Presentation is loading. Please wait.

Presentation is loading. Please wait.

Next Generation Network Security Andrew Hoerner, Director, Product Marketing.

Similar presentations


Presentation on theme: "Next Generation Network Security Andrew Hoerner, Director, Product Marketing."— Presentation transcript:

1 Next Generation Network Security Andrew Hoerner, Director, Product Marketing

2 Confidential McAfee Internal Use Only Recent Customer Conversations… …Upgrading the data center… …Consumerization of IT… …Targeted attacks & Advanced Persistent Threats… …Visibility & control of applications… …Need more accurate IPS/IDS… …Guest & contractor access… …My firewall is EOL… …Security shouldnt be the brakes…

3 Confidential McAfee Internal Use Only Network Security Isnt Adapting to Change

4 Confidential McAfee Internal Use Only Changes Create Pressure Points, Complications Create Risk SaaS (Agility) 15%32% Outsource (Reduce CapEx) Virtualization (Reduce OpEx) 30% 49% Hosting (Better Quality) Mobile Web (Improve Productivity) 200% Projects Impacting NetworkComplications Targeted and Advanced Persistent Threats (APTs) Consumerization of IT Severe Economic Constraints

5 Confidential McAfee Internal Use Only 5 Evolving Threats Passive Layered Attack: exploit via drive-by-download Exploit, Infect Data leak C & C execute Propagate Insider Initiated Download SPAM, Search, Social Network, etc. Social Engineering: follow link to malicious site Insider Initiated Active Layered Attack: exploit targeted vulnerability Scan/Exploit - Server/vulnerability Infect, C&C Upgrade Propagate Outside Attacker Initiated

6 Confidential McAfee Internal Use Only Anatomy of an attack 6

7 Confidential McAfee Internal Use Only Anatomy of an attack Date: Tue, 10 Dec :58: (PDT) From: John Doe To: Subject: 7th Annual U.S. Defense Conference 7th Annual U.S. Defense Conference 1-2 Jan 2009 Ronald Reagan Building and International Trade Center Washington, DC Download 2009 Conference Preliminary Program (PDF) Download 2009 Conference Registration Form (PDF) Contact: John Doe Contractor Information Systems (703)

8 Confidential McAfee Internal Use Only Conventional Approach to Network Security Ticket Oriented ResolutionProtection Focused on Identifying Attack Packets Configuration Focused on FeaturesMulti-Vendor Strategies How to get to resolution? File tickets. Wait.How to protect? Find attack packets on wire How to implement policy? Rely on product features.Defense in Depth? Manage multiple silod products.

9 Confidential McAfee Internal Use Only The Maturity Model of Enterprise Security SECURITY OPTIMIZATION OPTIMIZED (~4% of IT Budget on Security) REACTIVE (~3% of IT Budget on Security) COMPLIANT/PROACTIVE (~8% of IT Budget on Security) TCO Security Posture

10 Confidential McAfee Internal Use Only Optimized Network Security Adapts to Change 10 RISK OPTIMIZATION Optimized spend ~4% Very low risk Compliant/Proactive spend ~8% of IT budget on security Medium risk Reactive spend ~3% of IT budget on security High risk Why has it been so challenging to reduce risk? 10 DYNAMIC Predictive and agile, the enterprise instantiates policy, illuminates events and helps the operators find, fix and target for response Tools Based Applying tools and technologies to assist people in reacting faster REACTIVE and Manual People only. No tools or processes. Putting out fires McAfee ePO integrated products, plus GRC and GTI Point products for System, network and data Reactive tools Firewalls Log analysis Trouble tickets Ineffective change control Ad hoc firewall rules Audit findings REACTIVE & MANUAL Point products IDS (compliance) SI/EM (logs) Structured firewall rule management Standard configurations Distributed consoles/mgmt Tedious audit preparation COMPLIANT Integrated tools IPS (threats) SI/EM (events) Automatic updates Automated firewall rule mgmt Centralized consoles/mgmt Streamlined compliance reports PROACTIVE Multi-layered, correlated solutions Predictive threat protection Policy-based control Proactive management Extensible architecture Automated compliance OPTIMIZED

11 Confidential McAfee Internal Use Only New Requirements for Optimized Network Security Ticket Oriented ResolutionProtection Focused on Identifying Attack Packets Configuration Focused on FeaturesMulti-Vendor Strategies Turn days of process into clicksCharacterize future threats today Focus on real organization, people, applications, usageIntegrated, collaborative, easily add new capabilities Proactive ManagementPredictive Threat Protection Policy-Based ControlExtensible Architecture

12 Confidential McAfee Internal Use Only When Optimized Low Effort, Low Risk Not Optimized High Effort, High Risk Protecting Critical Data Center from ZeuS Malware Benefit: Protection meets (and beats) hackers timelines, reduces alerts Predictive Threat Protection with IPS + GTI

13 Confidential McAfee Internal Use Only Controlling Google Calendar Use Before a Merger Benefit: No need to map network topology to user, protects critical data Policy-Based Control with Next Gen Firewall When Optimized Low Effort, Low Risk Not Optimized High Effort, High Risk

14 Confidential McAfee Internal Use Only Blocking Bot Command and Control Traffic Benefit: Eliminates days and weeks of effort while improving time to resolution Proactive Management in Action When Optimized Low Effort, Low Risk Not Optimized High Effort, High Risk

15 Confidential McAfee Internal Use Only McAfee: Optimized Network Security Solutions GLOBAL THREAT INTELLIGENCE ePO NBA Web IPSSIA NDLP Risk Advisor Firewall NAC Network IPS: Top selling, best performing Firewall: Most secure, new next gen features NAC: integrated with IPS NBA: cost-effective network visibility NDLP: more important than ever

16 Confidential McAfee Internal Use Only What It Takes to Make An Organization Safe Global Threat Intelligence. Address Mail Activity URL Sender Reputation Threat Reputation Network IPS Firewall Web Gateway Host AV Mail Gateway Host IPS 3rd Party Feed 300M IPS Attacks/Mo. 2B Botnet C&C IP Reputation Queries/Mo. 20B Message Reputation Queries/Mo. 2.5B Malware Reputation Queries/Mo. 300M IPS Attacks/Mo. Geo Location Feeds

17 Confidential McAfee Internal Use Only Optimized = Lower Total Cost of Ownership Summary of Financial Results Risk-Adjusted Return on Investment (ROI)142% Payback PeriodWithin 5 Months Total Costs (Present Value)($244,659) Total Cost Savings and Benefits (PV) $593,276 Total (Net Present Value)$348,617 Full Forrester TEI report based on McAfee customer data available here.here

18 Confidential McAfee Internal Use Only Optimized Network Security: Solves Root Issues, Symptoms Disappear

19 Confidential McAfee Internal Use Only While Weve Been Chatting… Our global sensor grid characterized 229 unique pieces of malicious or unknown code, based on: 570,000 file reputation queries460,000 IP reputation queries 69,000 attacks were stopped by McAfee IPS across all our customers Eliminated 64 trouble tickets and 8 critical escalations for our customers

20 Confidential McAfee Internal Use Only Thank you for your time 20 Questions? More info at:

21 Confidential McAfee Internal Use Only 21


Download ppt "Next Generation Network Security Andrew Hoerner, Director, Product Marketing."

Similar presentations


Ads by Google