Professional Documents
Culture Documents
Items Contents
Implementation of security on open source platforms.
Project Title
Monitoring Tools:
to. Control panel for high level visibility, aimed at senior management, for
decision making.
b. Risk and Behavior Monitors for medium level monitoring, aimed at
security administrators, network administrators and technical personnel
directly related to the analysis of security events.
c. Forensic Console and Network Monitors for the low level, intended for
the security administrator of the application, in this console analyzes are
performed from the forensic point of view for a more detailed study of the
events that have occurred. In this case, not only the causes generated by
the event but all the data related to it are determined. These tools will be
powered by the new capabilities developed in the "postprocessing" of the
Security Information Manager and whose purpose is to increase the
reliability and sensitivity of the detection process.
d: Detection: Detection mechanisms implemented in this structure. to.
Correlation
b. Priorization
c. Risk Assessment
The postprocess in turn is fed by the preprocessors, these are a number of
detectors and monitors already known by the majority of administrators
that integrate this distribution:
Detectors:
to. IDS (pattern detectors)
b. Anomaly detectors
c. Firewalls
F. Various monitors
and. Framework
Finally we must have an administration tool that configures and organizes
the different external and own modules that OSSIM will integrate, this tool
will be the Framework and through it we can define the Topology,
inventory assets, define a Security Policy, define the Correlation rules and
link the different integrated tools.
Technical Assessment
Economical: From the economic point of view the implementation of an
OpenSource project presupposes a reduction in the software acquisition
costs, however it is necessary to point out that for the development of this
project it is of vital importance the preparation of the personnel in charge
of the execution of This technology and a minimum of hardware resources
necessary for the proper functioning of it. In the specific case of the
implementation in the network of public entities more than the expenses
associated with the acquisition of Hard, the creation and training of the
Human Resources necessary for this task must be studied.
Contents : This project aims to provide a new vision of information security
management for public entities from the use of Free Code tools,
specifically through the implementation of one of the most widely used
OpenSource projects at the international level. Open Source Security
Information Management (OSSIM) is a distribution of integrated
Project Details OpenSource products to build a security monitoring infrastructure. Its
objective is to provide a framework to centralize, organize and improve the
detection and visibility capabilities in the monitoring of security events of
the organization.
※ This report will be provided to Korean companies for business meeting during the course, so
please write down all your country’s and organization’s ICT Projects that is/are going to be open
for bidding. In case there are no projects for bids, it is suggested that you write down