ALU’s360°approach to new vulnerabilities and threats 1 All RightsReserved©Alcatel-Lucent 2007,...

1

All Rights Reserved © Alcatel-Lucent 2007, 21190

ALU’s 360° approach to new vulnerabilities and threats

Alberto Lotti – Chief Marketing Officer & Chief Technology Officer

Alcatel-Lucent Italy

November, 2007

All Rights Reserved © Alcatel-Lucent 2007, 211902 | Alcatel-Lucent | November 2007

Company overview

2


• We are an innovation powerhouse

• We have increased our distributed Professional Services resources

• We provide strategic consultancy to carriers and key industry players, institutions, for End-to-End and Transformation projects

• We have extended our reach, with privileged access to ICT advanced markets such as North America

• We have an advanced portfolio for network evolution, with 4G mobile, GPON fiber access, security solutions

Alcatel-Lucent

Alcatel-Lucent, the company that will drive the global communications transformation in the 21st century. Created on November 30, 2006


� Trusted partner to the 30 largest service providers,

and governments and enterprises worldwide

� 500+ customers

� More than 100 years of carrier-grade experience

� A leading “end-to-end” communications solutions integrator

� A leader in major areas defining next generation networks

� More than 80,000 professionals worldwide

� Presence in more than 130 countries

� Global Network Operations Centers (GNOCs) and Centers of Excellence

� Engineering and technical service centers around the world

� Global leader in communication technology

� #1 in wireline

� #3 in mobility

� in the top three in applications and services

� Comprehensive R&D portfolio, leveraging Bell Labs excellence

We design and deliver the systems, services and software that drive next-generation communications networks

Alcatel-Lucent

Global Expertise and Assets

Track Record of Success

CARRIER

BUSINESS

GROUP

ENTERPRISE

BUSINESS

GROUP

SERVICES

BUSINESS

GROUP

Alcatel-Lucent: First True Global Communications Solutions Provider

About Alcatel-Lucent

3


Targeted analysis and modelling of business processes, service

vision, operational environment and network architecture

and security

End-to-End integration of operations and business support

systems, applications, network infrastructure and security

systems in the framework of customers’ optimization,

evolution or transformation projects

Single point of accountability for end-to-end project

governance and full implementation

Engineering, staging, installation, test and turn-up, and site

location and construction

Full implementation of network infrastructure, application

platforms and OSS/BSS systems

Consult,

Design,

Integrate

Deploy

Alternative service partnership models offering partial out-

tasking or total outsourcing of selected NOC and field

operations

Hosted and managed services enabling rapid launch

of new services such as VoIP without heavy upfront

investment

Operate

Maintain Full range of support options encompassing proactive

monitoring, preventive actions, on-site and remote

technical assistance and spare parts repair and

management

AlcatelAlcatelAlcatelAlcatel----Lucent Services: Lucent Services: Lucent Services: Lucent Services: global reach and regional global reach and regional global reach and regional global reach and regional focusfocusfocusfocus�Serve top 30 carriers in more than 130 countries � 18,000+ network professionals� Support Centers

– GNOCs– IP Transformation Centers– Technical Assistance Centers– Call Centers– R&D Centers

� Multivendor, multi-technology capabilities supporting more than 1,600 products from more than 290 vendorsEnd-to-end

capabilities

We customize a tailored solution, leveraging a broad portfolio of capabilities

Alcatel-Lucent Services: A Leading End-to-end Integrator ― A Trusted Partner

For Change

About Alcatel-Lucent


Changing environments and challenges

4


The Telco and IT meeting point is now

Telecom evolution and IT evolution are converging having a common target to

complex Service Delivery Environments. This is particularly true where companies

offers leverage on network capabilities

Lots of efforts been made to evolve TLC

environments into IT-

like environments

SOA facilitating and

speeding up TLC and

IT merge

Best practices and standards to be

controlled

OpenSource adoption

pervading IT and TLC

more and more

SOA and WS are the “Trait d’Union” of “ITzation” of TLC and vice versa.

