Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2012 Gigamon. All rights reserved. The Dynamic World of Threat Detection, Containment & Response 1.

Published byKian Burry Modified over 10 years ago

Similar presentations

Presentation on theme: "© 2012 Gigamon. All rights reserved. The Dynamic World of Threat Detection, Containment & Response 1."— Presentation transcript:

1 © 2012 Gigamon. All rights reserved. The Dynamic World of Threat Detection, Containment & Response 1

2 © 2012 Gigamon. All rights reserved. Devices IT owned Data Contained Opportunities and Challenges The World of IT continues to evolve 2 Dynamic Infrastructure Static Management and Security Tools Network Fixed Mobile Servers Physical Applications In house Virtual User owned Cloud Limitless

3 © 2012 Gigamon. All rights reserved. Devices IT owned Data Contained Opportunities and Challenges The World of IT continues to evolve 3 Dynamic Infrastructure Static Management and Security Tools Network Fixed Mobile Servers Physical Applications In house Virtual User owned Cloud Limitless

4 © 2012 Gigamon. All rights reserved. Visibility: The Enabler for Security Anatomy of an Attack 4 Window of Exposure The Golden Hour Attack identified Alert & notification Early stage containment Damage & scale assessment Infrastructure wide response Second-wave detection Assessing the infrastructure Identifying targets Pilot probe attack Intrusion commences Cloaking starts Anomaly detected Information extraction Cloning & go mobile Cloaking complete Data extraction or manipulation Security established Elimination Attack commences

5 © 2012 Gigamon. All rights reserved. Two Architectures; Two Approaches Wall and Watch 5 Watch – out of bandWall – in band Limit the opportunities Block the known attacks Monitor traffic profiles Alert to anomalies Broad-scale monitoring Signature behavior Leverage multiple measures The front-line against the unknown Limitations Single point of failure Potential bottleneck Dependent upon Maintenance windows Risk of over-subscription Famine or Feast: SPAN or TAP Increasing tooling demand & expanding network scale Limitations Highly available architecture Line-rate performance Infrequent configuration changes Requirements Powerful filtering capability Multi-point triangulation The more pervasive, the greater the value Requirements

6 © 2012 Gigamon. All rights reserved. Two Architectures; Two Approaches Wall and Watch 6 Watch – out of bandWall – in band Highly available architecture Line-rate performance Infrequent configuration changes Requirements Powerful filtering capability Multi-point triangulation The more pervasive the greater the value Requirements Single point of failure Potential bottleneck Dependent upon Maintenance windows Limitations Risk of over-subscription Famine or Feast: SPAN or TAP Increasing tooling demand & expanding network scale Limitations

7 © 2012 Gigamon. All rights reserved. Two Architectures; Two Approaches Wall and Watch 7 Watch – out of bandWall – in band Single point of failure Potential bottleneck Dependent upon Maintenance windows Limitations Risk of over-subscription Famine or Feast: SPAN or TAP Increasing tooling demand & expanding network scale Limitations

8 © 2012 Gigamon. All rights reserved. Networks were Static and Simple 8 TOOLS Application Performance Security Network Management

9 © 2012 Gigamon. All rights reserved. Networks are Dynamic and Complex 9 TOOLS Application Performance Security Network Management

10 © 2012 Gigamon. All rights reserved. Application Performance Network Management Security TOOLS Networks demand a New Approach 10 CENTRALIZED TOOLS Application Performance Network Management Security

11 © 2012 Gigamon. All rights reserved. Packet Modification, Manipulation and Transformation GigaSMART The Fabric Intelligence 11 Dynamic power to control traffic selection Packet Identification, Filtering and Forwarding ToolsNetwork Flow Mapping Physical Virtual Application Performance Network Management Security Deduplication ABACCABACB ABC Packet Slicing A B C Time Stamp A B C

12 © 2012 Gigamon. All rights reserved. The Benefits of Visibility Fabric 12 Visibility Fabric Pervasive Simple Cost Effective Centralized Scalable Legacy Approach Limited Visibility Static Expensive Distributed Constrained

