Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organization
Jared Bird's presentation on providing value with Nagios.
The presentation was given during the Nagios World Conference North America held Sept 25-28th, 2012 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna
Published on: Mar 3, 2016
Transcripts - Nagios Conference 2012 - Jared Bird - Providing Value Throughout the Organization
Nagios:Providing Value Throughout the Organization Jared Bird firstname.lastname@example.org Twitter: @jaredbird
Introduction Who is Jared Bird?
Providing ValueProvide knowledgeAssist other departmentsStrengthen inter-department relationshipsAchieve company wide goalsReduce costs
Understanding What are the goals of the other departments?
InfrastructureNetwork, Server, and Desktop TeamsConcerns include: Availability Capacity Utilization Functioning Properly
Security Prevent data theft Deter identity theft Avoid legal issues Protect brand “CIA Triad” Confidentiality Integrity Availability
ThreatsDefault configurationsWebsite defacementMissing patchesDNS redirectionUnauthorized useMany, many more
Default ConfigurationsDefault passwordsblank sa account Once password is set, monitor with new credentialsXI Auto-discovery check for insecure protocolsScheduled scans and output to Nagios
Website Monitor for defacement check_http –H www.yoursite.com –s “sekret” Checks for “sekret” string Check certificate check_http –H www.mysite.com –C 21 Checks certificate for 21 days of validity
Software InstalledCheck url for content (version)Ex: http://www.adobe.com/software/flash/about/ Check for string “184.108.40.2065”
DNS Have DNS entries changed? DNS hijacked High Impact
Unauthorized UseLDAP check for account creationSyslog output from infrastructureSNMP Alerts
Audit & CompliancePCISOXHIPPAAlmost every regulation* * Note: Speaker will not be held responsible if Nagios does not help achieve compliance with a specific regulation
PCI PCI DSS Any organization that processes, stores, or transmits credit card data Requirements 12 overall requirements 287 individual requirements
PCIReqs 1&2: Build and Maintain a Secure Network Auto-discovery to look for services Checks to verify that vendor defaults have been changedReqs 3&4: Protect Cardholder Data Scan for insecure protocols Check for expiration of SSL certificatesReqs 5&6: Maintain a Vulnerability Management Program Check the anti-virus process to ensure it is running
PCIReqs 7,8,& 9: Implement Strong Access Control Measures LDAP checks to ensure LDAP server is functioning Web Transaction Monitoring can be used to check two factorReqs 10&11: Regularly Monitor and Test Networks Check NTP Event logs from serversReq 12: Maintain an Information Security Program Use device listings as well as contact info (incident response plan)
SOXSarbanes-Oxley or Public Company Accounting Reform and Investors Protection ActSection 404: Assessment of internal controlNagios can help management show that controls for assuring the integrity of the financial reports are effective.
HIPAA Technical Safeguards: Access Control Audit Control Integrity Controls Transmission Security
Questions? Jared Birdjaredbird@gmail.com Twitter: @jaredbird Thank You