Many standards born to comply to. Many standards inherited from TLC world

and IT world, whose applicability is getting tougher because of technologies

getting newer (e.g. SOX, HIPAA, ISOxxx, PCI, Compliance, ITU-T)

Many open source code is now the foundation for SDE in TELCO and IT

companies (e.g. Eclipse, Linux, Telephony, OSS, Contact Centers)

Our approach to Security


Alcatel-Lucent Services Has Proven Its Capability in this convergent world…

Supported service provider’s compliance readiness efforts for SAS 70 audits

required of their services by building and modifying security policies, practices, and procedures, as well as assisting with remediation activities. Benchmarked program against ISO 17799 and developed policies and procedures for security operations center.

Served as trusted advisor for service provider’s

corporate security

program development

Helped an insurance carrier reduce risks

Alcatel-Lucent advice European Commission

on security

Helped and secured

VoIP traffic in many

financial institutions

Addressed security risks by producing a detailed roadmap to align policies, procedures and management control systems. Reduced security

exposures and validated regulatory compliance. Centralized policy management across 27 areas.

ALU Bell Labs provided a comprehensive analysis of the factors influencing the availability of Europe's electronic communications infrastructure, including

its Internet and mobile networks.

Rebuilt of security strategy and procedures because of VOIP and VPN

technology introduction. Built a new protection layer with ALU solutions.

Rebuilt Incident Management procedures and monitoring


5


� Shared Watch, Warn and Incident Response Team to monitor cyber threats and respond to attacks

� Mutualization of security survey, advisories and alerts delivery, crisis management for customers wishing to join

the CERT worldwide community through a representative organization

� CERT-Industry Services Tertiaire (IST) was created based on a consortium of partners, with Alcatel (1999) as the

leading provider in charge of service delivery

� Alcatel-Lucent is a member of the society, and remains the lead for service delivery

� Other members include CNES (Centre National d’Etudes Spatiales, France Telecom Orange, and Sanofi-Aventis.

More information on www.cert-ist.com

� Operation cost reduction due to the mutualization effect

� Privileged security exchange area: Security managers can exchange information and experience through the

CERT-IST society

� Access to the Forum of Incident Response and Security Teams (FIRST) worldwide security community through

the CERT-IST society

… and in Computer Emergency Response Team (CERT)

About Alcatel-Lucent Services: Security case study

Unparalleled expertise for competency transfer to help other create CERT or Incident

Response Teams capability


Approach

6


Alcatel-Lucent 360°approach to security

Alcatel-Lucent approach to Security

Global Strategy

� Policy

� Legal

� Standardization

� Intrinsically secure

systems design

� End-to-end solutions

� Dedicated services and

Solutions for Service

Providers and

Enterprise

� Awareness

� Rule and Regulation

� Control

Company Products


The products

The Security Products

Global Vision Embedded in all the Systems

Dedicated Solutions

� Fixed, Mobile,

Satellite converging

networks

� End-to-End Solutions

development

� Network provided

with Overview and

Management

� Proactive approach

to Cryptography,

Legal Intercept and

Data Retention

� Intrinsic security at

Equipments,

Networks and

System level

� Network Elements

Recognized and

Authenticated

before operation

� Inter-equipments

communications

verified and

validated

� Services

� Operation Centre

� Systems

7


The dedicated solutions

The Dedicated Solutions

Security Consulting & Integration

Managed Security Systems

� Security Risk

Assessment

� Security Design And

Integration

� Business Continuity

& Disaster Recovery

(BCDR) planning

� Security strategy,

policy & compliance

� Threat Management

� Emergency Response

� Security Monitoring

and Supervision

� Recovery Actions

� Secure Access Network

Access Control

� DNS/DHCP IP Management

� Performance Management

� Laptop Guardian

� Antivirus and Quarantine

� Firewall

� Legal Interception In

Network and in Field

� Data Retention and

Retrieve


The cornerstone: ITU/X805, ISO 18028.2

The Bell Labs Security Framework• ITU/X.805 Security Standard

• ISO 18028 Security Standard

The Bell Labs Security Framework• ITU/X.805 Security Standard

• ISO 18028 Security Standard

Infrastructure Services Applications

End User

Control / Signaling

Management

Layers

Planes

MODULE 1 MODULE 4 MODULE 7



Access Control

Authentication

Non-Repudiation

Data Confidentiality

Comms Security

Data Integrity Privacy

Availability (9 Modules X 8 Cells = 72 Security Cells)

