atsec presents “Secure Network Zones” talk at ISSE 2009
2009-10-22Munich - More than 300 participants discussed current IT security topics at the ISSE (Information Security Solutions Europe). European and international experts from research organisations and private companies presented IT security scenarios, research results and ideas for identity management, data security, social engineering prevention and cloud computing. Peter Wimmer, branch manager of atsec in Munich, presented his talk „Secure Network Zones“.
From the official program:
“Large networks, which are often distributed over physically separate locations, require a coherent security approach. Secure Network Zones, arranged in "onion-like" layers, provide increasing security levels towards the inner, more secure zones.
Increased security is implemented by both protective layers around sensitive networks and additional (cumulative) security measures, ranging from hardening and firewalls to more sophisticated techniques such as intrusion detection and encryption of transmitted and stored data. The paper describes the implementation of secure network zones, including classification of data, assignment of applications to zones, and data flow.
A path for the migration of existing environments is discussed and recommendations for special use cases are provided.”
You can download the presentation here:
http://atsec.com/01/company-publications.html
About atsec information security
atsec information security is an independent, standards-based information technology security services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich (Germany) in 2000 and has extensive international operations with offices in the U.S., Germany, Sweden and China.
atsec offers evaluation and testing services leading to formal certification for IT security including evaluation under Common Criteria schemes in the U.S., Germany, and Sweden; cryptographic module and algorithm testing under the Cryptographic Module Validation Program of the National Institute of Standards and Technology (NIST) in the U.S. and Communications Security Establishment Canada (CSEC) in Canada; and compliance validation to the Payment Card Industry (PCI) Data Security Standard.
atsec also offers secure code review, ISO/IEC 27001 ISMS consulting, and penetration testing and scanning services.
atsec works with leading global companies such as IBM, Apple, Microsoft, Hewlett-Packard, Oracle, Cray, BMW, SGI, Vodafone, Swisscom, RWE, and Wincor-Nixdorf.
