Presentation is loading. Please wait.

Presentation is loading. Please wait.

2015 Security Conference Ash Patel Intel Security.

Published byChristine McLaughlin Modified over 8 years ago

Similar presentations

Presentation on theme: "2015 Security Conference Ash Patel Intel Security."— Presentation transcript:

1 2015 Security Conference Ash Patel Intel Security

2 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Top of Content Box Line Subtitle Line Title Line ​ McAfee Next Generation Firewall ​ and Security Connected Threat Ecosystem ​ ~ Logicallis Security Conference 2015 Ashish Patel – Network Security Regional Director

3 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Threats Are Getting Through 469,000 Unique Malware Samples Discovered Weekly 83% Organizations hit by Advanced Persistent Threats Mobile malware grew 30% with 99% Android targeted Root Kit Attacks Return to Growth Subverting Digital Signatures Becoming More Common Fastest Growing Non-mobile Malware Is Ransomware Advanced Evasion Techniques Use Growing to Get Old/New Malware Through Legacy Defenses

4 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. “Connected” NGFW Performance Enhanced NGFW First NGFW Firewall & NGFW Evolution 4 Connected to endpoint security Connected to SIEM Connected to advanced threat detection Connected to real-time global threat database Central management for large networks High availability Advanced evasion protection Inspection Application and user awareness Traditional FW Completeness of Security 2012 20142013 2008 1988

5 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. “ ” Albert Einstein INSANITY: doing the same thing and expecting different results. “ ” We cannot solve our problems with the same thinking we used when we created them. over and over again

6 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. McAfee Differentiators 6 Unified Software Core Strong Centralized Management High Availability Advanced Evasion Prevention Security Connected

7 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. McAfee Differentiators 7 Unified Software Core Strong Centralized Management High Availability Advanced Evasion Prevention Security Connected

8 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. McAfee NGFW part of the ecosystem Security Connected Integrations 8 Information exchange between network, endpoint and global threat information for superior protection McAfee Advanced Threat Defense Superior malware detection against zero-day threats McAfee ESM (SIEM) Continuous monitoring of the whole network security including NGFW McAfee endpoint Visibility to endpoint Endpoint information use in policy enforcement McAfee Global Threat Intelligence Comprehensive threat information for file reputations McAfee NGFW

9 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. 300M IPS attacks/mo. attacks/mo. 2B botnet C&C IP reputation queries/mo. 20B message reputationqueries/mo. 2.5B malware reputationqueries/mo. 300M IPS attacks/mo. NetworkIPS Firewall WebGatewayHostAVMailGatewayHostIPS 3rd Party Feed Geo location feeds Network Activity Affiliations Ports/Protocol IP Address Web Reputation URL Web Activity Sender Reputation Mail Activity Email Address File Reputation DNS Server ApplicationDomain Data Activity Geo-location THREAT REPUTATION Global Threat Intelligence

10 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. 300M IPS attacks/mo. attacks/mo. 2B botnet C&C IP reputation queries/mo. 20B message reputationqueries/mo. 2.5B malware reputationqueries/mo. 300M IPS attacks/mo. NetworkIPS Firewall WebGatewayHostAVMailGatewayHostIPS 3rd Party Feed Geo location feeds THREAT REPUTATION Global Threat Intelligence

11 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. McAfee Differentiators 11 Unified Software Core Strong Centralized Management High Availability Advanced Evasion Prevention Security Connected

12 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Flexible Delivery Unified Software Core 12 Adjustable security levels support a wide variety of deployment scenarios Performance levels are maintained even with deep packet inspection enabled NEXT GENERATION FIREWALL FIREWALL LAYER 2 FIREWALL IPS MILITARY GLOBAL ENTERPRISE COMMERCIAL SMB VPN SOFTVIRTUALPHYSICAL McAfee

13 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. McAfee Differentiators 13 Unified Software Core Strong Centralized Management High Availability Advanced Evasion Prevention Security Connected

14 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Enabler for accuracy, efficiency and better use of time Single Pane of Glass for Security Management 14 McAfee Security Management Center (SMC) FW / VPN IPS L2FW NGFW ONE UNIFIED APPLIANCE LOCATIONS PLATFORMS --- Virtual (cloud) Physical Hybrid McAfee ESM McAfee EIA McAfee ePO SECURITY CONNECTED

15 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Initial configuration pushed from cloud Plug-and-Play Deployment for remote site rollouts Efficient Centralized Management 15 Preconfigured Call home Policy push from the SMC Initial configurations uploaded Connect to Installation Cloud Cut deployment time from weeks and days to minutes McAfee SMC McAfee NGFW

16 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. McAfee Differentiators 16 Unified Software Core Strong Centralized Management High Availability Advanced Evasion Prevention Security Connected

17 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. WHY WORRY TODAY? How do AETs score against leading next generation network security products? 7 TEST CASE (Conficker worm) AET-BORNE ATTACKS SUCCEEDED (undetected) Divide exploit in IP fragments 70% Divide exploit in TCP segments 90% Using grey areas of protocols to hide the exploit 90% Change byte encoding methods 40% TCP segmentation and re-ordering 80% TCP segmentation and re-ordering + urgent data 90% Sending TCP payload with old timestamps (PAWS) 80%

