close

Se connecter

Se connecter avec OpenID

Audit IBM i

IntégréTéléchargement
Université IBM i
IBM Power Systems - IBM i
10 et 11 mai 2016 – IBM Client Center de Bois-Colombes
S48 - Principes et mise en œuvre de l'audit sur IBM i
Mercredi 11 mai – 15h15-16h45
Pascal Thenon – Astech
 pthenon@astech.com
ou pthenon@gmail.com
 06.10.25.33.38
© IBM France 2016
IBM Power Systems - IBM i
Evaluation des Risques & Politique Sécurité
2
© IBM France 2016
IBM Power Systems - IBM i
N°1 : Traçabilité
© IBM France 2016
IBM Power Systems - IBM i
4
© IBM France 2016
IBM Power Systems - IBM i
5
© IBM France 2016
IBM Power Systems - IBM i
Agenda
 Audit : Fonctions IBM i
 Nouveautés V7R3
 Mise en œuvre
 Exploitation des données collectées
 Conclusion
 Annexes
6
© IBM France 2016
IBM Power Systems - IBM i
Audit IBM i :
Fonctions
7
© IBM France 2016
IBM Power Systems - IBM i
IBM i = intégration
DIrectory
File Serving
Batch
Systems Management
DBA Tools
Backup
Storage Management
Cluster
Auditing
Networking
Output
Virtual Machines
OLTP
Security
WebServices
Subsystems
8
© IBM France 2016
IBM Power Systems - IBM i
9
© IBM France 2016
IBM Power Systems - IBM i
10
© IBM France 2016
IBM Power Systems - IBM i
11
© IBM France 2016
IBM Power Systems - IBM i
12
© IBM France 2016
IBM Power Systems - IBM i
13
© IBM France 2016
IBM Power Systems - IBM i
14
© IBM France 2016
IBM Power Systems - IBM i
15
© IBM France 2016
IBM Power Systems - IBM i
16
© IBM France 2016
IBM Power Systems - IBM i
17
© IBM France 2016
IBM Power Systems - IBM i
18
© IBM France 2016
IBM Power Systems - IBM i
19
© IBM France 2016
IBM Power Systems - IBM i
20
© IBM France 2016
IBM Power Systems - IBM i
21
© IBM France 2016
IBM Power Systems - IBM i
Audit IBM i :
Nouveautés V7R3
22
© IBM France 2016
IBM Power Systems - IBM i
23
© IBM France 2016
IBM Power Systems - IBM i
24
© IBM France 2016
IBM Power Systems - IBM i
25
© IBM France 2016
IBM Power Systems - IBM i
26
© IBM France 2016
IBM Power Systems - IBM i
Audit IBM i :
Mise en oeuvre
27
© IBM France 2016
IBM Power Systems - IBM i
28
© IBM France 2016
IBM Power Systems - IBM i
29
© IBM France 2016
IBM Power Systems - IBM i
30
© IBM France 2016
IBM Power Systems - IBM i
31
© IBM France 2016
IBM Power Systems - IBM i
32
© IBM France 2016
IBM Power Systems - IBM i
33
© IBM France 2016
IBM Power Systems - IBM i
34
© IBM France 2016
IBM Power Systems - IBM i
35
© IBM France 2016
IBM Power Systems - IBM i
36
© IBM France 2016
IBM Power Systems - IBM i
37
© IBM France 2016
IBM Power Systems - IBM i
38
© IBM France 2016
IBM Power Systems - IBM i
39
© IBM France 2016
IBM Power Systems - IBM i
Audit IBM i :
Exploitation des
données collectées
40
© IBM France 2016
IBM Power Systems - IBM i
41
© IBM France 2016
IBM Power Systems - IBM i
42
© IBM France 2016
IBM Power Systems - IBM i
43
© IBM France 2016
IBM Power Systems - IBM i
44
© IBM France 2016
IBM Power Systems - IBM i
45
© IBM France 2016
IBM Power Systems - IBM i
46
© IBM France 2016
IBM Power Systems - IBM i
47
© IBM France 2016
IBM Power Systems - IBM i
48
© IBM France 2016
IBM Power Systems - IBM i
49
© IBM France 2016
IBM Power Systems - IBM i
50
© IBM France 2016
IBM Power Systems - IBM i
51
© IBM France 2016
IBM Power Systems - IBM i
52
© IBM France 2016
IBM Power Systems - IBM i
53
© IBM France 2016
IBM Power Systems - IBM i
54
© IBM France 2016
IBM Power Systems - IBM i
55
© IBM France 2016
IBM Power Systems - IBM i
56
© IBM France 2016
IBM Power Systems - IBM i
57
© IBM France 2016
IBM Power Systems - IBM i
58
© IBM France 2016
IBM Power Systems - IBM i
59
© IBM France 2016
IBM Power Systems - IBM i
60
© IBM France 2016
IBM Power Systems - IBM i
61
© IBM France 2016
IBM Power Systems - IBM i
62
© IBM France 2016
IBM Power Systems - IBM i
Conclusion
63
© IBM France 2016
IBM Power Systems - IBM i
Sécurité IBM i
 Vulnérabilités principales
– Pas d’Audit (ou pas assez)
– Valeurs système
– Profils
– Individuels / Groupe
– inactifs
–
–
–
–
–
–
Fonctions C/S
Mots de passe (expirés, défaut, « faibles »)
Copies multiples des données
Trop d’autorités (droits spéciaux)
IFS (partage de Root, …)
Vision partielle Sécurité « applicative »
 Du déni aux constats … avant les actions
64
© IBM France 2016
IBM Power Systems - IBM i
Conclusion
65
© IBM France 2016
IBM Power Systems - IBM i
Securité IBM i :
Annexes
66
© IBM France 2016
IBM Power Systems - IBM i
67
© IBM France 2016
IBM Power Systems - IBM i
68
© IBM France 2016
IBM Power Systems - IBM i
69
© IBM France 2016
Auteur
Документ
Catégorie
Без категории
Affichages
1
Taille du fichier
4 072 Кб
Étiquettes
1/--Pages
signaler