Presentation on theme: "Solidcore Harness the Power of Change John Sebes CTO Solidcore Systems, Inc. Case Study:"— Presentation transcript:
Solidcore Harness the Power of Change John Sebes CTO Solidcore Systems, Inc. Case Study:
Slide 2 Solidcore Proprietary and Confidential What Solidcore Does Situation Operations and Security are at a cross roads Business Drivers Frequent change is affecting IT service levels – including unknown and possibly malicious change Compliance initiatives stress IT/business linkage Key Insight Change drives complexity & cost! Frequency of changes Changes outside process Multi-org. change coordination The Solidcore Value Provides complete and proactive control of change in the production environment Works at the device-level and ties infrastructure change to IT processes and policies Augments existing configuration management and IT workflow systems
Slide 3 Solidcore Proprietary and Confidential Customer: PACE Profile: Pace Suburban Bus Service Pace Suburban Bus Service - 14th largest bus service in the U.S. - 1,500 employees buses Pace provides bus and van service for six Chicago- area counties MIS department has a centralized data center with limited support staff - performs large amounts of data analysis - responsible for software requests and communications - datacenter system maintenance
Slide 4 Solidcore Proprietary and Confidential Customer: PACE The Problem Servers needed patching every other day to try to stay one step ahead of all the security threats Need to provide 24x7 service availability - aren’t staffed for 24x7 Patching alone was stressing ability to maintain SLAs
Slide 5 Solidcore Proprietary and Confidential What are Pace’s Technical Requirements? Low on-going operational costs Scale deployments at fixed and predictable cost No policies or rules to setup No policies to update on an ongoing basis Reduce security related patch cycles Low performance overhead Minimize security risk Protection from malicious code execution Zero Day attacks, mass attacks worms, viruses, Trojans, etc Prevent internal threat Control what can be installed and run on remote systems.
Slide 6 Solidcore Proprietary and Confidential Why is Securing Pace’s Environment so Hard? Operational Effectiveness Current security products are operationally intensive, making scaling to large deployments expensive Performance overhead can be significantly high Operationally intensive “Patching” is becoming the solution of choice Risk Minimization Understanding prevalent level of risk for current investment Implemented policies do not keep pace with IT growth or Zero-day attacks, especially for remote/distributed systems Level of protection erodes over time. Internal threat is not accounted for
Slide 7 Solidcore Proprietary and Confidential Protecting Pace: What’s being Optimized? Deployment Scope with fixed ops cost (customization, tweaking, maintenance etc) per machine EvalPilotDepartment Enterprise Degree of Prevention/Detection AV HIPS
Slide 8 Solidcore Proprietary and Confidential Introducing S3 Security ™ S3 | security Solidcore Deploy & Forget Security No requirements for initial or on-going configuration, rules, signatures or learning Minimal Performance Overhead Installs easily with minimal system overhead Unauthorized Code Cannot Run Categorical protection from external threats including zero day attacks, mass attacks worms, viruses, and Trojans regardless of vector of attack Internal Threat Protection Maintains administrative flexibility while protecting authorized software configuration Operations-centric security based on change control
Slide 9 Solidcore Proprietary and Confidential Protecting Pace: Protection with Fixed Ops Cost Deployment Scope with fixed ops cost (customization, tweaking, maintenance etc) per machine EvalPilotDepartment Enterprise Degree of Prevention/Detection AV HIPS S3 Security
Slide 10 Solidcore Proprietary and Confidential Solidcore’s Innovation: Solidification ™ Solidified Production Mode Control Assured 2 Initial Solidification Initial System Inventory Created 1 Solidified Production Update Mode Updated System Inventory 3 Updated Solidified Production Mode Control Assured 4 Enable Update Mode Disable Update Mode Identify Disk Image Current, Gold or Audited Image 0 Deployment State Production State
Slide 11 Solidcore Proprietary and Confidential S3 Security is Practical Solidification ™ “Deploy and Forget Protection” No initial and on-going configuration No false positives or negatives Practically no performance overhead Very small footprint
Slide 12 Solidcore Proprietary and Confidential Customer: PACE The Solidcore Value "Solidcore is a godsend.” Bob Lescaleet, MIS department manager at Pace Suburban Bus Service With Solidcore, if patching is needed, it can be done on Pace’s schedule. Solidcore’s installation was a breeze and, once running, is transparent to operators.
Slide 14 Solidcore Proprietary and Confidential Prevention & Detection with Solidcore KeyExample Full Capability Partial Capability Understanding Risk Prevention % of Attacks Extent of Damage Types of AttacksHIDSAVHIPSSolidificationExample --Strategic like IP theft Internal Threat Planting Backdoor, turning prevention off <2%Authorized Code bad behavior FTP application can be used to overwrite a system file. PeopleSoft can upload a sw and then run it. 95%Wide- spread Unauthorized Code ZotoB, SQL Slammer etc Buffer Overflow, Denial of Service etc <2%--Known bad code (signature) Detection HIDSAVHIPSSolidification BreadthHigh--HighMedium AccuracyLow--LowHigh