Compaq 108164-003 - ProLiant - 800 White Paper
Compaq enterprise security framework
Hide thumbs
Also See for 108164-003 - ProLiant - 800:
- Integration notes (52 pages) ,
- Technical manual (38 pages) ,
- White paper (30 pages)
Table of Contents
Advertisement
Quick Links
August 1997
Prepared By
Internet Solutions
Business Unit
Compaq Computer
Corporation
C
O N T E N T S
Introduction ................ 3
Security
Environment................ 4
Security Environment:
Importance and Trends ..... 4
Security Environment:
Threats and Pressures ...... 5
Security Environment:
Enterprise Opportunities/
Risks ................................ 7
Security Environment:
Current Situation .............. 8
Understanding
Security..................... 10
Security Market ......... 13
Security Market: Firewall
Expansion ...................... 13
Security Market:
Identification and
Authentication
Importance ..................... 14
Security Market:
Balanced Hardware/
Software Solutions .......... 15
Security Market:
Proliferation/Limitation of
Security Offerings ........... 16
Enterprise Security
Framework ................ 18
Conclusion ................ 21
248A/0897ECG
W
HITE
. .
. .
Compaq Enterprise Security
. .
. .
. .
. .
Framework
. .
. .
. .
In the highly competitive world of enterprise computing, security has become an intricate
. .
. .
and critical element. The Compaq Enterprise Security Framework incorporates the latest
. .
. .
technology, a balanced hardware/software solution, and interoperablity with current
. .
security at multiple platform levels to clarify security solutions. Through use of The
. .
. .
Compaq Enterprise Security Framework, you can develop solutions that do not
. .
. .
compromise performance yet are still pragmatic and easy to use. In so doing, you can
. .
help to determine a practical roadmap for the deployment of enterprise security.
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
1
P
APER
Advertisement
Table of Contents
Related Manuals for Compaq 108164-003 - ProLiant - 800
Summary of Contents for Compaq 108164-003 - ProLiant - 800
- Page 1 In the highly competitive world of enterprise computing, security has become an intricate Corporation and critical element. The Compaq Enterprise Security Framework incorporates the latest technology, a balanced hardware/software solution, and interoperablity with current security at multiple platform levels to clarify security solutions. Through use of The...
- Page 2 This test is not a determination of product quality or correctness, nor does it ensure compliance with any federal, state or local requirements. Compaq does not warrant products other than its own strictly as stated in Compaq product warranties.
- Page 3 In charting a course, they must incorporate the latest technologies, adapt to new threats, and ensure that their solutions do not compromise performance. The Compaq Enterprise Security Framework addresses enterprise security in terms of computing platforms, secure computing technology, and the objectives required of a strong enterprise security policy.
-
Page 4: Environment
HITE APER (cont.) E C U R I T Y N V I R O N M E N T Computing security has always been critical to enterprises. However, in today’s environment the components of the computing world have changed in ways that make computing security more critical and complex. -
Page 5: Security Environment Threats And Pressures
HITE APER (cont.) residing on mainframes and mid-range systems in a closely monitored and physically secure environment – the glass house. In this setting, businesses deployed private, leased lines for external data transactions with known partners and used e-mail for internal communication only. In the new environment, a wide variety of enterprise computers either contain or connect to critical business information. - Page 6 HITE APER (cont.) Thieves can steal corporate laptops for their information and hardware value and sell assets to third parties (i.e. competitors). Physical security of home PCs is at risk from theft, and data stored on disks is at risk from viral attack.
-
Page 7: Security Environment Enterprise Opportunities Risks
HITE APER (cont.) The other potential “unfriendly” force is government. Government regulation of computing security is still evolving; however, it is possible that both the state and federal governments may begin to hold enterprises responsible for the privacy of consumer information. Security Environment: Enterprise Opportunities/Risks The business reasons for deploying enterprise security can be examined from an opportunity/cost perspective. -
Page 8: Security Environment Current Situation
HITE APER (cont.) On the opportunity side of the security equation, IT managers must consider the possibilities that can be pursued with robust security in place. These items could be revenue-enhancing and/or cost- reducing to business’ bottom line. The first category of opportunity is Electronic Commerce. Here, with adequate security, companies have the potential to sell their goods directly to their customers and potentially branch into new businesses. - Page 9 HITE APER (cont.) nature of some attacks, and because digital material can be copied without any evidence of access or theft. In addition, most computer crimes and security incidents go unreported because businesses are unwilling to reveal the weaknesses of their computer systems to outsiders. Vulnerability stems from the implementation of only basic security measures.
