30 likes | 108 Views
Security Layers - General. There are at least three levels: MIT firewalls Penetration testing, Tripwire, packet monitoring, etc. Broad New Cisco firewalls Route to host servers Explicit Allows only Wireless access goes out to MIT firewall Open jack goes to Broad firewall
E N D
Security Layers - General • There are at least three levels: • MIT firewalls • Penetration testing, Tripwire, packet monitoring, etc. • Broad • New Cisco firewalls • Route to host servers • Explicit Allows only • Wireless access goes out to MIT firewall • Open jack goes to Broad firewall • CARE Center application itself
The World MIT The Broad Institute Firewalls On LIMS Used for authentication for VPN access MIT Host A Cisco ASA 5540 Internet “Cloud” Radius DB Core Router Host B Cisco ASA 5540 Host on server … Access Rules for Subnets: Explicit allows, e.g., allow host on LIMS to talk to host on server Must be in the list to permit access Allow Rules: Explicit allows – http = 80 -> host Ssh = 22 -> host https = 443 (SSL) Unregistered 10.10 domain Open jack Wireless
Security Layers - Application • Genetic Analysis Platform application security: • Role-based security • Passwords that expire • Audit trails track user activity • Detailed information available in NIH Application/System Security Plan for CARE Center