18 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. DEFINITIONS APT EVASIVE & ADVANCED MALWARE FOR HOST-BASED ATTACKS Evasive & advanced malware NETWORK-BASED ADVANCED EVASION TECHNIQUES AET ADVANCED PERSISTENT THREAT “A highly motivated attacker implementing a targeted attack. Uses multiple hacking methods and advanced malware in order to penetrate, and stay stealthy, for a long period of time. Often uses AETs to improve the penetration success rate.” “Any kind of malware designed and developed to operate and stay undetected while it has penetrated end points and target hosts.” “A specific hacking technique that has been developed to bypass all security devices and deliver a malicious code or exploit to its target undetected. AETs can be used to deliver known and unknown exploits and malicious content.

19 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. When buying and developing new exploits hackers can improve ROI substantially by using AETs. They can also recycle existing malicious payloads by using AETs. IMPROVE ROI AETs SUPPORT THE HACKER BUSINESS CASE ACCESS ALL AREAS DO NOT GET CAUGHT By using AETs hackers can penetrate deep into the network. … and they can do it undetected, with stealth.

20 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Fundamental Difference in Traffic Inspection Advanced Evasion Prevention 20 Traditional Inspection Architecture ta t a ? McAfee NGFW Stream-Based Full Stack Normalization Protocol agents ta ck at ck attack !

21 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Advanced Evasion Prevention - evader.mcafee.com Device Testing 21 With Evader getting access to the “protected” network is as simple as: Select the Exploit 1 Identify Attack Target 2 Cisco Palo Alto Networks Check Point Fortinet Juniper SourceFire Tipping Point Select the Evasion Technique 3

22 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. McAfee Differentiators 22 Unified Software Core Strong Centralized Management High Availability Advanced Evasion Prevention Security Connected

23 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. High Availability 23 Risk mitigation vs. resilience Full Stack Resilience enabling business continuity Clustering / load balancing Site resilience enabling in-service upgrades Service Provider Link / VPN failovers Connectivity resilience Management HA Management resilience

24 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Native Active-Active Clustering High Availability 24 Node 1 Node 6 …16 Node 2Node 3 Node 5Node 4 Mix of hardware and software versions “I can upgrade a FW cluster without dropping a single packet” – McAfee NGFW customer Internet

25 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Cost-effective alternative to MPLS with security included High Availability Augmented VPN for enterprise level site-to-site connectivity 25 8 Mbps = up to 24 Mbps + HQ Distant Site + MPLS ADSL ISP A ISP B

26 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. McAfee Differentiators 26 Unified Software Core Strong Centralized Management High Availability Advanced Evasion Prevention Security Connected

27 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Perfect fit for various locations and hybrid environments McAfee Next Generation Firewall Portfolio 27 Branch office Ruggedized appliance Wet, dust, shock proof design Temperature hardened Desktop appliances Modular and fixed designs Integration of access technologies Rack installable appliances Modular and adaptable High speed interfaces Virtual and software appliances High system performance Support for various platforms Unified platform, full NGFW functionality

28 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. “McAfee Next Generation Firewall does 99% of our network configuration, reducing what used to take hours to minutes.” –Julian Dyer COBWEB, Chief Technical Officer 28

29 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. See more from www.mcafee.com/ngfw Certified and Validated by 3 rd Parties 29 Certifications Validations

30 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. Extends the Connected Firewall capabilities by connecting the Firewall with End-Point Intelligence Provides new flexibility to Virtualized Data Centers

31 Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle Line Title Line Right Margin LineLeft Margin Line. 31

32

Download ppt "2015 Security Conference Ash Patel Intel Security."

Similar presentations

Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
Stonesoft Roadmap WHAT FEATURES WILL COME IN 2013-2014.

Stonesoft Roadmap WHAT FEATURES WILL COME IN
Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.

Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.
Www.cleo.com Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.

Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Cyber Threats: Industry Trends and Actionable Advice Presented by: Elton Fontaine.

Cyber Threats: Industry Trends and Actionable Advice Presented by: Elton Fontaine.
Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.

Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.
Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.

Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.
Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel

Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel
Top of Content Box Line Subtitle Line Title Line Ruslans Barbasins| Territory Manager – CIS, Central Asia, Caucasus Leading The World Into Connected Security.

Top of Content Box Line Subtitle Line Title Line Ruslans Barbasins| Territory Manager – CIS, Central Asia, Caucasus Leading The World Into Connected Security.
Top of Content Box Line Subtitle Line Title Line Right Margin Line Wearables: Panacea or Pandora’s Box – A Security Perspective Gary Davis | Chief Consumer.

Top of Content Box Line Subtitle Line Title Line Right Margin Line Wearables: Panacea or Pandora’s Box – A Security Perspective Gary Davis | Chief Consumer.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.

Highly Available Central Services An Intelligent Router Approach Thomas Finnern Thorsten Witt DESY/IT.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.

Similar presentations

Ads by Google