MoS): • MoS(Management of Security) provides the means by which the security services, mechanisms and security related information are managed.

7. Security of Management(SoM): • SoM(Security of Management) covers security of all functions and security of communication of management system and information.

8. Assessment Criteria: • Scalability • Flexibility-Extensibility • Integration with existing IT infrastructure • Information aggregation and filtering • Security of reserved information • Minimization of resource allocation • Customization

9. Scalability: A management tool must be designed in such a way that it provides the same or improved services as the information and computing resources grow and become distributed. • Flexibility-Extensibility: A security management tool must be capable to easily merge any changes to the corporate infrastructure.

10. Integration with existing information and technological infrastructure: A Security Management tool must be designed to coexist with pre-established technological investments of organization's management. • Information aggregation and filtering: Depending on the domain size the security administrator should be capable of deciding the aggregation and filtering level of the selected security information.

11. Security of reserved Information: Sensitive information should be collected and exchanged by security management system’s components. • Minimization of resource allocation: System that minimize the allocation of network resources required for its operation.

12. Customization: A Security Management system must provide the security administrator with the potential to customize the collected security related information according to organizational needs and expectations.

13. Conclusion: • The derived tool can be easily integrated with existing network management tools • Our security network management architecture guarantees scalability and extensibility. • Integration and authentication of information is guaranteed

14. References: • http://www.cisco.com/en/US/docs/internetworking/technology/handbook/NM-Basics.html • http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=740529 • http://ieeexplore.ieee.org/Xplore/login.jsp?url=/iel5/6648/17751/00820481.pdf?arnumber=820481

15. Q & A

16. Thank You!!