Presentation is loading. Please wait.

Presentation is loading. Please wait.

Next Generation Network Security

Published byDenzel Rawding Modified over 10 years ago

Similar presentations

Presentation on theme: "Next Generation Network Security"— Presentation transcript:

1 Next Generation Network Security
Andrew Hoerner, Director, Product Marketing Understanding McAfee Network Security Platform (formerly IntruShield) – Featuring the 10GigE Channel Partners and McAfee Sales © 2007 McAfee, Inc.

2 Recent Customer Conversations…
“Borderless network… Effectively extend trust boundaries? “100’s of new applications… See & control use?” “Data center project… Improve protection… Consolidate vendors?” “Advanced Threats (APTs, Botnets, Insider Risk) … Best practice prevention?” “…Upgrading the data center…” “…Consumerization of IT…” “…Targeted attacks & Advanced Persistent Threats…” “…Visibility & control of applications…” “…Need more accurate IPS/IDS…” “…Guest & contractor access…” “…My firewall is EOL…” “…Security shouldn’t be the brakes…”

3 Network Security Isn’t Adapting to Change
Symptoms Incident costs increasing Data center security under-performing Advanced Persistent Threats a concern Security policy hard to enforce Excessive IDS/IPS alerts Firewall rules hinder change management Frequent refresh of security hardware

4 Changes Create Pressure Points, Complications Create Risk
Projects Impacting Network Complications SaaS (Agility) 15% 32% Outsource (Reduce CapEx) Targeted and Advanced Persistent Threats (APTs) Virtualization (Reduce OpEx) 30% 49% Hosting (Better Quality) Consumerization of IT Mobile Web (Improve Productivity) 200% Severe Economic Constraints

5 Evolving Threats “Outside Attacker Initiated” “Insider Initiated”
Active Layered Attack: exploit targeted vulnerability Scan/Exploit - Server/vulnerability Infect , C&C Upgrade Propagate “Outside Attacker Initiated” Passive Layered Attack: exploit via drive-by-download Exploit, Infect Data leak C & C execute Propagate “Insider Initiated” Download Download SPAM, Search, Social Network, etc. Social Engineering: follow link to malicious site “Insider Initiated” 5

6 Anatomy of an attack

7 Anatomy of an attack Date: Tue, 10 Dec :58: (PDT) From: John Doe To: Subject: 7th Annual U.S. Defense Conference 7th Annual U.S. Defense Conference 1-2 Jan 2009 Ronald Reagan Building and International Trade Center Washington, DC Download 2009 Conference Preliminary Program (PDF) Download 2009 Conference Registration Form (PDF) Contact: John Doe Contractor Information Systems (703)

8 Conventional Approach to Network Security
Ticket Oriented Resolution Protection Focused on Identifying Attack Packets How to get to resolution? File tickets. Wait. How to protect? Find attack packets on wire Configuration Focused on Features Multi-Vendor Strategies How to implement policy? Rely on product features. Defense in Depth? Manage multiple silo’d products.

9 The Maturity Model of Enterprise Security
REACTIVE (~3% of IT Budget on Security) COMPLIANT/PROACTIVE (~8% of IT Budget on Security) OPTIMIZED (~4% of IT Budget on Security) TCO Security Posture SECURITY OPTIMIZATION

10 Optimized Network Security Adapts to Change
Optimized spend ~4% Very low risk Reactive tools Firewalls Log analysis Trouble tickets Ineffective change control Ad hoc firewall rules Audit findings REACTIVE & MANUAL Point products IDS (compliance) SI/EM (logs) Structured firewall rule management Standard configurations Distributed consoles/mgmt Tedious audit preparation COMPLIANT Integrated tools IPS (threats) SI/EM (events) Automatic updates Automated firewall rule mgmt Centralized consoles/mgmt Streamlined compliance reports PROACTIVE Multi-layered, correlated solutions Predictive threat protection Policy-based control Proactive management Extensible architecture Automated compliance OPTIMIZED Tools Based Applying tools and technologies to assist people in reacting faster Point products for System, network and data OPTIMIZATION RISK Compliant/Proactive spend ~8% of IT budget on security Medium risk DYNAMIC Predictive and agile, the enterprise instantiates policy, illuminates events and helps the operators find, fix and target for response McAfee ePO integrated products, plus GRC and GTI REACTIVE and Manual People only. No tools or processes. “Putting out fires” Reactive spend ~3% of IT budget on security High risk Why has it been so challenging to reduce risk? 10 10 10 10

11 New Requirements for Optimized Network Security
Ticket Oriented Resolution Proactive Management Protection Focused on Identifying Attack Packets Predictive Threat Protection Turn days of process into clicks Characterize future threats today Configuration Focused on Features Policy-Based Control Extensible Architecture Multi-Vendor Strategies Focus on real organization, people, applications, usage Integrated, collaborative, easily add new capabilities

12 Protecting Critical Data Center from ZeuS Malware
Predictive Threat Protection with IPS + GTI Malware infects websites Malware infects, McAfee Labs IDs, updates website reputations… Malware hits network …Threat dissected, analyzed… Wait on signature …Predictive action stops threat Apply signature, update signature Future variants covered Not Optimized High Effort, High Risk When Optimized Low Effort, Low Risk Benefit: Protection meets (and beats) hacker’s timelines, reduces alerts

