<ICT Project Report for Business Meetings>

Year / Month 2018/September

Course Title Security Technical Expert
Country Colombia
Organization Boyaca Gobernment

Items Contents
Implementation of security on open source platforms.
Project Title

Ordering Implementation of internet access and new technologies, (digital

Organization government and open data).
Introduction: Since the last century and with the implementation of new
technologies of information technology and communications (TIC'S), the
use of these tools has become a fundamental part of the daily activity of
companies, the current processors store large volumes of information ,
they process it and transmit it through data networks, requiring the
personnel assigned to this activity to focus their attention not only on the
administration of the system but also from the point of view of security, an
issue that was generally not taken into account . Most managers,
administrators and end users of our companies have the wrong perception
that information security is a difficult task to apply, which requires a lot of
money and time, when in reality, with very little effort can be achieved a
reasonable level of security, capable of satisfying the security expectations
of small and medium-sized companies. Making use of tools that come
Project Goals
supplied with the operating system or that are mostly free, it is possible to
achieve acceptable levels of security with a minimum of cost.
Desarrollo del Trabajo: Lo primero que tenemos que tener en mente es
que no existe nada como un sistema completamente seguro. Todo lo que
puede hacerse es aumentar la dificultad para que alguien pueda
comprometer su sistema y poseer un sistema de monitoreo capaz de
generar mecanismos que alerten a los administradores y directivos en
tiempo real de las anomalías en el funcionamiento de sus sistemas
informáticos.

Objectives of the Work: This work aims to provide a new vision of

information security management for public entities from the use of Free
Code tools, through the application of one of the most widely used
OpenSource projects at the present level international, which complies with
the security standards defined by international certification bodies.

- Open Architecture: OSSIM is an open monitoring architecture because it

integrates various products from the free world, always trying to follow the
standards and trends of the OpenSource world.

- Integral Solution: It is an integral solution because it is capable of

offering the tools and functionality for monitoring all levels of security
from the lowest (detailed signatures of an IDS, addressed to the security
technician), to the highest (The Table of Management directed to the
Strategic Management), passing through: Forensic Consoles, Correlation
levels, Inventory of Assets and Threats, and Risk Monitors. - Free Code
Software: OSSIM proposes an integration project, its intention is not to
develop new capacities but to take advantage of the wealth of "Jewels" of
free software, programs developed by the inspiration of the best specialists
in the world, group 22 of the best security tools of the SWL world (such as
SNORT, RRD, NMAP, NESSUS, NTOP, NAGIOS ...) integrating them in an
open architecture that will inherit all its values and capabilities Structure:
The centralized management system consolidates the information obtained
from The sensors and monitoring tools to provide security information in a
high degree of correlation, will consist of the following monitoring tools.

Monitoring Tools:
to. Control panel for high level visibility, aimed at senior management, for
decision making.
b. Risk and Behavior Monitors for medium level monitoring, aimed at
security administrators, network administrators and technical personnel
directly related to the analysis of security events.
c. Forensic Console and Network Monitors for the low level, intended for
the security administrator of the application, in this console analyzes are
performed from the forensic point of view for a more detailed study of the
events that have occurred. In this case, not only the causes generated by
the event but all the data related to it are determined. These tools will be
powered by the new capabilities developed in the "postprocessing" of the
Security Information Manager and whose purpose is to increase the
reliability and sensitivity of the detection process.
d: Detection: Detection mechanisms implemented in this structure. to.
Correlation
 b. Priorization
c. Risk Assessment
The postprocess in turn is fed by the preprocessors, these are a number of
detectors and monitors already known by the majority of administrators
that integrate this distribution:

Detectors:
to. IDS (pattern detectors)
b. Anomaly detectors
c. Firewalls
F. Various monitors
and. Framework
Finally we must have an administration tool that configures and organizes
the different external and own modules that OSSIM will integrate, this tool
will be the Framework and through it we can define the Topology,
inventory assets, define a Security Policy, define the Correlation rules and
link the different integrated tools.

Technical Assessment
Economical: From the economic point of view the implementation of an
OpenSource project presupposes a reduction in the software acquisition
costs, however it is necessary to point out that for the development of this
project it is of vital importance the preparation of the personnel in charge
of the execution of This technology and a minimum of hardware resources
necessary for the proper functioning of it. In the specific case of the
implementation in the network of public entities more than the expenses
associated with the acquisition of Hard, the creation and training of the
Human Resources necessary for this task must be studied.
Contents : This project aims to provide a new vision of information security
management for public entities from the use of Free Code tools,
specifically through the implementation of one of the most widely used
OpenSource projects at the international level. Open Source Security
Information Management (OSSIM) is a distribution of integrated
Project Details OpenSource products to build a security monitoring infrastructure. Its
objective is to provide a framework to centralize, organize and improve the
detection and visibility capabilities in the monitoring of security events of
the organization.

Project Period : The development of this Project will take approximately

 one year.

Bidding Period : According software development

Budget : $200.000.000 Boyaca Government

The objective is to be able to develop this type of Project in the

department, since countries like Korea already have projects like these very
Requirements for advanced.
Bidding (optional)

Security is a principle of development at the ICT level, given that

information systems are the central point of the organization, that is the
Remarks origin of the need to know and study security at the expert level in order
to contribute to the aforementioned project. He has been developing as a
pilot in Boyaca.
※ Detail and factuality will be of help. (1 project per page)

※ This report will be provided to Korean companies for business meeting during the course, so
please write down all your country’s and organization’s ICT Projects that is/are going to be open

for bidding. In case there are no projects for bids, it is suggested that you write down

potential/future ICT plans or strategies.