My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
04/17/2018
CBCC
>
Meetings
>
2010's
>
2018
>
04/17/2018
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/11/2021 3:22:45 PM
Creation date
6/1/2018 12:30:24 PM
Metadata
Fields
Template:
Meetings
Meeting Type
BCC Regular Meeting
Document Type
Agenda Packet
Meeting Date
04/17/2018
Meeting Body
Board of County Commissioners
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
220
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Confidence in the Connected VVorld <br />CC, ! <br />center fmuri0ternet Securitym <br />N�� ~��� ����������� N��K��^0����~�����N�&N�0 <br />�����N[ 0��� ��n��������U��� ��p���m�����'������ <br />(Albert) <br />The Center for Internet Security" (]SO),through the <br />Multi -State Information Sharing & Analysis Center' <br />UN5-|SAC1offers network security monitoring services <br />through asolution referred toasAlbert. This service <br />bavailable toV.5.State, Local, Tribal, and Territorial <br />governments. Albert provides network security alerts <br />for both traditional and advanced network threats, <br />helping organizations identify malicious activity. This <br />cost-effective Intrusion Detection System (IDS)uses <br />open source software combined with the expertise of <br />the yWS-|S4I24u7 Security Operations Center (SOC) <br />to provideenhanced monitoring capabilities and <br />notifications mfmalicious activity. <br />MS-ISAC- <br />- MuN-StateInformatiom <br />Sharing & Analysis {enter° <br />For Questions: <br />518.880.0699 <br />How Does Albert Work? <br />Albert leverages a high-performance IDS engine for the identification and reporting of malicious <br />events. It also monitors raw network packets and converts data into a netflow format for efficient <br />storage and analysis ofhistorical data. <br />The basic lifecycle «fmmAlbert event isasfollows: <br />| <br />�gnam/ �ns ~ � Aie�gene'�ed ,.^�� conducted | �~� Eventnobfiedan*em <br />| semtoZ4x7SOc mz4/SOC \ ^ <br />| ! / <br />Detection & Monitoring <br />An IDS is only as effective asthesignature set running on it. The Albert solution utilizes a unique and <br />targeted signature set to ensure sensors rapidly recognize and alert on potentially malicious traffic <br />occurring pnthe network. , <br />MS-ISAC utilizes four main sources of signatures. <br />1. Commercial signatures that are optimal for detecting standard malware and crimeware <br />2.Advanced Persistent Threat (APT)indicators <br />3. Signatures developed in-house from indicators of compromiseidentified through forensicanalysis <br />conducted onhundreds ufcyber incidents handled bythe K8S-|5AC Computer Emergency Response <br />Team (CERT) <br />4. MBSAC research and open source reporting <br />Alerts & Reporting <br />Nologs ordata reside onthe sensor. All data collected is compressed, encrypted, and sentto the M5-ISAi: <br />every few minutes for analysis. As alerts are analyzed and verified as actionable, event notifications <br />are sent to your organization in accordance with pre -established escalation procedures. Notifications <br />include which IP addresses are affected, the identified issues, mitigation recommendations, and an <br />attachment containing all traffic associated with the event. Additionally, your organization may utilize <br />the MS-ISAC API service to programmatically ingest event notifications and associated logs. Our 247 <br />SOC is always available to answer questions and provide any assistance as needed. <br />A comprehensive monthly activityrepor is made available, summarizingthe malicious activity <br />
The URL can be used to link to this page
Your browser does not support the video tag.