Next Generation Network Security

Slides:



Advertisements
Similar presentations
Unified Communications Bill Palmer ADNET Technologies, Inc.
Advertisements

1 Proofpoint, Inc. Proprietary and Confidential ©2010 Proofpoint Protection/Privacy Offering Proofpoint Privacy Accurately detect ePHI in s Integrated.
Nathan Labadie Systems Engineer, US-Central FireEye
THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.
1 Effective, secure and reliable hosted security and continuity solution.
Palo Alto Networks Jay Flanyak Channel Business Manager
Applying Next Generation Security Principles to Todays Changing Networks.
LeadManager™- Internet Marketing Lead Management Solution May, 2009.
Is technology ubiquity a chance to re-connect security? Greg Day Director of Security Strategy.
Security Life Cycle for Advanced Threats
1 Dell World 2014 Dell & Trend Micro Boost VM Density with AV Designed for VDI TJ Lamphier, Sr. Director Trend Micro & Aaron Brace, Solution Architect.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
The Most Analytical and Comprehensive Defense Network in a Box.
Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel
11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.
The Business Value of CA Solutions Ovidiu VALEANU Senior Consultant DNA Software – CA Regional Representative.
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
Boost your network security with NETASQ Vulnerability Manager.
© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
IBM Security Network Protection (XGS)
Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
Norman SecureSurf Protect your users when surfing the Internet.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
© 2009 IBM Corporation Delivering Quality Service with IBM Service Management April 13 th, 2009.
May l Washington, DC l Omni Shoreham The ROI of Messaging Security JF Sullivan VP Marketing, Cloudmark, Inc.
How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”
The Most Analytical and Comprehensive Defense Network in a Box.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
© 2014 VMware Inc. All rights reserved. Palo Alto Networks VM-Series for VMware vCloud ® Air TM Next-Generation Security for Hybrid Clouds Palo Alto Networks.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
Pre-Release Information Aug 17, 2009 Trend Micro Web Gateway Security InterScan Web Security Virtual Appliance v5 Advanced Reporting and Management v1.
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz
The Changing World of Endpoint Protection
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
Network security Product Group 2 McAfee Network Security Platform.
© 2009 WatchGuard Technologies WatchGuard ReputationAuthority Rejecting Unwanted & Web Traffic at the Perimeter.
2015 Security Conference Dave Gill Intel Security.
Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
Data Center Management Microsoft System Center. Objective: Drive Cost of Data Center Management 78% Maintenance 22% New Issue:Issue: 78% of IT budgets.
Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.
An Introduction to Deception Based Technology Asif Yaqub Nick Palmer February 5, 2016.
Web security | data security | security © 2010 Websense, Inc. All rights reserved. Strategy for Defense Against Web-based Advanced Persistent Threats.
No boundaries with Unified Web Security Solutions Steven Vlastra Sr. Systems Engineer - Benelux.
Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.
Understanding and breaking the cyber kill chain
Protect your Digital Enterprise
Barracuda NG Firewall ™
Advanced Endpoint Security Data Connectors-Charlotte January 2016
Sophos Central for partners and customers: overview and new features
BUILD SECURE PRODUCTS AND SERVICES
TMG Client Protection 6NPS – Session 7.
Barracuda Web Filtering Service
Real-time protection for web sites and web apps against ATTACKS
Speaker’s Name, SAP Month 00, 2017
9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.
Jon Peppler, Menlo Security Channels
Virtualization & Security real solutions
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Skybox Cyber Security Best Practices
Microsoft Data Insights Summit
AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.
Presentation transcript:

Next Generation Network Security Andrew Hoerner, Director, Product Marketing Understanding McAfee Network Security Platform (formerly IntruShield) – Featuring the 10GigE Channel Partners and McAfee Sales © 2007 McAfee, Inc.

