We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byEmmalee Prow
Modified about 1 year ago
Network Access. Controlled. ™ Len Rosenberg Security Engineer Are You Exposed? Threat Protection with CounterACT
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. Identify, Prove and Stop Who’s Connecting to Your Network ? Right Now
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. Focus On The Source Of The Threat Stop Source Stop Attack Stop potential Damage Hackers Worm Propagating Sources Control to Ensure Appropriate Access In real-time Identifies Ownership of Device Measures Compliance Enforces Policies Identify, Prove and Stop Threats Before they Impact Network
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. CounterACT – Hacker/Worm The Revolutionary Key Hackers and Worms have no knowledge of LAN/Network resources. They have to aggressively perform reconnaissance to look for LAN/Network vulnerabilities to exploit. Proof Point 400+ Customers Trust to put into Auto-Block Mode
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. Malicious Source Performs Reconnaissance: Hackers and serious espionage Self propagating malware Propagates exponentially ? The CounterACT Monitors: Network service scans Queries to devices that DO NOT exist Queries to devices that DO NOT support the requested services Other high level recon activity ie. attempting multiple usernames or multiple passwords CounterACT – Hacker/Worm Step 1: Monitor Reconnaissance 12
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. ActiveResponse Responds to the Reconnaissance: With Uniquely marked, counterfeit information The Intruder cannot tell this is a mark Appears identical to legitimate network resources Mark is dynamic to the type of reconnaissance performed CounterACT – Hacker/Worm Step 2: Interaction 3
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. CounterACT Responds to the Reconnaissance: With Uniquely marked, counterfeit information The Intruder cannot tell this is a mark Appears identical to legitimate network resources Mark is dynamic to the type of reconnaissance performed CounterACT – Hacker/Worm Step 2: Interaction 3 Sheaths or Cloaks your network in bogus data
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. Malicious Source Attacks: Unknowingly attempts to gain access to network using the counterfeit resource CounterACT – Hacker/Worm Step 3: Identification CounterACT Has Proven the Attacker’s Malicious Intent: Immediately Without examining payload OR performing deep packet inspection Since there is NO legitimate reason for any user to attempt to gain access – no one has permission Malicious intent PROVEN beyond doubt 5 4 Never Affects Legitimate Network Traffic
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. Protection NOT Disruption CounterACT – Hacker/Worm Known Device/Person in infected - Only surgically block infected ports Non disruptive to other activities Unknown Device/Person is infected - Completely block users access - Disruptive to user Non disruptive to your network Zero-day Attack unfolding - Accuracy of IPS allows for automatic action - Disruptive to attacker Non disruptive to network staff IF: In Production Networks For Over Four Years
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. CounterACT Detects Every Device Determining if device is company owned or guest or contractor Without need for prior knowledge of device Interrogates All Devices For degree of security policy compliance Enforces real-time protection from self-propagating threats No quarantine by default requirement Enforcement Tailored To Violation Level of restriction matched to the exact degree of policy violation Avoiding needless interruption of user productivity Deploy & Enforce Without Disruptions No disruption to the network, IT staff and compliant users Automatically guiding non-compliant users into compliance UniversalDiscovery End Point X-Ray TailoredEnforcement NonDisruptive Network Access Control
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. Universal Discovery Enforce Policy on ALL Devices Clientless Since No Software/Code Required on Endpoints All Devices Detected Upon Network Connection Guests, Contractors, Printers, VoIP Devices, etc Applies to Local and Global Domain Users CounterACT CounterACT Works with Existing Domain Treats Domain or Non-Domain Users Differently in Accordance with Defined Policies Universal Discovery “Clientless solutions are typically the easiest to deploy, achieve broad protection and enforcement, and are the most scalable.” Jeff Wilson, Principle Security Analyst
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. Universal Discovery Manages Guest/Student Access Universal Discovery CounterACT Instantly Determines Whether the Device is Managed or a Guest/Student Depending on Policy in Place… Automatically Assign to a Guest/Visitor VLAN with Internet Access Prompt Visitor for Login to the Device to Conduct an In-Depth Interrogation Limit or Block Access
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. Tailored Enforcement Custom Fit To Your Business Needs Full Spectrum of Policy Enforcement Options Degree of Disruption Directly Related to Degree of Violation Maximum User Disruption is Reserved Only for Critical Violations Customized Policy Enforcement with CounterACT Business Dictates Level of Enforcement of Policy Violations Different Enforcement for Domain Users, Contractors and Guests Not Binary Provides Multiple Limited Disruption Enforcement Options End User Can Remain Productive While Minor Policy Violations are Addressed Turn off physical switch port Terminate unauthorized applications HTTP Browser Hijack Send Email Open Trouble Ticket Deploy a Virtual Firewall around an infected or non-compliant device
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. Non Disruptive Deploy NAC without Disruption Non Disruptive Non-Disruptive Deployment Not-Inline Deployment Ability to Deploy in/through Multiple Modes – Audit, Inform, Educate, Enforce Non-Disruptive Management NAC System Does Not Require Continual Monitoring Simple Format for Updating/Changing Policies HTTP Interrupt Automatically Informs User of Out-of-Policy Situations and Process to Self-Remediate and Return to Compliance without IT Intervention High Availability ensures NAC policies are always enforced Non-Disruptive Access Allows Contractors/Guests Access According to Policy Without Physical Adjustment to Network
