Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.

Similar presentations


Presentation on theme: "Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models."— Presentation transcript:

1 Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models Virtualized Data Centers Minimize Business Risks from Cybersecurity Assets, Operations Product, Services IP, Reputation Support IT Initiatives Support Business Priorities Cloud Computing, SaaS, IaaS… Mergers and Acquisitions Outsourcing Data Center Consolidation Cost Control Private Cloud

2 A New Threat Landscape  Mostly addressed by traditional AV and IPS  Low sophistication, slowly changing  Machine vs. machine  Somewhat more sophisticated payloads  Evasion techniques often employed  Sandboxing and other smart detection often required  Intelligent and continuous monitoring of passive network-based and host-based sensors  Comprehensive investigation after an indicator is found  Highly coordinated response is required for effective prevention and remediation Commodity threats (very common, easily identified) Organized cybercrime (More customized exploits and malware) Nation state (Very targeted, persistent, creative) Advanced threat

3 Malware trends 1 minute = 2,021 instances 15 minutes = 9,864 instances 30 minutes = 45,457 instances After…. Actual new malware every < 3 seconds

4 Today Security Infrastructure… Best of Breed Products  Staffing and time to market  Operations  Accuracy Your investment in SIEM for normalisation of disparate solutions or as strategic asset to help break the Attack Lifecycle? Internet Network FW

5 Gather intelligence Plan the attack Exploit Silent infection Deliver malware Malicious file delivered C2 Malware communicates with attacker Steal data High-value intellectual property stolen The Cyber attack Lifecycle

6 Breaking the Attack Lifecycle at Multiple Points 1.Segment your network with a “zero-trust” model as the foundation for defense  Only allow content to be accessed  By a limited and identifiable set of users  Through a well-defined set of applications  Blocking everything else 2.Block all known threats:  Threat Prevention would have identified and stopped parts of the attack  Across known vulnerability exploits, malware, URLs, DNS queries  And command-and-control activity 3.Identify and block all unknown threats:  Using the Sandboxing Solution  Using Behavioral characteristics such as  Communicating over often-abused ports (139 or 445)  Using WebDev to share information,  Changing the security settings of Internet Explorer  Modifying Windows registries and many more 6 | ©2013, Palo Alto Networks. Confidential and Proprietary.

7 Breaking the Lifecycle at Every Possible Step 7 | ©2012, Palo Alto Networks. Confidential and Proprietary. App-ID URL IPS Spyware AV Files Unknown Threats Bait the end-userExploit Download Backdoor Command/Control Block high-risk apps Block known malware sites Block the exploit Block malware Prevent drive- by-downloads Detect 0-day malware Block new C2 traffic Block spyware, C2 traffic Block fast-flux, bad domains Block C2 on open ports 1 1 2 2 3 3 4 4

8 A New Breed of Malware 8 | ©2012, Palo Alto Networks. Confidential and Proprietary. 64% of malware found by Sandbox are not covered by traditional AV at time of detection 40% of malware still not covered after 7 days

9 Turning the Unknown into Known  Scans ALL applications (including SSL traffic) to secure all avenues in/out of a network, reduce the attack surface area, and provide context for forensics  Prevents attacks across ALL attack vectors (exploit, malware, DNS, command & control, and URL) with content-based signatures  Detects zero day malware & exploits using public/private cloud and automatically creates signatures for global customer base Identify & control Prevent known threats Detect unknown threats Rapid, global sharing All applications

10 Integrated = More Than the Sum of It’s Parts Prevent known threats Detect unknown threats Validate attackRemediate Vulnerability exploits (IPS) Malware Bad web sites Bad domains C&C Vulnerability exploits (IPS) Malware Bad web sites Bad domains C&C Unknown applications Suspicious file types / websites Global Intelligence Unknown applications Suspicious file types / websites Global Intelligence Bit9 Splunk More to come Bit9 Splunk More to come Apply positive controls Attack surface Non-standard ports Port-hopping SSL & SSH Non-standard ports Port-hopping SSL & SSH Malware intelligence Forensics Malware intelligence Forensics Centralised Management Enterprise-wide Policy

11 Summary  Evolution of your Network Security  It’s a new Threat Landscape  Need for an integrated approach  Traditional solutions no longer suffice  Focus on breaking the Attack Lifecycle, not just on the point- attack 11 | ©2013, Palo Alto Networks. Confidential and Proprietary.

12 12 | ©2012, Palo Alto Networks. Confidential and Proprietary.


Download ppt "Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models."

Similar presentations


Ads by Google