Recent Customer Conversations… “Borderless network… Effectively extend trust boundaries? “100’s of new applications… See & control use?” “Data center project… Improve protection… Consolidate vendors?” “Advanced Threats (APTs, Botnets, Insider Risk) … Best practice prevention?” “…Upgrading the data center…” “…Consumerization of IT…” “…Targeted attacks & Advanced Persistent Threats…” “…Visibility & control of applications…” “…Need more accurate IPS/IDS…” “…Guest & contractor access…” “…My firewall is EOL…” “…Security shouldn’t be the brakes…”

Network Security Isn’t Adapting to Change Symptoms Incident costs increasing Data center security under-performing Advanced Persistent Threats a concern Security policy hard to enforce Excessive IDS/IPS alerts Firewall rules hinder change management Frequent refresh of security hardware

Changes Create Pressure Points, Complications Create Risk Projects Impacting Network Complications SaaS (Agility) 15% 32% Outsource (Reduce CapEx) Targeted and Advanced Persistent Threats (APTs) Virtualization (Reduce OpEx) 30% 49% Hosting (Better Quality) Consumerization of IT Mobile Web (Improve Productivity) 200% Severe Economic Constraints

Evolving Threats “Outside Attacker Initiated” “Insider Initiated” Active Layered Attack: exploit targeted vulnerability Scan/Exploit - Server/vulnerability Infect , C&C Upgrade Propagate “Outside Attacker Initiated” Passive Layered Attack: exploit via drive-by-download Exploit, Infect Data leak C & C execute Propagate “Insider Initiated” Download Download SPAM, Search, Social Network, etc. Social Engineering: follow link to malicious site “Insider Initiated” 5

Anatomy of an attack

Anatomy of an attack Date: Tue, 10 Dec 2008 06:58:13 -0700 (PDT) From: John Doe <john.q.googdguy@yahoo.com> To: employee.name@companyname.com Subject: 7th Annual U.S. Defense Conference 7th Annual U.S. Defense Conference 1-2 Jan 2009 Ronald Reagan Building and International Trade Center Washington, DC Download 2009 Conference Preliminary Program (PDF) http://conferences.satellite-stuff.net/events/MDA_Prelim_09.zip Download 2009 Conference Registration Form (PDF) http://conferences.satellite-stuff.net/events/MDA09_reg_form.zip Contact: John Doe Contractor Information Systems (703) 555-1234 john.doe@yahoo.com

Conventional Approach to Network Security Ticket Oriented Resolution Protection Focused on Identifying Attack Packets How to get to resolution? File tickets. Wait. How to protect? Find attack packets on wire Configuration Focused on Features Multi-Vendor Strategies 10110110001 00101110101 11100010101 How to implement policy? Rely on product features. Defense in Depth? Manage multiple silo’d products.

The Maturity Model of Enterprise Security REACTIVE (~3% of IT Budget on Security) COMPLIANT/PROACTIVE (~8% of IT Budget on Security) OPTIMIZED (~4% of IT Budget on Security) TCO Security Posture SECURITY OPTIMIZATION

Optimized Network Security Adapts to Change Optimized spend ~4% Very low risk Reactive tools Firewalls Log analysis Trouble tickets Ineffective change control Ad hoc firewall rules Audit findings REACTIVE & MANUAL Point products IDS (compliance) SI/EM (logs) Structured firewall rule management Standard configurations Distributed consoles/mgmt Tedious audit preparation COMPLIANT Integrated tools IPS (threats) SI/EM (events) Automatic updates Automated firewall rule mgmt Centralized consoles/mgmt Streamlined compliance reports PROACTIVE Multi-layered, correlated solutions Predictive threat protection Policy-based control Proactive management Extensible architecture Automated compliance OPTIMIZED Tools Based Applying tools and technologies to assist people in reacting faster Point products for System, network and data OPTIMIZATION RISK Compliant/Proactive spend ~8% of IT budget on security Medium risk DYNAMIC Predictive and agile, the enterprise instantiates policy, illuminates events and helps the operators find, fix and target for response McAfee ePO integrated products, plus GRC and GTI REACTIVE and Manual People only. No tools or processes. “Putting out fires” Reactive spend ~3% of IT budget on security High risk Why has it been so challenging to reduce risk? 10 10 10 10

