We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byEmmalee Prow
Modified about 1 year ago
Network Access. Controlled. ™ Len Rosenberg Security Engineer Are You Exposed? Threat Protection with CounterACT
Network Access. Controlled. ™ © ForeScout Technologies, Inc. Identify, Prove and Stop Who’s Connecting to Your Network ? Right Now
Network Access. Controlled. ™ © ForeScout Technologies, Inc. Focus On The Source Of The Threat Stop Source Stop Attack Stop potential Damage Hackers Worm Propagating Sources Control to Ensure Appropriate Access In real-time Identifies Ownership of Device Measures Compliance Enforces Policies Identify, Prove and Stop Threats Before they Impact Network
Network Access. Controlled. ™ © ForeScout Technologies, Inc. CounterACT – Hacker/Worm The Revolutionary Key Hackers and Worms have no knowledge of LAN/Network resources. They have to aggressively perform reconnaissance to look for LAN/Network vulnerabilities to exploit. Proof Point 400+ Customers Trust to put into Auto-Block Mode
Network Access. Controlled. ™ © ForeScout Technologies, Inc. Malicious Source Performs Reconnaissance: Hackers and serious espionage Self propagating malware Propagates exponentially ? The CounterACT Monitors: Network service scans Queries to devices that DO NOT exist Queries to devices that DO NOT support the requested services Other high level recon activity ie. attempting multiple usernames or multiple passwords CounterACT – Hacker/Worm Step 1: Monitor Reconnaissance 12
Network Access. Controlled. ™ © ForeScout Technologies, Inc. ActiveResponse Responds to the Reconnaissance: With Uniquely marked, counterfeit information The Intruder cannot tell this is a mark Appears identical to legitimate network resources Mark is dynamic to the type of reconnaissance performed CounterACT – Hacker/Worm Step 2: Interaction 3
Network Access. Controlled. ™ © ForeScout Technologies, Inc. CounterACT Responds to the Reconnaissance: With Uniquely marked, counterfeit information The Intruder cannot tell this is a mark Appears identical to legitimate network resources Mark is dynamic to the type of reconnaissance performed CounterACT – Hacker/Worm Step 2: Interaction 3 Sheaths or Cloaks your network in bogus data
Network Access. Controlled. ™ © ForeScout Technologies, Inc. Malicious Source Attacks: Unknowingly attempts to gain access to network using the counterfeit resource CounterACT – Hacker/Worm Step 3: Identification CounterACT Has Proven the Attacker’s Malicious Intent: Immediately Without examining payload OR performing deep packet inspection Since there is NO legitimate reason for any user to attempt to gain access – no one has permission Malicious intent PROVEN beyond doubt 5 4 Never Affects Legitimate Network Traffic
Network Access. Controlled. ™ © ForeScout Technologies, Inc. Protection NOT Disruption CounterACT – Hacker/Worm Known Device/Person in infected - Only surgically block infected ports Non disruptive to other activities Unknown Device/Person is infected - Completely block users access - Disruptive to user Non disruptive to your network Zero-day Attack unfolding - Accuracy of IPS allows for automatic action - Disruptive to attacker Non disruptive to network staff IF: In Production Networks For Over Four Years
Network Access. Controlled. ™ © ForeScout Technologies, Inc. CounterACT Detects Every Device Determining if device is company owned or guest or contractor Without need for prior knowledge of device Interrogates All Devices For degree of security policy compliance Enforces real-time protection from self-propagating threats No quarantine by default requirement Enforcement Tailored To Violation Level of restriction matched to the exact degree of policy violation Avoiding needless interruption of user productivity Deploy & Enforce Without Disruptions No disruption to the network, IT staff and compliant users Automatically guiding non-compliant users into compliance UniversalDiscovery End Point X-Ray TailoredEnforcement NonDisruptive Network Access Control
Network Access. Controlled. ™ © ForeScout Technologies, Inc. Universal Discovery Enforce Policy on ALL Devices Clientless Since No Software/Code Required on Endpoints All Devices Detected Upon Network Connection Guests, Contractors, Printers, VoIP Devices, etc Applies to Local and Global Domain Users CounterACT CounterACT Works with Existing Domain Treats Domain or Non-Domain Users Differently in Accordance with Defined Policies Universal Discovery “Clientless solutions are typically the easiest to deploy, achieve broad protection and enforcement, and are the most scalable.” Jeff Wilson, Principle Security Analyst
