OnSecure

1
OnSecure
Security In Government 2004

• Dr. Michael Cohen
• Senior Technical Adviser
• Information Security Group
• Defence Signals Directorate
• Ms. Carol Bott
• ISIDRAS Operations Manager
• Information Security Group
• Defence Signals Directorate

2
SIG 2004OnSecure Site Goals

• Create and foster an IT Security community within
  federal government

• encourage and facilitate the exchange of
  information about
• IT problems and their solutions

• have a policy, technological and technical focus

• personal opinions and experiences can be shared

• open for input from ANY user

3
SIG 2004OnSecure Site Goals contd.

• Provide information for the general public

• public web site

- include a subset of articles posted on the
private site

• providing

- policy documents
- best configuration practices
- security advice

• aimed at any level of expertise from beginners
  to power users

4
(No Transcript)
5
SIG 2004OnSecure Site Goals contd.

• Create a secure mechanism for enhanced government
  reporting

• secure and confidential handling of log material

• allow automated log submission by government
  agencies

• trend analysis for whole of government threat
  reporting

• highest security classification of data -
  X-in-Confidence

6
(No Transcript)
7
SIG 2004OnSecure Site Features

• News Items

• current events (conferences, meetings, forums)

• notable new content (eg virulent malware,
  important security
• patches released)

• users may contribute news items

• Downloads

• users may submit URLs of useful or interesting
  security
• related software

• users may vote and post comments about links
  and items

8
(No Transcript)
9
SIG 2004OnSecure Site Features - contd

• FAQs

• provide answers to some frequently-asked
  questions that are
• related to common processes, eg how to upload
  log material to
• accompany ISIDRAS report

• Reviews

• users may submit review comments on articles
  posted, expressing
• their experiences with products, processes,
  or services

10
SIG 2004OnSecure Site Features - contd

• Forums

• there are currently 3 forums

• Government only
• Incident Response
• General / Contractor

• Mailing Lists

• users may elect to belong to a mailing list,
  where important
• announcements are made

• Surveys

• eg what was the effect of the latest virus on
  your agency?

11
(No Transcript)
12
SIG 2004OnSecure Site Features - contd

• Distributed Administration

• administration privileges can be shared and
  distributed in a
• number of categories

• moderation
• user management
• article and content submission

13
SIG 2004OnSecure The Future

• OnSecure will become the primary point of
  information and resources for Information
  Security Practitioners within government agencies.

• OnSecure will be used by us to

• get information out quickly and securely (eg
  advisories)

• distribute quarterly ISIDRAS reports

• provide updates to various DSD publications
  (eg ACSI-33)

14
SIG 2004OnSecure The Future - contd

• OnSecure will be used by you to

• obtain information

• download tools

• share experiences with others of your ilk

• lodge ISIDRAS reports

• its nice to get Category 2 reports
• its required by the PSM to lodge Category 3
  and 4
• incident reports

15
SIG 2004OnSecure Site Architecture
Web Servers and Fail Over
DMZ
Choke FW
Bastion
Content Server
Agency User
16
SIG 2004OnSecure Log Submission
OnSecure Manager
OnSecure Log Submission Registration Application
Agency Delegate
OnSecure Content Server
Log Server
Periodic uploads via SSH-based Secure Copy
17
SIG 2004OnSecure User Registration Process
Agency Delegate
Application Form for Agency Delegation
dmin
Admin Info.
Ifo
Manage Accounts Via OnSecure Site
OnSecure Secure Site
Usernames and Password