The Bell Labs Security Framework

Building Security in the DNA of Complex SystemsBuilding Security in the DNA of Complex Systems

8


Services One-Page Overviews


Breadth Of Security Services

SECURITY RISK ASSESSMENT

Comprehensively assess

the organization and the

network to reveal security exposures and

weaknesses in policies

and practices, and

define mitigation options

SECURITY ARCHITECTURE AND

DESIGNDevelop security

architectures and

detailed design

documentation based on business drivers

Security Consulting and

Integration:Understand the risk and create a

solution to protect your

network

Business Continuity /

Disaster Recovery Services:Plan for and

enable secure ongoing

operations

SECURITY STRATEGY, POLICY & COMPLIANCE

Develop overall security

program and policies

tailored to the organization, and guide

implementation and

training; Perform

compliance readiness, remediation or

validation activities

THREAT MANAGEMENT

Threat prevention and

management through

vulnerability detection,

service risk management and recommended

corrective measures;

Incident response and

crisis management via CERT-IST

SECURITY POLICY AND ARCHITECTURE

INTEGRATIONImplement and test

security network

architecture solutions to

support business requirements and

security policies

IMPACT ANALYSIS

Recommend

recovery strategy

based on a cost-benefit analysis

considering

potential business

impacts and recovery

requirements

GAP ANALYSIS

Provide objective

evaluation of current

business continuity

operations against

best practices, and identify

improvements

PLAN DESIGN AND DEVELOPMENT

Develop a task-

oriented recovery

plan, communicate

key aspects to staff,

formalize knowledge transfer and lead

change management

PLAN TESTING

Develop a structured

continuous testing

plan to ensure

preparedness and

success, including specific testing goals

and analysis

activities

RISK ASSESSMENT

Identify the

vulnerabilities of

mission-critical systems, networks,

and information

assets and

processes, and create mitigation

approaches

PLAN MAINTENANCE

Establish a

framework within

which business continuity plans can

be reviewed on a

regular basis or in

response to major changes

About Alcatel-Lucent Services: our services portfolio for Security

Managed Security Services:

Outsource key elements of your security solution

MANAGED INTRUSION DETECTION AND PREVENTIONMonitor, analyze, and manage IDS

events, allowing for real-time

response and escalation of

unauthorized activities

MANAGED VPNMonitor and manage VPN

service, including health and

performance monitoring

MANAGED FIREWALLRemotely manage firewall

appliances, providing real-time

network security monitoring,

threat identification, reporting,

and policy implementation

SECURITY EVENT MONITORING (SEM)

Event monitoring and

correlation of security events

across network elements

9


Product Overviews


Security Solution: Technologies

Alcatel-Lucent’s Integrated Security Eco-System

CloudControl

VitalQIP

VitalAAA

Laptop Guardian

NAC

VitalNet

(SEM)

Vital ISA

(SRM)

LSMS

IDS/IPS/AV/AS urlfiltering

Rules-Based-Routing: Shunting Traffic by Protocol

At all Perimeter Sites

Separation by Zones, Functions or Applications

Separating Various Departments

Vulnerability Scanner

A-L 8950 ServiceRisk Management

CloudControlCloudControl

VitalQIP

VitalAAA

NAC

VitalNet

(SEM)

Vital ISA

(SEM)

Vital ISA

(SRM)

LSMS

IDS/IPS/AV/AS urlfiltering

Rules-Based-Routing: Shunting Traffic by Protocol

At all Perimeter Sites

Separation by Zones, Functions or Applications

Separating Various Departments

Vulnerability Scanner

A-L 8950 ServiceRisk Management

Ecosystem of products and solutions

Ecosystem of partners

10


OmniAccess 3500 – NLG in Brief – The laptop guardian

Secure Corporate Enclave

� Configuration

� Data protection

� Patch management

� Policies

WiFi3G

WiMAX

Connected?

