HP ProCurve Alliance + Dr Carl Windsor CISSP Major Account Manager

Slides:



Advertisements
Similar presentations
Network Systems Sales LLC
Advertisements

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
True Unified Threat Management
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Lisa Farmer, Cedo Vicente, Eric Ahlm
Presented by Serge Kpan LTEC Network Systems Administration 1.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Department Of Computer Engineering
Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.
Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
PROJECT PAPER ON BLUEFIRE MOBILE SECURITY. BY PONNURU VENKATA DINESH KUMAR STUDENT ID # A0815 PROFESSOR – VICKY HSU CS-426.
ShareTech 2015 Next-Gen UTM.
Common Devices Used In Computer Networks
Dual WAN Router Brand & Marketing MGMT Dept DrayTek Corp Vigor2912 Series 14 th Jan Based on f/w RC4.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Applied Watch Technologies The Enterprise Open Source Security Infrastructure open.freedom Go ahead. Be free.
7400 Samsung Confidential & Proprietary Information Copyright 2006, All Rights Reserved. -0/17- OfficeServ 7400 Enterprise IP Solutions Quick Install Guide.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Security fundamentals Topic 10 Securing the network perimeter.
Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis  Match the technologies used with the security need  Spend time and resources covering the most.
IS3220 Information Technology Infrastructure Security
Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY Intrusion Detection and Incidence Response Course Name – IT Intrusion Detection and Incidence.
Some Great Open Source Intrusion Detection Systems (IDSs)
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Cosc 5/4765 NAC Network Access Control. What is NAC? The core concept: –Who you are should govern what you’re allowed to do on the network. Authentication.
Security fundamentals
Barracuda NG Firewall ™
Network Admission Control: A Survey of Approaches Educause 2008
Fortinet Unified Threat Management ProCurve Open Network Ecosystem
CompTIA Security+ Study Guide (SY0-401)
ProCurve Network Immunity Solution NPI Sales Training Pervasive intelligent threat defense for a highly available network Presenter Date.
Network Security Solution
UTM Content Security Gateway
Proventia Network Intrusion Prevention System
Top 5 Open Source Firewall Software for Linux User
PCNSE7 Palo Alto Networks Certified Network Security Engineer
Working at a Small-to-Medium Business or ISP – Chapter 8
Internal test : Confidential 224B Port Quarantine Simple test
Configuring Windows Firewall with Advanced Security
Real-time protection for web sites and web apps against ATTACKS
Intrusion Prevention Systems
Securing the Network Perimeter with ISA 2004
Kiyoshi Kodama, SE Japan 07-Oct-2008
Click to edit Master subtitle style
Threat Management Gateway
CompTIA Security+ Study Guide (SY0-401)
Information Security Session October 24, 2005
Sizing …today. T: Here’s how. .
Intrusion Detection system
Network hardening Chapter 14.
Firewalls Chapter 8.
Intel Active Management Technology
Hosted Security.
AT&T Firewall Battlecard
Presentation transcript:

HP ProCurve Alliance + Dr Carl Windsor CISSP Major Account Manager cwindsor@fortinet.com February 2008

What is the HP ProCurve Alliance? Membership alliance program run by HP ProCurve to offer customers security and mobility solutions with interoperability with HP ProCurve products Members are Fortinet, Mitel, AirWave, DVTel and ShoreTel Fortinet Confidential 2

Why ProCurve? Complete portfolio of LAN, WAN, WLAN segments Strong product features, combined with very cost-effective pricing ProCurve provides Industry Standard Solutions Best Warranty in the Industry Lifetime hardware warranty Free phone support Free software updates

Why ProCurve? - Synergies with Fortinet Cisco growing presence in the security space Traditionally Cisco has taken a “build everything” approach ProCurve provides an attractive alternative to Cisco ProCurve will establish alliances to build up security functionality ProCurve and Fortinet are leaders in their respective industries Opportunity for Fortinet to grow its presence in new markets

Why Fortinet? - Synergies with ProCurve External threat protection UTM feature set (Firewall, IPS, VPN, Anti-virus, Anti-spam, Content Filtering) Internal threat protection IDS/IPS Broad portfolio of UTM appliances and management tools SMB to Enterprise level solutions UTM appliances are interoperable with ProCurve Network Immunity Manager

Why ProCurve and Fortinet? Unified Threat Management Network Deployment Location Edge – Users Connect Distribution – Aggregation Core & Data Center Perimeter Distribution All deployment scenarios Security Functionality NBAD (via sFlow) L2/L3 Switching VoIP Firewall, IPS, Antivirus, Antispyware, Antispam, IM/P2P Control, Web Filtering Complete security from L3-L7 plus application layer +

