Presentation is loading. Please wait.

Presentation is loading. Please wait.

Application Usage and Risk Report 7 th Edition, May 2011.

Similar presentations


Presentation on theme: "Application Usage and Risk Report 7 th Edition, May 2011."— Presentation transcript:

1 Application Usage and Risk Report 7 th Edition, May 2011

2 About Palo Alto Networks Palo Alto Networks is the Network Security Company World-class team with strong security and networking experience - Founded in 2005, first customer July 2007 Builds next-generation firewalls that identify / control applications - Restores the firewall as the core of the enterprise network security infrastructure - Innovations: App-ID, User-ID, Content-ID Global footprint: 4,000+ customers in 70+ countries, 24/7 support

3 Applications Anytime, Anyplace! © 2010 Palo Alto Networks. Proprietary and Confidential.Page 3 |

4 Application Usage & Risk Report – May 2011 © 2010 Palo Alto Networks. Proprietary and Confidential.Page 4 |

5 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 5 | Methodology and Demographics Methodology - Analysis is based on live customer traffic – not a survey - How are networks being used? - What applications are running on enterprise networks? - What are the risks associated with the existing application mix? Demographics - 1,253 organizations worldwide, up from ,042 applications found, up from Exabytes of bandwidth

6 Key Findings Organizations are blind to hidden application traffic - More than 40% of the applications can use SSL or hop ports; consumes roughly 36% of the overall bandwidth Work is more social - Social networking and webmail use shows 5X growth, IM use doubled over the past 6 months File transfer applications: will history repeat itself? - Browser-based file-sharing adapting same characteristics as P2P © 2011 Palo Alto Networks. Proprietary and Confidential.Page 6 |

7 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 7 | Hidden application traffic 41% of the applications (433) found can use SSL or hop ports Consuming roughly 36% of overall bandwidth Only 43% use the browser Worldwide: Many Hidden Applications

8 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 8 | Can use SSL on 443 or any other port… 215 applications, 8% of bandwidth consumed Heavy emphasis on consumer, end-user applications; highest amount of business and security risk Many collaborative applications both business and personal Many P2P Filesharing, proxy, and social networking also fall into this group Examples: Most Google apps, Facebook, Twitter, several SW update apps

9 Can use SSL on 443 Only… Small group of applications (29) – includes SSL proper Consumes 14% of bandwidth Business: Webex, NetSuite, a range of software updates Non-business: Tor, party-poker, google-location-service © 2011 Palo Alto Networks. Proprietary and Confidential.Page 9 |

10 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 10 | Can use SSL on any port except 443… Small group of applications (18) and 1% of bandwidth Business applications include Cisco VPN and Microsoft Exchange Non-business applications include Gnutella and icq

11 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 11 | Can Hop Ports… 171 applications; 14% of the bandwidth consumed Filesharing (30), photo-video (24) and VoIP (21) are most common in this group SharePoint, NetFlow and many storage applications also fit this definition The darker side: P2P, gaming, some encrypted tunnel (hotspot-shield, gbridge)

12 Filesharing: Will History Repeat Itself? © 2011 Palo Alto Networks. Proprietary and Confidential.Page 12 | Browser-based filesharing; increasingly popular; more than 60 variants New business and security risks introduced through differentiation Premium service via a persistent client Repurposed technology: peer-to-peer, RTMPT

13 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 13 | Work Has Become More Social Social Networking and webmail show nearly 5X growth; IM use almost doubles Facebook, Linkedin, Twitter make up top 3 Facebook extends dominance; usage remains passive

14 Consumerization is driving business © 2011 Palo Alto Networks. Proprietary and Confidential.Page 14 |

15 Business Use of Social Networking Report : The state of corporate social media in 2011 from usefulsocialmedia.com. The majority of companies expect social media to become integrated into more than just marketing throughout % of the companies expect social media budgets to increase over The most common corporate social media use is for marketing (88%) and communications (93%). By the end of 2011, the biggest change in corporate use of social media will be the growth of companies using it for customer service (73%), employee engagement (59%) and product development (52%). © 2011 Palo Alto Networks. Proprietary and Confidential.Page 15 |

16 Summary Organizations are blind to SSL - and the amount of SSL in use is forecast to continue growing - Policy and controls must address this Social networking is making the workplace MORE social - Use continues to expand - It isn't replacing other modes of interaction – in fact, it may be helping them Browser-based filesharing is rapidly evolving – many now have the same characteristics as P2P - Some introducing clients, connecting peers - Will they introduce the same types of risks? © 2011 Palo Alto Networks. Proprietary and Confidential.Page 16 |

17 Applications Have Changed; Firewalls Have Not © 2011 Palo Alto Networks. Proprietary and Confidential.Page 17 | Need to restore visibility and control in the firewall BUT…applications have changed Ports Applications IP Addresses Users Packets Content The gateway at the trust border is the right place to enforce policy control Sees all traffic Defines trust boundary

18 Technology Sprawl & Creep Are Not The Answer More stuff doesnt solve the problem Firewall helpers have limited view of traffic Complex and costly to buy and maintain © 2011 Palo Alto Networks. Proprietary and Confidential.Page 18 | Internet Putting all of this in the same box is just slow

19 The Right Answer: Make the Firewall Do Its Job © 2011 Palo Alto Networks. Proprietary and Confidential.Page 19 | New Requirements for the Firewall 1. Identify applications regardless of port, protocol, evasive tactic or SSL 2. Identify users regardless of IP address 3. Protect in real-time against threats embedded across applications 4. Fine-grained visibility and policy control over application access / functionality 5. Multi-gigabit, in-line deployment with no performance degradation

20 © 2010 Palo Alto Networks. Proprietary and Confidential. Beware of Imitators………..

21 To Block or Not Block © 2010 Palo Alto Networks. Proprietary and Confidential.Page 21 |

22 Next Generation FW for Dummies at our Table © 2010 Palo Alto Networks. Proprietary and Confidential.Page 22 |

23 Thanks! Jeff Stiling © 2010 Palo Alto Networks. Proprietary and Confidential.Page 23 |

24 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 24 |


Download ppt "Application Usage and Risk Report 7 th Edition, May 2011."

Similar presentations


Ads by Google