Firewall

� Trusted computer-within-a-computer

� Always-on – even when laptop is off

� Remote “kill” capability & mgmt

� Policy enforcement

� Local quarantine

� Secure all networking interfaces

� Off-hour back-ups and patching

� GPS

� Authentication

� Auto VPN

� Third party capabilities

Trust-basedLink

Worms / Viruses / Intrusion /

Disk Access / Data Tampering /

Content Theft / OS Integrity


Solution Component Highlight: Brick® VPN Firewall Portfolio


Prevention & Verification

Centralized managementthrough the Alcatel-Lucent

Security Management

Server

Proven 8 year track record

Fully redundant: no single point of failure

Denial of Service protection

Plug and play: flexible deployment options

Virtually Invulnerable Secure operating systemdeveloped at Bell Labs

Fault Tolerant

Redundant

Bricks

Access

Platform

Internet

Routers

Telco

cloudRules-Based

Routing

802.1q

Tagged Trunk

Load sharing

URL

Blocking

Virus

Scanning

Intrusion

Detection

Brick® 50/150 VPN Firewall

Brick® 1200VPN Firewall

ExistingRouter

ExistingRouter

ExistingRouter

Brick® 700VPN Firewall

Alcatel-Lucent Security

Management Server

Active/ActiveManagement

Designed using the ITU-T/X.805 Framework

11


Alcatel-Lucent Brick® VPN Firewall Portfolio

Created by the Founders of Firewall Technology

• Brainchild of the Alcatel-Lucent Bell Laboratories Research team to meet stringent security requirements for classified research network

• Development began in 1996, with first commercial products delivered to commercial market in 1998

Innovator in numerous areas of Firewall Technology

• Centralized Management

• Firewall Virtualization

• Generalized DoS Protections

• Bell Labs patented security algorithms

Globally deployed in numerous customer environments

• Extensive base of global service providers – for both internal network protection, as well as premises or network-based Security Managed Services

• Government agencies

• University/Campus environment

• Multi-site enterprises seeking high security with low ownership costs.


Alcatel-Lucent VPN Firewall Brick® awarded by "Network Computing“ in 2007 for hi

perfomance


Solution Component Highlight: AccessGuardian

AccessGuardian is a comprehensive set of security features embedded in Alcatel-Lucent’s OmniSwitch IP Networking portfolio

Enable and enhance your security solution with an Alcatel-Lucent switch infrastructure


Authentication

Host Integrity

Role-based Access

QuarantineIntrusion Detection

End User Security

� Authentication

� Switches provide “auto-sensing authentication”

�Includes 802.1x, MAC authentication, Group mobility

� Host Integrity (NAC)

� Switches enhance various NAC enforcements methods (MNAP, etc.)

�802.1x flexibility enables deployment of NAC

�DHCP snooping and lockdown for DHCP-based NAC

� Role-based Access

� Wire-speed ACL and QOS policies aid in limiting user traffic to appropriate areas

� Monitoring

� sFlow-enabled switches provide visibility to network patterns and security threats

� Quarantine

� Quarantine Manager-enabled switches disable intruders at the network edge

CrystalSec End User Security

12


Alcatel-Lucent Enterprise LAN Switches Provide Complete Edge to Core Solutions

� Campus core

� Data center

� High density distribution

High end modular core switches L3

� Availability, performance

� 10Gig, IPv4 and IPv6

� Advanced Routing and QOS

� PoE, Fiber

Multiservice modular switches L3

� Built for convergence

� 10/100, Gigabit and ATM

� PoE

� Wiring closet

� Highest availability

� ATM to Gig migration

Advanced stackables

� Virtual chassis

� 10/100 and 10/100/1000

� PoE, fiber

� 10/100 upgradeable to Gig

� Converged wiring closet

� Aggregation and data center

� Triple play Ethernet access and aggregation

Entry level fixed configuration

� Wire-speed L2+ services

� 10/100, 10/100 PoE

� Wiring closet

� Triple play Ethernet access

OmniVista Netw

ork Management

OmniSwitch980097009600

OmniSwitch7800 7700

OmniSwitch6850 / L 6800 / L6600

OmniStackLS 6200


Solution Component Highlight: OmniVista 2770 Quarantine Manager

Quarantine Manager, a network management application providing network quarantine security. Improving and simplifying network protection through a unified network management and security platform