13 © 2012 Gigamon. All rights reserved. Tools Network Network ManagementApplication MonitoringSecurity Enabling Best-of-Breed Selections 13 The Middleware with Any Network, and Any Tool

14 © 2012 Gigamon. All rights reserved. The Advantages of Gigamon – GigaBPS Traffic offload – Application-aware traffic profile 14

15 © 2012 Gigamon. All rights reserved. The Demand is Clear 15 Independent Survey Results from December 2011

16 © 2012 Gigamon. All rights reserved. Wall – in band Visibility Fabric Addressing the Limitations 16 Single point of failure Potential bottleneck Dependent upon Maintenance windows Limitations Watch – out of band Risk of over-subscription Famine or Feast: SPAN or TAP Increasing tooling demand & expanding network scale Limitations Heartbeat monitoring Intelligent traffic distribution Establishes a Dynamic DMZ enabling rapid response Flow Mapping filtering Selective traffic forwarding Scalability to serve some of the largest networks on the planet

17 © 2012 Gigamon. All rights reserved. Thank you 17

Download ppt "© 2012 Gigamon. All rights reserved. The Dynamic World of Threat Detection, Containment & Response 1."

Similar presentations

Cloud Communications Ecosystem Panel Alan Bugos, Vice President of Technology October 15th, 2013.

Cloud Communications Ecosystem Panel Alan Bugos, Vice President of Technology October 15th, 2013.
Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.

Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.
1/17/20141 Leveraging Cloudbursting To Drive Down IT Costs Eric Burgener Senior Vice President, Product Marketing March 9, 2010.

1/17/20141 Leveraging Cloudbursting To Drive Down IT Costs Eric Burgener Senior Vice President, Product Marketing March 9, 2010.
Chapter 14 Intranets & Extranets. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES Introduction Technical Infrastructure Planning an Intranet.

Chapter 14 Intranets & Extranets. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES Introduction Technical Infrastructure Planning an Intranet.
Ethernet Switch Features Important to EtherNet/IP

Ethernet Switch Features Important to EtherNet/IP
1 An Update on Multihoming in IPv6 Report on IETF Activity IPv6 Technical SIG 1 Sept 2004 APNIC18, Nadi, Fiji Geoff Huston.

1 An Update on Multihoming in IPv6 Report on IETF Activity IPv6 Technical SIG 1 Sept 2004 APNIC18, Nadi, Fiji Geoff Huston.
Network Monitoring System In CSTNET Long Chun China Science & Technology Network.

Network Monitoring System In CSTNET Long Chun China Science & Technology Network.
1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.
Geneva, Switzerland, 17 October 2011 ITU Workshop on Service Delivery Platforms (SDP) for Telecommunication Ecosystems: from todays realities to requirements.

Geneva, Switzerland, 17 October 2011 ITU Workshop on Service Delivery Platforms (SDP) for Telecommunication Ecosystems: from todays realities to requirements.
0 - 0.

0 - 0.
Addition Facts 1 - 20.

Addition Facts
Visibility Fabrics for Measurement, Management and Security.

Visibility Fabrics for Measurement, Management and Security.
1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
Scalable Parallel Intrusion Detection Fahad Zafar Advising Faculty: Dr. John Dorband and Dr. Yaacov Yeesha 1 University of Maryland Baltimore County.

Scalable Parallel Intrusion Detection Fahad Zafar Advising Faculty: Dr. John Dorband and Dr. Yaacov Yeesha 1 University of Maryland Baltimore County.
Chapter 1: Introduction to Scaling Networks

Chapter 1: Introduction to Scaling Networks
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
1 Effective, secure and reliable hosted email security and continuity solution.

1 Effective, secure and reliable hosted security and continuity solution.
Barracuda Link Balancer Link Reliability and Bandwidth Optimization.

Barracuda Link Balancer Link Reliability and Bandwidth Optimization.
Heng Pan , Hongtao Guan, Junjie Liu (ICT, CAS)

Heng Pan , Hongtao Guan, Junjie Liu (ICT, CAS)
1. 2 August 2009 - Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.

1. 2 August Recommendation 9.1 of the Strategic Information Technology Advisory Committee (SITAC) report initiated the effort to create an Administrative.

Similar presentations

Ads by Google