Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Observations & Ideas from the field

Published byCody Curtis Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Observations & Ideas from the field"— Presentation transcript:

1 Security Observations & Ideas from the field
*Texas, Oklahoma, Arkansas Hank Johnson | Area Manager Oscar Grider Sales Representative Stephen Systems Engineer

2 What’s driving Security Spending ?
Upgrade of existing, aged equipment Consolidation of multiple point products Consolidation + New Security Features Compliance Redefinition of the Enterprise to include Locations Mobile A Good Offense is the Best Defense Advanced Threat Protection = Known & Unknown Reporting & Forensics = More Data & Visibility

3 Data : Dashboard , Detail & Forensics
Security Trends Security Readiness Data : Dashboard , Detail & Forensics Product Enterprise Security Strategies Monitor / React Proactive / Trend User Involvement ** Redefine the Enterprise: Remote sites & Mobile **Client Execs involved at a new level **

4 Let’s get serious – Shall We?

5 Security has been underfunded…
By other valid IT & Business Priorities including: IP Telephony / Unified Communications Storage & Server Virtualization ;Converged Computing SAP , Oracle, other applications SF.com & other CRM systems Cloud & Hybrid Data Center Initiatives Impact to Security: Most are in Catch Up Mode Security is “MainStream” Key issues: Personnel / Organizational Structure Policy ( Social media, Document Retention, Breach planning ) Strategy ( Current State to Future State ) Show up as entire paragraph 1 then 2

6 Start Here Self Assessment

7 Client Assessments: Work to be Done
1st Key Question: “Where am I today?” Follow up questions: Desired Future State First Priority What’s possible today Where do I start

8 High Level Security Planning Framework - 4 things Infrastructure
Threat Mobility Management & Visibility Knowing that business is dynamic and the threat landscape is dynamic….CP is centered in our innovation and our passion to deliver uncompromising security, performance, agility, etc….to ensure client success

9 More control & reporting
Infrastructure Consolidation is real but you own Architecture Firewall and VPN Software Blades IPS Software Blade Application Control Software Blade Identity Awareness Software Blade Antivirus & Anti-Malware Software Blade URL Filtering Software Blade DLP Software Blade Anti-Bot Software Blade Fewer Suppliers & Maintenance contracts More control & reporting

10 Granular Control of All Security Layers
Network Threat Prevention IPS Anti-Bot Antivirus Granular Visibility Mobile Access Mobile Access Sensitive Data DLP Internet Applications Usage SmartEvent Application Control URLF User Access Identity Awareness

11 Priority: Keep System Software Current
Check Point Research Industry Feeds Sensors & Sites Priority: Keep System Software Current We are feeding the ThreatCloud with many sources, both internal and external, and pushing security protections back to all Check Point products around the globe.

12 One of the most dynamic areas of Security
Threat Prevention

13 Known ( IPS / IDS / URL / App ) Unknown ( SandBox / Zero Day / APT )
& Mobile Reporting / Context / Forensics / Trending Knowing that business is dynamic and the threat landscape is dynamic….CP is centered in our innovation and our passion to deliver uncompromising security, performance, agility, etc….to ensure client success

14 We Spend Time and Budget On.. While Positioning for Future Challenges
TODAY’S INFRASTRUCTURE FUTURE ATTACK VECTORS Firewall VPN IPS Anti-Spam URL Filtering Anti-Virus DDoS Polymorphic Malware APTs Mobility 12B: FW – $4.9M IPS – $1M SWG - $1.6M Aspam – $1M AV ( EP) – $3.4M $400M FEYE – $260M ( ~65% organic growth from 2013 $160M) PAN – 12M Check Point - 24 Others – dambala, sourcefire Have the Platform Built 1st !!

15 Multi-Layer Threat Prevention
Industry Feeds Global Sensor Data Check Point Research Known Known ThreatCloud Emulation Service As threats have evolved so has our technology. Where threats are concerned, we are all in this fight together. We have created the largest collaborative threat prevention cloud that collects input from 100’s of check point researchers, industry feeds and our own Check Point gateway sensors, the most extensive in geography and deployment. We call it ThreatCloud. Once it collects the intelligence, it translates it into real-time protections that are implemented in the Check Point gateways to stop threats. We also have created an intelligence marketplace with TC IntelliStore that gives organizations more protection and access to unique intelligence feeds that may be relevant to their industry, geography or specific attack types. Beyond protecting against the known threats, we have also innovated to build threat emulation technologies so that we can protect you against unknown malware. Today, IPS, Antivirus and Anti-Bot are effective technologies against known malware. But hackers create variants to evade signature-based detection. To detect these unknown variants and to find zero-day attacks we run the malware in a virtual sandbox to detect and prevent these malicious files. As these unknowns are found and become known, we feed the information to our ThreatCloud and then update other gateways so that all of our customers have the most up to date protection. Unknown Known and Unknown Malware X X

