2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
-
Upload
isalliance -
Category
Documents
-
view
218 -
download
0
Transcript of 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
1/14
www.isalliance.org
Application of SCAP to SecureUnified Communications
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
2/14
www.isalliance.org
The ISAlliance Board
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
3/14
www.isalliance.org
VoIP Project Leadership
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
4/14
www.isalliance.org
Government Participants
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
5/14
www.isalliance.org
Industry Participants
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
6/14
www.isalliance.org
The Need
Concerns of:
Vendors
CarriersEnterprises
Vulnerability Management
Secure Patching Secure Configuration
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
7/14
www.isalliance.org
The SCAP Challenge
SCAP Today Federal Desktop Core
Configuration (FDCC)
One Vendor Just Workstations
SCAP Tomorrow
Set ConfigurationMore ApplicationsMore VendorsMore ToolsMore Endpoints
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
8/14
www.isalliance.org
ISAlliance Unified Communications
Program Proposal & Status
Snapshot
ToleadandinfluencethedevelopmentofindustrybasedSCAPchecklistsforVoiceandVoIPSecurity
forGovernment,CricalInfrastructureandEnterprises(approvedFeb2008ISAllianceBoDMee9ng)
VoIPSecurityImplementaonandAssuranceWorkshopheld@NISTaspartofthe4th
Informa,onSecurityAutoma,onConference,(complete,Sept22nd--23rd,2008)
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
9/14
www.isalliance.org
ISAlliance Unified
Communications Program Outcomeof2008workshopneed
wasidenfiedto: AccesstheapplicabilityofSCAPto
VoIP
EnumeratestandardstodevelopSCAPcontent
PhaseIwhitepaperdueendof200 Applica'onofSCAPtoSecure
UnifiedCommunica'ons
PhaseIIproposed
ProsaicChecklist
BusinessCase(RoIAnalysis)ontheuseofSCAPtechnologybyEnterprises
CricaltohaveUCVendorandSCAPToolsVendorParcipaon
Services
Networks
Devic
es
UC Network
Services
Networks
Devic
es
UC Network
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
10/14
www.isalliance.orgwww.isalliance.org
Baseline Standards
Process
Scope
Architecture
Review
StandardsDefine
Baseline
RecommendedSecurity
Controls
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
11/14
www.isalliance.org
Applicability Workgroup
Approach
Scope
Architecture
TRA(Threat Risk Assessment)
Security
Controls
Applicabilityof SCAP
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
12/14
www.isalliance.orgwww.isalliance.org
The White Paper
Please email [email protected]
To be placed on the distribution list fora free copy ofApplication of SCAPto Secure
Unified Communications.
Available end of 2009
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
13/14
www.isalliance.org
Backup
-
7/31/2019 2009 00 00 Barry Foer VoIP SCAP Applicability Presentation for NIST
14/14
www.isalliance.org
The Unified Communication Challenge
Services
UC Network