Title: OnSecure
1OnSecure
Security In Government 2004
- Dr. Michael Cohen
- Senior Technical Adviser
- Information Security Group
- Defence Signals Directorate
- Ms. Carol Bott
- ISIDRAS Operations Manager
- Information Security Group
- Defence Signals Directorate
2SIG 2004OnSecure Site Goals
- Create and foster an IT Security community within
federal government
- encourage and facilitate the exchange of
information about - IT problems and their solutions
- have a policy, technological and technical focus
- personal opinions and experiences can be shared
- open for input from ANY user
3SIG 2004OnSecure Site Goals contd.
- Provide information for the general public
- include a subset of articles posted on the
private site
- policy documents
- best configuration practices
- security advice
- aimed at any level of expertise from beginners
to power users
4(No Transcript)
5SIG 2004OnSecure Site Goals contd.
- Create a secure mechanism for enhanced government
reporting
- secure and confidential handling of log material
- allow automated log submission by government
agencies
- trend analysis for whole of government threat
reporting
- highest security classification of data -
X-in-Confidence
6(No Transcript)
7SIG 2004OnSecure Site Features
- current events (conferences, meetings, forums)
- notable new content (eg virulent malware,
important security - patches released)
- users may contribute news items
- users may submit URLs of useful or interesting
security - related software
- users may vote and post comments about links
and items
8(No Transcript)
9SIG 2004OnSecure Site Features - contd
- provide answers to some frequently-asked
questions that are - related to common processes, eg how to upload
log material to - accompany ISIDRAS report
- users may submit review comments on articles
posted, expressing - their experiences with products, processes,
or services
10SIG 2004OnSecure Site Features - contd
- there are currently 3 forums
- Government only
- Incident Response
- General / Contractor
- users may elect to belong to a mailing list,
where important - announcements are made
- eg what was the effect of the latest virus on
your agency?
11(No Transcript)
12SIG 2004OnSecure Site Features - contd
- Distributed Administration
- administration privileges can be shared and
distributed in a - number of categories
- moderation
- user management
- article and content submission
13SIG 2004OnSecure The Future
- OnSecure will become the primary point of
information and resources for Information
Security Practitioners within government agencies.
- OnSecure will be used by us to
- get information out quickly and securely (eg
advisories)
- distribute quarterly ISIDRAS reports
- provide updates to various DSD publications
(eg ACSI-33)
14SIG 2004OnSecure The Future - contd
- OnSecure will be used by you to
- share experiences with others of your ilk
- its nice to get Category 2 reports
- its required by the PSM to lodge Category 3
and 4 - incident reports
15SIG 2004OnSecure Site Architecture
Web Servers and Fail Over
DMZ
Choke FW
Bastion
Content Server
Agency User
16SIG 2004OnSecure Log Submission
OnSecure Manager
OnSecure Log Submission Registration Application
Agency Delegate
OnSecure Content Server
Log Server
Periodic uploads via SSH-based Secure Copy
17SIG 2004OnSecure User Registration Process
Agency Delegate
Application Form for Agency Delegation
dmin
Admin Info.
Ifo
Manage Accounts Via OnSecure Site
OnSecure Secure Site
Usernames and Password