16 “Threat” requires a holistic view
Managing Unknowns Sandbox Quarantine Emulation INSPECT EMULATE PREVENT SHARE “Threat” requires a holistic view ** New CPU level solution – Stop before threats get to the OS level. [Protected] Non-confidential content

17 Priority: Speed & Time to address major vulnerabilities
9 hrs Check Point 22 hrs Check Point 18 hrs Check Point Heart Bleed Shell Shock Poodle Lets see how fast check point patched the 3 major vulnerabilities of 2014 HeartBleed, Shell Shock & poodle TLS PAN TBD: PAN rest: Fortinet: Others ? Others? Others ?

18 You can’t manage what you can’t measure
Optics & Reporting

19 Management Security Management Event Management Log Management
Simplicity & Power in One Plate of Glass “Our evaluation of Global Management put the Check Point Security Gateway on top by a wide margin.” Network World – May 2012 Check Point Management is the “gold standard against which other consoles are measured.” Gartner 2013 Security Management Event Management Log Management Built-In Compliance Engine

20 SPOG Management & Visibility

21 360o Visibility of Network Security
Time shows topline security events Map shows origin of attacks and threats Let’s take a look at one view in our management console. This example shows top line information from multiple angles, including summary of critical attacks over time, geographic information on source or destination of attacks, lists of important events, and counts of events by type. Each of these views can be expanded to show more detail and exported as reports for additional analysis. Important security events highlighted Rate and frequency of potential attacks

22 Mobility

23 Today’s Mobile Solutions have Security Gaps
MDM = Management NOT Security Mobile Security Same policies as On Net APT protection Document Security Mgt & Reporting Script: Today organizations are trying to put together solutions to address these challenges. But, assembling independent, unrelated solutions to address all the mobile security challenges creates security gaps that leave the organization potentially vulnerable to threats. The main solutions today are predominantly focused on device management, and focus very minimally on actual device and data security. They may secure data that is in a container, but provide no security for documents once they leave the device. They don’t protect devices from threats, and do not prevent users from accessing potentially malicious websites and content. Companies are utilizing independent methods such as: Controlling access to devices, device management, file and disk encryption; and secure containers These independent methods do not provide a complete and unified solution that can protect organizations from the threats facing them today, or in the future, and they do not protect organizational data throughout its life, wherever it goes. How do you protect devices from THREATS? How do you protect DATA wherever it goes? [Restricted] ONLY for designated groups and individuals

24 Customers are still looking for a solution
of enterprises see mobile support to employees as critical priority 70% of firms see implementing a BYOD policy as critical priority 50% The State Of Enterprise Mobile Security, Q1 2014: Strategies Shift From Devices To Apps of large enterprises will have deployed technologies to secure access to enterprise resources by 2016 75% Forrester Gartner [Restricted] ONLY for designated groups and individuals

25 Has your mobile device been used …
To access Dropbox? By your kids? Facebook? Over 30% of parents let their kids use their corporate devices1 71% of adults over 18 have a Facebook account2 1 in 5 employees use consumer cloud storage for work documents3 Script: For a moment, think about your use of mobile devices and how you share data today. Has your mobile device been used by your children? Have you used your phone or tablet to access Facebook? Have you accessed Dropbox or another service to work on a project out of the office, or to share a file with a customer or fellow employee? As you can see from these statistics, these activities are not just passing fads. Mobile devices have become integral to our lives, and we unintentionally put our devices, data, and network at risk every day. 12013 Norton Report, Oct 2013, by Symantec 22013 Pew Research Center Internet Project Tracking Survey 3Nasuni Survey of 1300 business users as reported by GigaOm [Restricted] ONLY for designated groups and individuals

