Implementace skeneru zranitelností do datového centra
Title Alternative:Implementation of Vulnerability Scanner to data center
Loading...
Date
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Tato práce řeší zprovoznění skeneru zranitelností v datových centrech reálné firmy v návaznosti na zákon o kybernetické bezpečnosti. Cílem práce je porovnání konkurenčních produktů v oblasti skenování zranitelností, popis výchozího způsobu použití skeneru zranitelností a návrh na implementaci do běžného provozu datového centra.Výstupem je sada otestovaných skenovacích politik a připravené šablony reportů. Vzorově jsem napojil na skener jeden systém na platformě UNIX a jeden na platformě Windows s popsanými postupy. Přednostně se jedná o systémy spadající do kritické informační infrastruktury. Porovnání konkurenčních produktů jsem provedl z uživatelského hlediska s důrazem na sadu kritérií, kterou jsem v kontextu znalosti prostředí a vlastních požadavků považoval za klíčovou. Z provedených testů vyplynulo, že z největší části vyhovují dva produkty výrobců Tenable a Qualys.Podle mého návrhu se podařilo zprovoznit skenery Tenable Nessus ve všech třech datových centrech. Připravené skenovací politiky tvoří sadu určenou pro rutinní použití napříč platformami. Krom doplňkových politik, které slouží např. k testování, zda se skener dokázal přihlásit ke skenovanému aktivu s dostatečným oprávněním, je zásadní politika provádějící v pravidelných intervalech audit instalovaných opravných balíků operačních systémů a aplikací tzv. patch audit sken s výstupem do reportů z připravených šablon.Práce může být vodítkem pro další instituce, které tuto problematiku dříve či později budou řešit.
This dissertation addresses the launch of a vulnerability scanner in the data centers of a real firm, in line with the Cyber Security Act. The aim of the dissertation is to compare competing products in the area of vulnerability scanning, to describe the default way of using a vulnerability scanner and to propose its implementation into the normal operation of the data center.The output is a set of tested scan policies and prepared report templates. As a sample, I connected one system based on the UNIX platform and one based on the Windows platform to the scanner and described the procedures. It regards preferentially critical information infrastructure systems. I compared the competing products from the user perspective with a focus on a set of criteria that I considered crucial according to my knowledge of the environment and my own requirements. Realized tests have shown the highest compliance by two products made by producers Tenable and Qualys.Following my proposal, two Tenable Nessus scanners have been successfully launched in all three data centers. The prepared scan policies represent a set designed for routine cross-platform use. In addition to complementary policies, which serve for example to test whether the scanner was able to log into the scanned asset with sufficient rights, the policy performing regularly an audit of the installed patches of operating systems and applications , the so-called patch audit scan, with an output to the reports from the prepared templates is essential.This work may serve as guideline for other institutions that will deal with this issue sooner or later.
This dissertation addresses the launch of a vulnerability scanner in the data centers of a real firm, in line with the Cyber Security Act. The aim of the dissertation is to compare competing products in the area of vulnerability scanning, to describe the default way of using a vulnerability scanner and to propose its implementation into the normal operation of the data center.The output is a set of tested scan policies and prepared report templates. As a sample, I connected one system based on the UNIX platform and one based on the Windows platform to the scanner and described the procedures. It regards preferentially critical information infrastructure systems. I compared the competing products from the user perspective with a focus on a set of criteria that I considered crucial according to my knowledge of the environment and my own requirements. Realized tests have shown the highest compliance by two products made by producers Tenable and Qualys.Following my proposal, two Tenable Nessus scanners have been successfully launched in all three data centers. The prepared scan policies represent a set designed for routine cross-platform use. In addition to complementary policies, which serve for example to test whether the scanner was able to log into the scanned asset with sufficient rights, the policy performing regularly an audit of the installed patches of operating systems and applications , the so-called patch audit scan, with an output to the reports from the prepared templates is essential.This work may serve as guideline for other institutions that will deal with this issue sooner or later.