New Requirements for Optimized Network Security Ticket Oriented Resolution Proactive Management Protection Focused on Identifying Attack Packets Predictive Threat Protection Turn days of process into clicks Characterize future threats today Configuration Focused on Features Policy-Based Control Extensible Architecture Multi-Vendor Strategies Focus on real organization, people, applications, usage Integrated, collaborative, easily add new capabilities

Protecting Critical Data Center from ZeuS Malware Predictive Threat Protection with IPS + GTI Malware infects websites Malware infects, McAfee Labs IDs, updates website reputations… Malware hits network …Threat dissected, analyzed… Wait on signature …Predictive action stops threat Apply signature, update signature Future variants covered Not Optimized High Effort, High Risk When Optimized Low Effort, Low Risk Benefit: Protection meets (and beats) hacker’s timelines, reduces alerts

Controlling Google Calendar Use Before a Merger Policy-Based Control with Next Gen Firewall Identify M&A team User directory auto-imports groups… Map users to network address Profiler sees similar rule. 1 click to add. Avoid duplicate Create new rule (duplicate?) Hours or days to review, deploy Weeks to review, test, deploy. Repeat? New M&A members automatically added Not Optimized High Effort, High Risk When Optimized Low Effort, Low Risk Benefit: No need to map network topology to user, protects critical data

Blocking Bot Command and Control Traffic Proactive Management in Action See Bot activity on network Right click to get details from management console Hours: open ticket w/ system team Right click to scan and patch Days: open ticket to plan outage/upgrade Visual view of traffic and connections Weeks: detailed review of network events Have a second cup of coffee Not Optimized High Effort, High Risk When Optimized Low Effort, Low Risk Benefit: Eliminates days and weeks of effort while improving time to resolution

McAfee: Optimized Network Security Solutions GLOBAL THREAT INTELLIGENCE Risk Advisor NDLP Email Web ePO Firewall IPS NAC NBA SIA Network IPS: Top selling, best performing Firewall: Most secure, new next gen features NAC: integrated with IPS NBA: cost-effective network visibility NDLP: more important than ever 15

What It Takes to Make An Organization Safe Global Threat Intelligence Reputation GTI Network Activity Geo-location Ports / Protocol Application Web Reputation . File Reputation Affiliations IP Address Domain URL Data Activity Sender Reputation Web Activity DNS Server Mail Activity Email Address Network IPS Firewall Web Gateway Host AV Mail Gateway Host IPS 3rd Party Feed 300M IPS Attacks/Mo. 2B Botnet C&C IP Reputation Queries/Mo. 20B Message Reputation Queries/Mo. 2.5B Malware Reputation Queries/Mo. Geo Location Feeds

Optimized = Lower Total Cost of Ownership Summary of Financial Results Risk-Adjusted Return on Investment (ROI) 142% Payback Period Within 5 Months Total Costs (Present Value) ($244,659) Total Cost Savings and Benefits (PV) $593,276 Total (Net Present Value) $348,617 Full Forrester TEI report based on McAfee customer data available here.

Optimized Network Security: Solves Root Issues, Symptoms Disappear Results Incident costs decreasing Data center security outperfoms @ lower cost Advanced Persistent Threat protection Policy in business terms, easy to enforce IPS alerts minimized, staff re-allocated Firewall rules streamline change management Long life reduces CapEx for security hardware

While We’ve Been Chatting… Our global sensor grid characterized 229 unique pieces of malicious or unknown code, based on: 570,000 file reputation queries 460,000 IP reputation queries 69,000 attacks were stopped by McAfee IPS across all our customers Eliminated 64 trouble tickets and 8 critical escalations for our customers

Email andrew_hoerner@mcafee.com Thank you for your time Questions? Email andrew_hoerner@mcafee.com More info at: www.mcafee.com/networkdefense

21

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.