Network Immunity Manager Standalone Detection Analysis Duplicate IP IP spoofing IP fan out DNS tunneling Packet size deviation used Protocol anomalies TCP/UDP Fan out ProCurve Manager Network Immunity Manager NBAD/sFlow based virus alert sFlow samples Possible Virus or attack identified by anomaly engine Per port response, Reconfiguration of switch The Network Immunity (NI) Manager is a plug in to PCM and is on a server Virus detection The ProCurve switches send sampled traffic using sFlow technology to the NI Manager which runs NBAD (Network Behavior Anomaly Detection) on the data to detect virus attacks The NI Manager can also accept virus alerts from switches running Virus Throttle Response The Network Immunity Manager can respond to a virus attack by reconfiguring the switch to take the actions listed on the slide on the source port of the attack Risk that traffic is misidentified Response Methods Quarantine VLAN Offender MAC lockout Offender port shutdown Offender port rate limiting Offender port mirroring for deeper analysis Enable sflow at the offender port Email notification Network switches

Network Immunity Manager with FortiGate One Arm IPS Detection Analysis Duplicate IP IP spoofing IP fan out DNS tunneling Packet size deviation used Protocol anomalies TCP/UDP Fan out ProCurve Manager Network Immunity Manager NBAD/sFlow based virus alert sFlow samples IDS/AV alert Possible Virus or attack identified by anomaly engine Traffic correctly identified One-Arm IPS Build Per port response, Reconfiguration of switch The Network Immunity (NI) Manager is a plug in to PCM and is on a server Virus detection The ProCurve switches send sampled traffic using sFlow technology to the NI Manager which runs NBAD (Network Behavior Anomaly Detection) on the data to detect virus attacks The NI Manager can also accept virus alerts from switches running Virus Throttle Response The Network Immunity Manager can respond to a virus attack by reconfiguring the switch to take the actions listed on the slide on the source port of the attack The NBAD software detects viruses but it does not detect the virus using virus signature file matching like and IDS/IPS security appliance An IDS/IPS virus signature file match provides a high confidence a known virus is present and it provides the name of known viruses while NBAD software provides broad coverage and detection of zero day attacks (new viruses) If a virus signature file match is desired for known viruses, a customer has the option to have the NI Manager configure the switch to remotely mirror suspect traffic as identified by the NBAD software to an IDS/IPS/UTM security appliance that can perform a virus signature file match and then generate a virus alert to the NI Manager that will then respond (the security appliance must be in IDS mode and be connected to a ProCurve switch that supports remote mirroring) A IDS/IPS appliance is in IDS (intrusion detection system) mode if it is just monitoring traffic that’s mirrored to it to detect viruses, it’s in IPS (intrusion prevention system) mode if it’s inline as a bump in the wire to detect viruses and then block traffic to prevent the spread of the virus. Mirror Suspect Traffic Response Methods Quarantine VLAN Offender MAC lockout Offender Port shutdown Offender Port rate limiting Offender Port Mirroring for deeper analysis Enable sflow at the offender port Email notification Network switches

Network Immunity Manager with FortiGate Inline Detection Analysis Duplicate IP IP spoofing IP fan out DNS tunneling Packet size deviation used Protocol anomalies TCP/UDP Fan out ProCurve Manager Network Immunity Manager IPS alert Inline UTM The Network Immunity (NI) Manager is a plug in to PCM and is on a server Virus detection The inline IPS sends and alert to NI Response The Network Immunity Manager can respond to a virus attack by reconfiguring the switch to take the actions listed on the slide on the source port of the attack Per port response, Reconfiguration of switch Response Methods Quarantine VLAN Offender MAC lockout Offender port Shutdown Offender port rate limiting Offender port mirroring for deeper analysis Enable sflow at the offender port Email notification Network switches

ProCurve / Fortinet Integration The sensitivity with which the HP ProCurve switch port detects traffic anomalies is configured as appropriate

ProCurve / Fortinet Integration Network Immunity Manager is configured to understand the Fortinet SNMP Trap format and Signature ID

ProCurve / Fortinet Integration When the FortiGate identifies malicious traffic, it notifies the Network Immunity Manager via an SNMP Trap

ProCurve / Fortinet Integration The Network Immunity Manager responds by reconfiguring the switch according to the pre-set rules

For more information please visit http://www.fortinet.com Questions? For more information please visit http://www.fortinet.com 14

For more information please visit http://www.fortinet.com Backup Slides For more information please visit http://www.fortinet.com

ProCurve Switch Functionality

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.