Web Site Content Protection Solution. Protecting Web Site Content with.
-
Upload
grace-holland -
Category
Documents
-
view
226 -
download
3
Transcript of Web Site Content Protection Solution. Protecting Web Site Content with.
Web Site Content Protection Solution
Protecting Web Site ContentProtecting Web Site Contentwithwith
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
What is Lockstep? What is Lockstep?
Deliberate web site content corruption caused by hackers or other unauthorized system intruders.
Accidental web site content corruption caused by authoring mistakes, multiple-author collisions, equipment or software failures, or by natural (or unnatural) catastrophes.
Software to protect web site content againsttwo major, real-world threats:
Who Are We?Who Are We?• Launched in 2002
• Privately held company
• Based in Ontario Canada
• Providing Companies with multiple products with focus on network security
• Provide consulting, design, implementation, and support of Network Enterprise Solutions focusing on Internet, Intranet, Wireless, and Extranet Security
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
Web Content Protection SolutionsWeb Content Protection Solutions
WebAgain Site Recorder
“ …WebAgain and SiteRecorder are essential tools in the armory of every IT manager and security officer.” (Brian Pennington, EMS-global Security Consultant)
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
WebAgainWebAgain
“Ideal for a busy B2B/B2C environment where time is at a premium but the efficacy and veracity of the web site is paramount. WebAgain will ensure that your web site is available, reliable and has integrity.” – SC Magazine
Protect your Web Site Content from Hackers
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
Trends: Intrusions/DefacementsTrends: Intrusions/Defacements
-
5,000
10,000
15,000
20,000
25,000
1996 1997 1998 1999 2000
Source: CERT
Intrusions
Source: alldas.de
-
2,500
5,000
7,500
10,000
3Q99
4Q99
1Q00
2Q00
3Q00
4Q00
1Q01
2Q01
Defacements
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
Business RiskBusiness Risk
Damaged public imageDiminished customer good willTime to restore serviceLegal liabilityCost to recover contentFrustration, stress, anxiety
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
Tough QuestionsTough Questions
How can I prepare myself against the risk of hacker attack?
Can I automatically recover if I am hacked – or do I have to jump through hoops to solve the problem?
Can I know immediately if something goes wrong?
How can I evaluate what happened?
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
How WebAgain WorksHow WebAgain Works
Internet
WebAuthors
ContentArchive
WebAgainServer
PublicWeb Servers
Administrator
9. Restore
7. Detect
3. Publish
4. Monitor
1. Author
6. Hack
10. Alert
5. Compare2. Archive
8. Quara
ntine
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
WebAgain FeaturesWebAgain Features
Automatic Hack Detection Maintains content archive Monitors web sites 24x7 Detects any unauthorized
content change Automatic Hack Repair
Restores correct content Quarantines bad content Alerts administrators Allows hack evaluation
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
WebAgain BenefitsWebAgain Benefits
Avoid embarrassment – protect your image Reduce risk of legal liability – have the right content
available, at the right time Prevent theft – keep valuable information from being
stolen from your users Save time, frustration and money – be proactive, not
reactive Be informed – know what happens, when it happens Improve web publishing quality – maintain a “single
truth” about what content should really be
Availability, Reliability, Integrity
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
System RequirementsSystem Requirements
WebAgain Server Windows NT/2000/XP
Administrator Interface Windows 98/ME/NT/2000/XP
Monitored web sites Any operating system Any web server
Web site access FTP FrontPage Server Extensions Shared Folder
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
Other ApproachesOther Approaches
Tripwire for Web Pages Detects change, but does not correct – substitutes
“notification page” Only works with Apache web servers Requires software addition to web server
Watchguard ServerLock Makes web server “read only” Does not allow remote administration Difficult to administer when server hosts many
logical domains
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
WebAgain Questions?WebAgain Questions?
??When will you getWhen will you get
DEFACEDDEFACEDor worse?or worse?
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
SiteRecorderSiteRecorder
Archive Audit Roll-back Restore
Protect your Web Site Content from Accidental Corruption
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
Accidental ThreatsAccidental Threats
Authoring mistakesAccidental content deletion Multiple author collisionsEquipment or software failuresNatural (or unnatural) disasters
75% of all data corruption is due toaccidental, not intentional causes.
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
Business RiskBusiness Risk
Damaged public imageDiminished customer good willTime to restore serviceLegal liabilityCost to recover contentFrustration, stress, anxiety
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
Tough QuestionsTough Questions
How can I know when a problem occurs? How can I know exactly what was on my
site at a particular point in time? How quickly can I roll back to a known good
configuration? How can I restore to a completely new
system if my equipment fails? How can I satisfy external audit
requirements?
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
How SiteRecorder WorksHow SiteRecorder Works
Internet
PublicWeb Servers
Administrator
2. Monitor
Author
6. Alert
SiteRecorderServer
3. Compare
1. Baseline
7. Evaluate
5. Update ContentArchive
4. Change8. Restore
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
SiteRecorder FeaturesSiteRecorder Features
Automatic Archive / Audit Monitors web sites remotely Detects any content change Archives each change Creates definitive audit trail Alerts administrators
Easy Roll-back / Restore Evaluate changes Roll back to known good configuration Restore complete site
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
SiteRecorder BenefitsSiteRecorder Benefits
Don't worry – protection is automatic Backups will always happen, even if you forget
Save time – recovery is easy Roll back to a version you like if a mistake is made Restore the complete site if a catastrophe happens
Know the truth – be sure what your web site looked like at any point in time
Satisfy your auditors – automatically alert them when you make a change
Save money - compared with the cost to recover your content the old way
Be prepared - if your building burns down, your content can be safe in another place
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
System RequirementsSystem Requirements
SiteRecorder Server Windows NT/2000/XP
Administrator Interface Windows 98/ME/NT/2000/XP
Monitored web sites Any operating system Any web server
Web site access FTP FrontPage Server Extensions Shared Folder
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
SiteRecorder CompetitionSiteRecorder Competition
Traditional back up solutions (e.g. Legato) Usually backs up only once per day No change notification No audit trail of all changes No remote monitoring No preview before restore Not optimized for web sites
Custom scripting Complex, requires much more training Not easily replicated to other sites
Web Site Content Protection Software Copyright 2001 Lockstep Systems, Inc.
SiteRecorder Questions?SiteRecorder Questions?
??
TDC Consulting 519-323-4784