26 Infection or Loss … Easy as 1, 2, 3
UPLOAD FILES TO THE CLOUD SURF THE INTERNET FORGET DEVICE Script: Unfortunately, many of us don’t actively consider the risks associated with expanding use of mobile devices. Have you used your work devices at home or at a coffee shop or airport? When you or your children use your corporate device to access Facebook, online gaming websites, and other content, you may unintentionally access a malicious site, or download a virus. The next time you access your corporate network, you may unknowingly transfer that virus. Have you ever left your phone in a taxi? Over 4.5 million phones were lost or stolen last year. Lost or stolen employee phones can have significant consequences for the company especially when they contain sensitive customer data and corporate intelligence. Often times, when your device is lost or stolen, you will notify your company and they will wipe all data from your phone. But this has consequences for all your data on the phone, business AND personal. Have you ever used Dropbox to share/store a corporate file?  In over 85% of organizations, employees do use Dropbox. If you use Dropbox or another similar service, you unintentionally risk the confidentiality of your organizations information. That information is now no longer secure, and can be susceptible to cybercrime. ©2014 Check Point Software Technologies Ltd

27 Vision: Enterprise = 100% of the Enterprise
Mobile Security Single solution End to end protection APT protection Reporting & Forensics Intuitive UI See if there is a differnet one to show  hackers are touching everything Data center, mobility, ……? Over looking every element of the enterprise . Closing off the gaps Entire enterprise Script: Today organizations are trying to put together solutions to address these challenges. But, assembling independent, unrelated solutions to address all the mobile security challenges creates security gaps that leave the organization potentially vulnerable to threats. The main solutions today are predominantly focused on device management, and focus very minimally on actual device and data security. They may secure data that is in a container, but provide no security for documents once they leave the device. They don’t protect devices from threats, and do not prevent users from accessing potentially malicious websites and content. Companies are utilizing independent methods such as: Controlling access to devices, device management, file and disk encryption; and secure containers These independent methods do not provide a complete and unified solution that can protect organizations from the threats facing them today, or in the future, and they do not protect organizational data throughout its life, wherever it goes. Mobile Security must be part of the Strategy [Restricted] ONLY for designated groups and individuals ©2014 Check Point Software Technologies Ltd

28 The Internet So many points of entry! Connected via the internet
Data Center Internal Servers Remote offices Virtual Servers Cloud computing Remote workers Mobile devices

29 Final Thoughts The Issues are Real The Solutions are Many Assess – Plan – Execute For the entire Enterprise Hold the industry accountable Network / Idea share with others Don’t overthink it – get after it!

30 Everyone has a plan ‘till they get punched in the mouth Mike Tyson
So you have a track record market leadership With an excellent product but then “shellshock” happens or “poodle” or Heartbleed and I can go on That catches the entire industry vulnerable This is where the people come into play

31 Hank Johnson | Area Manager
Thank You ! Hank Johnson | Area Manager

32 Build a Plan ; Execute the Plan
Any Security Function NGFW NGTP SWG NGDP More URL Filtering Firewall IPS ID Awareness Anti-Virus App Control URL Filtering DLP GRC VPN App Control Anti-Bot Anti-Spam Anti-Virus Mobile Access Mobile Data Protection Threat Emulation Integration with OPSEC Central Management and Reporting Any Platform Appliances Open servers COTS Servers Virtual Cloud IAS and COTS servers 2012 Appliances

33 How do you view your Enterprise? How do you secure your Enterprise ?
©2014 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. 33

Download ppt "Security Observations & Ideas from the field"

Similar presentations

Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
© Blue Coat Systems, Inc. 2011. All Rights Reserved. APTs Are Not a New Type of Malware 1 Source: BC Labs Report: Advanced Persistent Threats.

© Blue Coat Systems, Inc All Rights Reserved. APTs Are Not a New Type of Malware 1 Source: BC Labs Report: Advanced Persistent Threats.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Www.cyberoam.com © Copyright 2012 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam Virtual UTM Our Products Unified Threat Management.

© Copyright 2012 Cyberoam Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam Virtual UTM Our Products Unified Threat Management.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.

© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
©2015 Check Point Software Technologies Ltd. 1 Dallas Data Connectors 2015 Hank Johnson, Area Manager Check Point Software Technologies SECURITY OBSERVATIONS.

©2015 Check Point Software Technologies Ltd. 1 Dallas Data Connectors 2015 Hank Johnson, Area Manager Check Point Software Technologies SECURITY OBSERVATIONS.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
The World's Most Secured Browsing Solution COCKPIT4i is a radically new, powerful solution that protects against the security risks posed by exposure to.

The World's Most Secured Browsing Solution COCKPIT4i is a radically new, powerful solution that protects against the security risks posed by exposure to.
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager
Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.

Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.
© 2004-2014. Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Srinivas L Technology Specialist – Security | Microsoft

Srinivas L Technology Specialist – Security | Microsoft
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Similar presentations

Ads by Google