What we do:

� OmniVista NMS software application

� Converging network Management and

network Security

� Preventing Network access of non-

compliant users

� Ability to isolate non-compliant user

based on IPS/IDS intrusion

notification

� Avoiding Contamination to the rest of

the Network

� Isolating non-compliant user, either

at Edge, Core, Branch or wireless

� With Supervision & Management tools

for Network Manager

What we deliver:

• Open Solution

• Interfaces with any-third

party devices IDS/IPS

Syslog

• Supports Multi-vendor

networks with Alcatel at

edge or Aggregation

• One Touch solution to

deploy and operate

• Pre configured rules and

Containment actions

• Still totally flexible

• Either complete

automation or manual

operation .

Protect your Infrastructure, assets from Potential liability due to network intrusion through Network Quarantine automation

Intrusion detection

Security Policy and Network Automation

Security Compliance

Intrusion containment

Network Quarantine


13


Fortinet Unified Threat Management

Fortinet offers an array of multi-threat security solutions that help businesses of all sizes meet their security challenges and

enable a safe and clean communications environment.

The Basics:

FortiGate systems integrate the industry's broadest suite of security protections -including firewall, VPN, antivirus, intrusion prevention (IPS), Web filtering, antispam, antispyware, and traffic shaping - that can be deployed individually or combined for a comprehensive unified threat management solution.


“…can detect and mitigate a broad range of network threats while reacting very quickly to new and emerging threats in the field. “

– CurrentAnalysis


Solution Component Highlight: VitalAAA - Access Policy Management

High performance access policy management for WWAN, WLAN, Switched, Dial, DSL, VPN and other controlled network access applications

What we do:

� Provide AAA (Authentication,

Authorization & Accounting) services

for network access elements

• PDSN/GGSN

• NAS/RAS/BRAS

• VPN

• Access user information stored in local

databases and directories

� Track, manage and limit active sessions

� Provide a single, cohesive access policy

for the entire network from a single platform

� Save usage data to virtually any database or file format desired

� Interface with other AAA systems for roaming

What we deliver:

• A single management point

for managing access policies

for all network access media

• Compressive reporting,

logging and error, fault and

alarm managements

• Integration with existing HR

and customer care systems

• Excellent performance on

low-end hardware

• Complete training and

professional services

• Solid standards compliance

Get control of your access policy. Integrate all forms of access into one, versatile centralized AAA policy engine.

Secure Authentication

Powerful Accounting

Unequaled logging

Flexible Authorization

Access Control


Server Management Tool

Logging and Statistics

PolicyFlow Language

Standards Compliant RADIUS & DIAMETER Protocols

Intelligent Request Queue

Universal AAA Dictionary

PolicyFlow ProgramPolicyAssistant

• Wi-Fi

• WiMax

• etc

14


Alcatel-Lucent VitalAAA has proven itself time and time again…

VitalAAA is now the global operating standard for the entire mobile and fixed line

operations of Spain’s largest telecommunications Operator. Used for everything

from securing the internal network to managing customer access to their state of

the art UMTS network, VitalAAA literally sets the standard.

The Global Standard for one of the largest

telecoms in Europe & Latin America

Integrates VPN, LAN

and Wireless LAN

access policy

Connects to existing

databases and

information systems

Prepared for the

future

By use of a common AAA policy engine, VitalAAA provides enterprise

operators with a single point of policy application. VitalAAA integrates

information about active sessions and user location to offer pinpoint

accuracy for your access security.

Integrating VitalAAA into your existing infrastructure is a snap. With support for

any SQL compliant database or LDAP directory schema VitalAAA allows you to

take advantage of your existing data systems including all your data

provisioning and management systems and practices.

The Alcatel-Lucent AAA team is actively involved in the international

standards bodies and is committed to keeping VitalAAA up-to-date with new

and emerging standards.



VitalQIP® DHCP/DNS IP Address Management Software

Market Leading IP Address Management SoftwareEnhances Profitability and Productivity

The Basics:

• Configuring network nodes with IP address, mask, gateway, etc.