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. CounterACT Non Disruptive Deployment Steps To Achieving NAC Deployment Without Network Disruption Inform All Connecting Devices of New Policy - Hijack Browser Session Upon Every New Connection - Force verification login from notification dialogue box Flexible Automatic Enforcement - Notify/Remediate/Limit Network Access/Quarantine/Deny Access Know Your Network - Level of Current Policy Compliance - Quality of Created Policy Engage Non Compliant End User Personally - With NetSend or Browser Hijack Notify End User of Specific Policy Violation, Using Their Name
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. CounterACT Non Disruptive Deployment Move Users To Compliance Without Effecting Productivity Deployment Timeline Level of Compliance Enforcement Number of Non-Compliant Devices Informed Users Achieve Compliance Before Sanctions are Imposed Enforcement is Limited to a Small Number of Policy Violators
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. Network Access Control Analyst Recommendations " NAC is too important a process to wait another two years, and many enterprises have heterogeneous environments anyway. If you are unable to implement infrastructure-based NAC by year-end 2007, begin now with either endpoint software-based or appliance-based NAC solutions, but develop a strategy for integrating these solutions with infrastructure-based NAC." “For mass-market broad deployment there is more than enough functionality in clientless solutions to create granular access policies that meet or exceed security and compliance requirements.” Jeff Wilson, Principle Security Analyst John Pescatore VP Distinguished Analyst “… All NAC projects should include the ability to establish baseline endpoints for malware and to quarantine infected devices before they gain network access.” Lawrence Orans, Research Director
Network Access. Controlled. ™ © 2000 - 2007 ForeScout Technologies, Inc. ForeScout’s CounterACT Instantly Identifies Self-Propagating Threats Without disrupting legitimate network traffic Without requiring signatures Unmatched Accuracy – Trusted by over 400 customers in auto-block mode Provides Network Access Policy Enforcement Ensures all connecting devices are compliant with network security policies End users do not have to be affected by NAC deployment (unless non-compliant) Can easily determine access rights based upon domain membership Deploy Immediately w/o Fear of Network Disruption Non-inline architecture for straight forward integration with existing infrastructure Monitor and education modes provide simple way to bring users into compliance to reach degree of compliance desired before enforcement is turned on CounterACT is NAC at Work NAC that is customer driven, global deployment proven Cuts through confusion to provide a real “working” NAC solution Controlling Access
Network Access. Controlled. ™
1 ForeScout Technologies Inc. Frontline Defense against Network Attack Tim Riley, Forescout.
All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.
© 2013 ForeScout Technologies, Page 1 © 2014 ForeScout Technologies, Page 1.
1 Network Admission Control to WLAN at WIT Presented by: Aidan McGrath B.Sc. M.A.
CCNA Security v2.0 Chapter 6: Securing the Local Area Network.
1. INTRUSION Intrusion Detection system Intrusion Preventation system 2.
CCNA Security v2.0 Chapter 5: Implementing Intrusion Prevention.
ForeScout Technologies Ayelet Steinitz, Product Manager April, 2003.
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Network security Product Group 2 McAfee Network Security Platform.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
1 Introduction to Honeypot, Botnet, and Security Measurement Cliff C. Zou 02/07/06.
Intrusion Detection Systems and Practices Chapter 13.
Web Application Protection Against Hackers and Security Vulnerabilities Barracuda Web Application Firewall.
February 2015 Andrew Noonan, SE ForeScout. © 2014 ForeScout Technologies, Page 2 Strong FoundationMarket LeadershipEnterprise Deployments #1#1 In business.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
Wireless Network Security. Why wireless? Wifi, which is short for wireless fi … something, allows your computer to connect to the Internet using magic.
Cosc 5/4765 NAC Network Access Control. What is NAC? The core concept: –Who you are should govern what you’re allowed to do on the network. Authentication.
Topic 5: Basic Security. Topic Review... This topic will cover: - Understand the networking threats. :> Describe the risks of network intrusion. :> Sources.
Role Of Network IDS in Network Perimeter Defense.
HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.
Lesson 11: Configuring and Maintaining Network Security MOAC : Configuring Windows 8.1.
Wireless Network Security. Access Networks Core Networks The Current Internet: Connectivity and Processing Transit Net Private Peering NAP Public Peering.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Eric Van Horn Cosc 356. Nearly every organization in todays era uses computers and a network to send, receive, and store information Very important.
A Layered Approach to Support Extranet Security Ralph Santitoro Director of Security Solutions - Nortel SUPERCOMM 2005 Panel 2 Session - June.
Security fundamentals Topic 10 Securing the network perimeter.
a crime committed on a computer network, esp. the Internet.
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
Hacker Zombie Computer Reflectors Target.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicPresentation_ID 1 Justin Rowling – Systems Engineer Protecting your network with Network Admission.
Copyright © 2008 Juniper Networks, Inc. 1 Juniper Networks Access Control Solutions Delivering Comprehensive and Manageable Network Access Control Solutions.
Lesson 19: Configuring Windows Firewall MOAC : Installing and Configuring Windows Server 2012.
eScan Total Security Suite with Cloud Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
1 Chapter 20: Firewalls Fourth Edition by William Stallings Lecture slides by Lawrie Brown(modified by Prof. M. Singhal, U of Kentucky)
Network Security Essentials Chapter 11 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Cryptography and Network Security Firewall Design Principles.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Lecture 11 Intrusion Detection (cont) modified from slides of Lawrie Brown.
© 2012 ForeScout Technologies, Page 1 Bob Reny, Sr. Systems Engineer Do you know NAC? Data Connectors - Vancouver 4/25/2013.
1 © 2004, Cisco Systems, Inc. All rights reserved IP Telephony Security Cisco Systems.
Morris Bennett Altman Director of Network Services Internet Security Officer Queens College, CUNY Are You Exposed? Network Security.
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 4 Vulnerability Assessment and Mitigating Attacks.
© 2017 SlidePlayer.com Inc. All rights reserved.