- Page 10 N D E R S T A N D I N G E C U R I T Y Compaq has laid out a security framework that provides a common set of easily understood terms with which to discuss security and to plan the deployment of security solutions. Computing security can be understood in terms of three inter-related dimensions (see Figure 5).
- Page 11 HITE APER (cont.) The product and technology categories for security solutions are hardware, software, and services (see figure 6). This initial categorization reveals the variety and complexity of solutions available in the security market Products/ Technologies Hardware Software Services Component locks/monitors Firewalls Certificate Authorities BIOS level firmware...
- Page 12 HITE APER (cont.) As a result of the diverse threats and vulnerabilities enterprises face, IT managers will need to deploy solutions that serve each security objective on every platform in order to form a complete security solution. For example, if a device does not have robust local authentication measures, parties may use this station as a launching pad for attacks on local network services that trust the identity of individual devices.
-
Page 13: Security Market: Firewall Expansion
With a clearer picture of the computing security solution marketplace, enterprise decision-makers can identify and understand the implications of critical market trends on their purchasing decisions. Compaq has identified four key computing security trends that have important repercussions for enterprise customers and Compaq’s own security strategy:... -
Page 14: Identification And Authentication Importance
HITE APER (cont.) encompass a broader range of security objectives. Leading vendors have entered into acquisitions and partnerships in order to offer new functionality. New functionality includes web filtering, limiting the web locations employees may visit, VPN abilities allowing encrypted communications between firewalls, networks or remote clients, screening capabilities for Java and ActiveX code, and logging software to audit network traffic. -
Page 15: Security Market Balanced Hardware Software Solutions
HITE APER (cont.) enough to be implemented immediately at the local level, without coordination with other network devices. Digital certificates are paving the way for interoperable, secure identification across the Internet. Digital certificates are small pieces of software that use public-key cryptography to create a unique digital signature (or ID), reliably identifying a party across a network. -
Page 16: Security Market Proliferation/Limitation Of Security Offerings
HITE APER (cont.) 1995 to $1.4 billion in 2000. In order to provide a total solution, systems companies will need to develop or acquire software expertise. — Change Issues — — Customer Decisions — Security products are adding/improving Selected hardware is essential for strength functionality at a rapid rate and performance of security Important standards remain undetermined... - Page 17 HITE APER (cont.) — Example Companies — Authentication Smartcards/ Servers Tokens Security Dynamics Certificate Security Dynamics Enigma Logic Siemens Nixdorf Authorities Leemah Datacom VeriSign Schlumberg CyberTrust (GTE) Entrust Firewalls Network Hardware CheckPoint Cisco Raptor Bay Networks Secure 3Com Computing Encryption Cylink Services Entrust...
-
Page 18: Enterprise Security Framework
Compaq has developed the Enterprise Security Framework. Using this framework, Compaq’s enterprise customers can get a birds-eye view of the security market, judge the suitability of a solution set, and develop both short- and long-term deployment strategies for their enterprise security requirements. - Page 19 HITE APER (cont.) TABLE 3: LEVELS OF SECURITY Level A Level B Level C Capable of deterring basic, Capable of repelling more Capable of defeating Robustness unsophisticated attacks: sophisticated attacks by those sophisticated/organized with some level of computing attacks uniformly across the Colleagues attempting power/expertise: enterprise by those with...
- Page 20 HITE APER (cont.) TABLE 4: PLATFORM AND LEVEL-SPECIFIC SOLUTIONS Level A Level B Level C Local information privacy- Robust privacy using Strongest identification: Client/Server Device basic encryption (selective strong encryption (long key, biometric devices coupled with file, drive). dedicated encryption engine) digital certificates Basic integrity protection Strong two faction local...
-
Page 21: Conclusion
(cont.) O N C L U S I O N Compaq believes that in the next 18 months, enterprise will be able to partner with technology providers to strengthen basic solutions. In the short term, client and server device-level solutions will remain the focus of enterprise, enabling completion of the implementation of Level A solutions.