• Monitoring address usage to ensure efficient deployment

• Configuring DNS servers with each node’s name and IP address

What we deliver:

• A consistent, accurate IP name and address inventory

• High availability for clients/subscribers

• Ability to manage diverse DHCP/DNS infrastructure

• A scalable IP management architecture

• The ability to control operating expenses through automation

• High performance access for clients/subscribers

• Control system access through a secure infrastructure

• Support for new technology such as VoIP, ENUM, RFID, IPv6, etc.


“IPAM solutions greatly simplify not only the management and accuracy of network records, but they also simplify their provisioning as organizations grow, merge together,

and look to deploy these next-generation network applications.”The Burton Group

15


Alcatel-Lucent VitalQIP Has Proven Its Capability…


Leading Market share in segment -- IDC,

Giga

Leading DHCP server performance --

Exodus Labs

Numerous recognition awards including:

� Network World Blue Ribbon

� Network Testing Labs World Class

Award

� Network World Clear Choice Award

� SC Magazine 2006 Awards Finalists

� Best Integrated Security Software

� Best Enterprise Security Solution

IPAM/DNS/DHCP is the single critical element in the IP network that must be "always on." -IDC


Alcatel-Lucent 8950 SRM Application

Alcatel-Lucent 8950 SRM is a proactive, non-intrusive service risk management

system that reduces the overall costs of prioritizing vulnerability management

activities, thereby enabling organizations to reduce the costs associated with

avoidable security incidents.

What we do:

� Create a security object model (SOM) based

on data provided through integration with

OSS/NMS/ITMS systems

� Map vulnerabilities to the SOM as they

are published from the Alcatel-Lucent

Vulnerability Service

� Determine the risk those vulnerabilities

pose to specific assets and to the higher-level

services (like IPTV) that they support

� Prioritize based on the risk the vulnerabilities

present to the service delivery infrastructure

What we deliver:

� Prioritized list of business-

impacting vulnerabilities

� Simulation mode to

analyze planned changes

to infrastructure

� Detailed reporting to

support tactical,

operational and regulatory

compliance requirements

Our approach to [solution name]

Process Automation Is the Key to Efficiency

16


Alcatel-Lucent 8950 Service Risk Management System

How It Works

� Builds a physical model — existing data

� Overlays business service relationships

� Analyzes against known vulnerabilities

� Aggregates vulnerabilities — prioritizes

Primary Uses

� Near-real-time vulnerability modeling and

mitigation

� What-if scenario modeling

Other Features

� Integrates with existing ticket systems

� Simulations — what-if scenarios

� Detailed ad hoc and pre-set reports

OSS/Inventory Interface

Asset Map

RiskReports

Risk Simulator

Security Object

Model

Security State

Engine

Vulnerability Interface

Northbound Interface

NSP

CSP

ASP

BSR (7750 SR)

Remote Network Access Aggregation IP Service Edge Service Networks

FTTx

xDSL

IT/Network Infrastructure

ISAM

BSA (7450 ESS)

NMS

ApplicationsInventory

Applications

Alcatel-Lucent

Vulnerability

Service

TicketingSystem


Alcatel-Lucent ViSS (Video Surveillance System) Network Solution: compelling

and unique features

� Remote video surveillance

� 3G interworking

� Intelligent alarm system

� Configuration management

� Client interface

� GIS integration

� Forbidden zone alarm

� Statistics

� Behaviour analysis

� Pedestrian flow management

� Location based services

� Face recognition

17


Alcatel-Lucent 8636 ViSS Network Solution

TV WallLarge-scale TV wall

Digital video

Matrix

Digital video

Matrix

City Class Surveillance Center (Class 3)

District/County class Surveillance Center

(Class 2)

Police Station/Accessing Point (Class1)

Front-end Surveillance Point

MAN

Radius

server

MAN

SMG Client

DVS Camera

DVS Camera

MAN

SMG

Client

MAN

SMG

Client

CSG SA

Level 1 Access node

SA

SA

EMSSMG


Conclusions

18


Assurance of secure systems

Secure architectures for evolving

communications and services

infrastructure

Partnerships and collaborations

that reduce your time to market

for implementing trusted

networks

Knowledge and insight into latest

alerts and impact on products for

growing occurrence of alerts

An integrated security portfolio

(eco-system) to protect the

network

Trusted Networks Gives You:

Secure By Design – System Defense

Security embedded in development lifecycle with

testing, audit and certification checks

Security Incident & Response

Providing rapid knowledge, education and

response to AL customers for vulnerabilities

Security Incident & Response

Providing rapid knowledge, education and

response to AL customers for vulnerabilities

Secure by Design – Networks and Services

Security as fundamental part of network

and service architectures (IPTV, UMA, IMS, LAN, PBX)

Security Collaborations and Partnerships

Working with greater security community

to deliver trusted networks and services

(VOIPSA, ATIS, 3GPP, CERT-IST)

Integrated Security Eco-System

An integrated security portfolio of products to

act within the threat exploitation window

Alcatel-Lucent Security Strategy


� Leadership in key standards boards:

� National Security Telecommunications Advisory Committee

� FCC Network Reliability and Interoperability Council

� ANSI Homeland Security Panel

� Standards-setting through key authorship

� Published multiple Security texts

� Published in ISSA Journal, Network World, and Security Management magazine

� Highly-qualified staff with outstanding individual accomplishments – examples:

� CISSP and ISO 27001 certifications

� CIA, Defense Intelligence Agency, National Security Agency, US Special Operations Command

� Past Advisor to White House Offer of Cyber Security

� Inventors of widely-used algorithms, cryptographic systems and software including FreeLIP

� Founder and President of the Wireless Emergency Response Team

� Chair, FCC Network Reliability and Interoperability Council

� Master Recovery Planner credentials

Our People Have Network Expertise and Global Presence

The foundation of our capabilities is the strength and

experience of our skilled consultants

Why Alcatel-Lucent:

WORLD-CLASS PEOPLE AND EXPERIENCE

KNOWLEDGE ASSETS

PROVEN APPROACH AND METHODOLOGY

World-class security expertise

About Alcatel-Lucent Leadership and Expertise in Security

19


Alcatel-Lucent’s Resources Are Pioneers In the Knowledge That Drives Security

Advancements

Why Alcatel-Lucent:


KNOWLEDGE ASSETS


Patents and industry leadership:

� Hundreds of patents in security, cryptography, biometrics, firewalls, denial of service and virus detection

� ITU Standards Visionary (X.805)

� Major player in ITU-T SG 17 – Lead Study Group on Communication System Security

� CERT-IST, FIRST

� Bell Labs leadership in:

� Creation of new cryptography (SHAZAM for CDMA2000, PAK)

� Breaking of old cryptography (PKCS#1, DSA, SOBER, Clipper)

� Development of optical-rate encryption ciphers and NSA-certified encryptors

� Pioneering work in provable security

� Biometrics (voice authentication, with secured models)

� High-speed encryption hardware (e.g. for SANs)

� Integration of 802.11 and 3G AAA

� Watermarking

� Firewalls, firewall rule analysis, honeypots

� Fraud detection

� Viruses, Trojan horses, worms

� Secure multi-party computation, timed release of information, signature methods to cope with identity theft

� Shannon condition for unconditionally secure ciphers



We Apply a Disciplined Methodology

� Consistent, proven approaches and models applied worldwide to enable highest business value

� Flexible deployment methodologies provide cost-effective results with minimal disruption to ongoing operations

� Defined methodology sets expectations and provides a framework for results and deliverables

� Tailored network assessment techniques to fit scope

Why Alcatel-Lucent:


KNOWLEDGE ASSETS


� Proven methodologiesensure highest-quality solution delivery

� Project management processesincorporate knowledge-sharing systems and processes


Alcatel-Lucent Services

20


www.alcatel-lucent.com

ALU’s360°approach to new vulnerabilities and threats 1 All RightsReserved©Alcatel-Lucent 2007,...

Documents

Transcript of ALU’s360°approach to new vulnerabilities and threats 1 All RightsReserved©Alcatel-Lucent 2007,...