Network Access. Controlled. ™ © ForeScout Technologies, Inc. Universal Discovery Manages Guest/Student Access Universal Discovery CounterACT Instantly Determines Whether the Device is Managed or a Guest/Student Depending on Policy in Place… Automatically Assign to a Guest/Visitor VLAN with Internet Access Prompt Visitor for Login to the Device to Conduct an In-Depth Interrogation Limit or Block Access
Network Access. Controlled. ™ © ForeScout Technologies, Inc. Tailored Enforcement Custom Fit To Your Business Needs Full Spectrum of Policy Enforcement Options Degree of Disruption Directly Related to Degree of Violation Maximum User Disruption is Reserved Only for Critical Violations Customized Policy Enforcement with CounterACT Business Dictates Level of Enforcement of Policy Violations Different Enforcement for Domain Users, Contractors and Guests Not Binary Provides Multiple Limited Disruption Enforcement Options End User Can Remain Productive While Minor Policy Violations are Addressed Turn off physical switch port Terminate unauthorized applications HTTP Browser Hijack Send Open Trouble Ticket Deploy a Virtual Firewall around an infected or non-compliant device
Network Access. Controlled. ™ © ForeScout Technologies, Inc. Non Disruptive Deploy NAC without Disruption Non Disruptive Non-Disruptive Deployment Not-Inline Deployment Ability to Deploy in/through Multiple Modes – Audit, Inform, Educate, Enforce Non-Disruptive Management NAC System Does Not Require Continual Monitoring Simple Format for Updating/Changing Policies HTTP Interrupt Automatically Informs User of Out-of-Policy Situations and Process to Self-Remediate and Return to Compliance without IT Intervention High Availability ensures NAC policies are always enforced Non-Disruptive Access Allows Contractors/Guests Access According to Policy Without Physical Adjustment to Network
Network Access. Controlled. ™ © ForeScout Technologies, Inc. CounterACT Non Disruptive Deployment Steps To Achieving NAC Deployment Without Network Disruption Inform All Connecting Devices of New Policy - Hijack Browser Session Upon Every New Connection - Force verification login from notification dialogue box Flexible Automatic Enforcement - Notify/Remediate/Limit Network Access/Quarantine/Deny Access Know Your Network - Level of Current Policy Compliance - Quality of Created Policy Engage Non Compliant End User Personally - With NetSend or Browser Hijack Notify End User of Specific Policy Violation, Using Their Name
Network Access. Controlled. ™ © ForeScout Technologies, Inc. CounterACT Non Disruptive Deployment Move Users To Compliance Without Effecting Productivity Deployment Timeline Level of Compliance Enforcement Number of Non-Compliant Devices Informed Users Achieve Compliance Before Sanctions are Imposed Enforcement is Limited to a Small Number of Policy Violators
Network Access. Controlled. ™ © ForeScout Technologies, Inc. Network Access Control Analyst Recommendations " NAC is too important a process to wait another two years, and many enterprises have heterogeneous environments anyway. If you are unable to implement infrastructure-based NAC by year-end 2007, begin now with either endpoint software-based or appliance-based NAC solutions, but develop a strategy for integrating these solutions with infrastructure-based NAC." “For mass-market broad deployment there is more than enough functionality in clientless solutions to create granular access policies that meet or exceed security and compliance requirements.” Jeff Wilson, Principle Security Analyst John Pescatore VP Distinguished Analyst “… All NAC projects should include the ability to establish baseline endpoints for malware and to quarantine infected devices before they gain network access.” Lawrence Orans, Research Director
Network Access. Controlled. ™ © ForeScout Technologies, Inc. ForeScout’s CounterACT Instantly Identifies Self-Propagating Threats Without disrupting legitimate network traffic Without requiring signatures Unmatched Accuracy – Trusted by over 400 customers in auto-block mode Provides Network Access Policy Enforcement Ensures all connecting devices are compliant with network security policies End users do not have to be affected by NAC deployment (unless non-compliant) Can easily determine access rights based upon domain membership Deploy Immediately w/o Fear of Network Disruption Non-inline architecture for straight forward integration with existing infrastructure Monitor and education modes provide simple way to bring users into compliance to reach degree of compliance desired before enforcement is turned on CounterACT is NAC at Work NAC that is customer driven, global deployment proven Cuts through confusion to provide a real “working” NAC solution Controlling Access
Network Access. Controlled. ™
Logical IT Security By Prashant Mali.
Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Common types of online attacks Dr.Talal Alkharobi.
Securing a Virtualized Environment Stefano Alei Senior Systems Engineer.
Field TDM Deck Optimize and Secure Your Core Infrastructure for Midsize Businesses.
HIPAA Security Awareness What You Need To Know. Training Overview This course will discuss the following subject areas: How this training relates to you.
Trends in Endpoint Security by Richard Lau Trends in Endpoint Security by Richard Lau 29 September 2005.
Windows 2008 Active Directory Configuration – Week 4 of 6 Microsoft Test: Mark McCoy MCSE, CNE, CISSP.
Network Security Workshop BUSAN 2003 Saravanan Kulanthaivelu
ViPNt ViPNet Product Presentation Infotecs GmbH 2008.
Dynamic Computing & Dynamic Threats Requires Dynamic Security.
How to secure an information security environment January 15, 2014 Lance P. Hawk CFE, CGEIT, CISA, CISM, CRISC
Version 4.1 CCNA Discovery 2– Chapter 7. Contents 7.1: ISP Services : TCP / IP Protocols 7.2: 7.3: DNS 7.3: 7.4: Application Layer Protocols 7.4.
John Clark COO, PCI Security and Compliance CCIA Fall Meeting – 7 th October 2011.
Presenter Mohamed K. Kamara. Presentation Topic Improving the Granularity of Access Control for Windows 2000 Granularity: Relative fineness to which an.
VMware vCenter Server High Availability Product Support Engineering VMware Confidential.
SECURITY AWARENESS. The Importance of Security Awareness Training Security Awareness Training provides the knowledge to protect information systems and.
Security Threats and Protection Mechanisms. Learning Objectives Internet security issues (intellectual property rights, client, communication channels,
© Copyright Ovum. All rights reserved. Ovum is a subsidiary of Informa plc. 1 Addressing “The BYOD Gap” Richard Absalom, Analyst, Consumer Impact Technology.
UNIT I FUNDAMENTAL OF E-COMMERCE 1.1INTRODUCTION TO E-COMMERCE 1.2 DRIVING FORCES OF E-COMMERCE 1.3 BENEFITS AND LIMITATIONS OF E-COMMERCE 1.4 DATA MINING.
Venkatesh Gopalakrishnan Group Program Manager Microsoft Corporation WSV305 Lambert Green Development Lead Microsoft Corporation.
National Safety Compliance, Inc. …because safety is never an accident… Presentation works best if displayed on a computer with an active internet connection.
Introduction to Network Security INFSCI 1075: Network Security Amir Masoumzadeh.
Oracle Service Bus. Oracle Service Bus Core Features By fusing the concepts of the ESB, message brokering, and operational services management into a.
What happened to IPv5? and other oft asked IPv6 questions The Internet Society, IPv6 and You Susan Estrada.
UNIT 2: Firewalls Content : Firewalls in general basic operation and architecture Main border firewalls using stateful inspection Screening firewalls.
© 2011 Verdasys, Inc. All Rights Reserved. CONFIDENTIAL AND PROPRIETARY - DO NOT REPRODUCE. Enterprise Information Protection When DLP is Not Enough? Graham.
© 2016 SlidePlayer.com Inc. All rights reserved.