13 Controlling Google Calendar Use Before a Merger
Policy-Based Control with Next Gen Firewall Identify M&A team User directory auto-imports groups… Map users to network address Profiler sees similar rule. 1 click to add. Avoid duplicate Create new rule (duplicate?) Hours or days to review, deploy Weeks to review, test, deploy. Repeat? New M&A members automatically added Not Optimized High Effort, High Risk When Optimized Low Effort, Low Risk Benefit: No need to map network topology to user, protects critical data

14 Blocking Bot Command and Control Traffic
Proactive Management in Action See Bot activity on network Right click to get details from management console Hours: open ticket w/ system team Right click to scan and patch Days: open ticket to plan outage/upgrade Visual view of traffic and connections Weeks: detailed review of network events Have a second cup of coffee Not Optimized High Effort, High Risk When Optimized Low Effort, Low Risk Benefit: Eliminates days and weeks of effort while improving time to resolution

15 McAfee: Optimized Network Security Solutions
GLOBAL THREAT INTELLIGENCE Risk Advisor NDLP Web ePO Firewall IPS NAC NBA SIA Network IPS: Top selling, best performing Firewall: Most secure, new next gen features NAC: integrated with IPS NBA: cost-effective network visibility NDLP: more important than ever 15

16 What It Takes to Make An Organization Safe Global Threat Intelligence
Reputation GTI Network Activity Geo-location Ports / Protocol Application Web Reputation . File Reputation Affiliations IP Address Domain URL Data Activity Sender Reputation Web Activity DNS Server Mail Activity Address Network IPS Firewall Web Gateway Host AV Mail Gateway Host IPS 3rd Party Feed 300M IPS Attacks/Mo. 2B Botnet C&C IP Reputation Queries/Mo. 20B Message Reputation Queries/Mo. 2.5B Malware Reputation Queries/Mo. Geo Location Feeds

17 Optimized = Lower Total Cost of Ownership
Summary of Financial Results Risk-Adjusted Return on Investment (ROI) 142% Payback Period Within 5 Months Total Costs (Present Value) ($244,659) Total Cost Savings and Benefits (PV) $593,276 Total (Net Present Value) $348,617 Full Forrester TEI report based on McAfee customer data available here.

18 Optimized Network Security: Solves Root Issues, Symptoms Disappear
Results Incident costs decreasing Data center security lower cost Advanced Persistent Threat protection Policy in business terms, easy to enforce IPS alerts minimized, staff re-allocated Firewall rules streamline change management Long life reduces CapEx for security hardware

19 While We’ve Been Chatting…
Our global sensor grid characterized 229 unique pieces of malicious or unknown code, based on: 570,000 file reputation queries 460,000 IP reputation queries 69,000 attacks were stopped by McAfee IPS across all our customers Eliminated 64 trouble tickets and 8 critical escalations for our customers

20 Email andrew_hoerner@mcafee.com
Thank you for your time Questions? More info at:

21 21

Download ppt "Next Generation Network Security"

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
1 Proofpoint, Inc. Proprietary and Confidential ©2010 Proofpoint Protection/Privacy Offering Proofpoint Privacy Accurately detect ePHI in e-mails Integrated.

1 Proofpoint, Inc. Proprietary and Confidential ©2010 Proofpoint Protection/Privacy Offering Proofpoint Privacy Accurately detect ePHI in s Integrated.
Nathan Labadie Systems Engineer, US-Central FireEye

Nathan Labadie Systems Engineer, US-Central FireEye
THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.

THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.
1 Effective, secure and reliable hosted email security and continuity solution.

1 Effective, secure and reliable hosted security and continuity solution.
Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
Applying Next Generation Security Principles to Todays Changing Networks.

Applying Next Generation Security Principles to Todays Changing Networks.
LeadManager™- Internet Marketing Lead Management Solution May, 2009.

LeadManager™- Internet Marketing Lead Management Solution May, 2009.
Is technology ubiquity a chance to re-connect security? Greg Day Director of Security Strategy.

Is technology ubiquity a chance to re-connect security? Greg Day Director of Security Strategy.
Security Life Cycle for Advanced Threats

Security Life Cycle for Advanced Threats
1 Dell World 2014 Dell & Trend Micro Boost VM Density with AV Designed for VDI TJ Lamphier, Sr. Director Trend Micro & Aaron Brace, Solution Architect.

1 Dell World 2014 Dell & Trend Micro Boost VM Density with AV Designed for VDI TJ Lamphier, Sr. Director Trend Micro & Aaron Brace, Solution Architect.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel

Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel
11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.

11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.
The Business Value of CA Solutions Ovidiu VALEANU Senior Consultant DNA Software – CA Regional Representative.

The Business Value of CA Solutions Ovidiu VALEANU Senior Consultant DNA Software – CA Regional Representative.
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE www.visible.com Holistic View of the Enterprise Business Development Operations.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
Boost your network security with NETASQ Vulnerability Manager.

Boost your network security with NETASQ Vulnerability Manager.
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

Similar presentations

Ads by Google