Security Platforms Past, Present and Future May 3, 2012 Aaron Robel.

Slides:



Advertisements
Similar presentations
Agenda Product Overview Hardware Interfaces Software Features
Advertisements

<<replace with Customer Logo>>
Operating and Configuring Cisco IOS Devices © 2004 Cisco Systems, Inc. All rights reserved. Operating Cisco IOS Software INTRO v2.0—8-1.
Project Management Methodology Procurement management.
VMware Virtualization Last Update Copyright Kenneth M. Chipps Ph.D.
Transform your desktop with virtualization. 22 Agenda Evolution of VDI VDI Solution VDI Use Cases Questions & Answers.
SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez.
MSIT 458: Information Security & Assurance By Curtis Pethley.
MIGRATION FROM SCREENOS TO JUNOS based firewall
Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.
Virtual techdays INDIA │ November 2010 SQL Azure Data Sync Shilpa Nirmale │ Associate Manager, Accenture.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 12 Slide 1 Distributed Systems Design 1.
Microsoft delivers a complete datacenter solution with Windows Server 2012 R2 out-of-the-box Cloud OS Development Management Identity Virtualization.
Voice & Data Convergence Network Services January 11, 2001.
Data Center Network Redesign using SDN
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
MIGRATING INTO A CLOUD P. Sai Kiran. 2 Cloud Computing Definition “It is a techno-business disruptive model of using distributed large-scale data centers.
© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.
UNL Network Security Zac Reimer Network Security Analyst UNL Information Services
Selecting the Right Virtualization Technology Infrastructure Planning and Design Series.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Identifying Application Impacts on Network Design Designing and Supporting Computer.
Garry M. LopezDelta Network Services Jeremy Lundy Roscommon Area Schools October 13, 2010.
Firewall Network Processor™: Technical Concept and Business Solutions FNP™ – is a trademark of Fractel Inc. December 2008 Columbus.
Get Hands-on with the New Hyper-V Extensible Switch in Windows Server 2012 Bob Combs Hyper-V Networking Microsoft Corporation VIR307.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Identifying Application Impacts on Network Design Designing and Supporting.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introducing Network Design Concepts Designing and Supporting Computer Networks.
© 2015 BROCADE COMMUNICATIONS SYSTEMS, INC THAT’S THE ANSWER WHAT’S THE QUESTION? Software Defined Networking Dan DeBacker Principal.
How to Integrate Security Tools to Defend Data Assets Robert Lara Senior Enterprise Solutions Consultant, GTSI.
Remote Access Portal Project Ben Dawson Larry Finn Peter Stickney Ken Vedaa May 7, GC.
UW Madison Campus Network Security Strategy Campus Firewall Service Rick Keir DoIT Network Services
1 ABNER GERMANOW DIRECTOR ENTERPRISE MARKETING. 2 NEW ATTACK SURFACES DATACENTER CONSOLIDATIONNEW DEVICESBRANCH LOCATIONS.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Network Design Concepts Designing and Supporting Computer Networks.
Department of Computer Science and Engineering Applied Research Laboratory Architecture for a Hardware Based, TCP/IP Content Scanning System David V. Schuehler.
© 2006 Cisco Systems, Inc. All rights reserved.Presentation_ID 1 Transforming Server Virtualization with Cisco VN-Link Belmont Chia Consulting System Engineer.
Connecticut Education Network “Forum” June 14, 2001.
SOFTWARE DEFINED NETWORKING/OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS April 23, 2012 © Brocade Communications Systems, Inc.
Security Enhancement Proxy Replacement Firewall Replacement IDS Replacement January, 2012.
© 2002, Cisco Systems, Inc. All rights reserved..
IS3220 Information Technology Infrastructure Security
Software + Services: An Architect Perspective Gianpaolo Carraro
Ram Kumar - Director – Product Management techcello (A Division of Asteor Software Inc) Everything You Always Wanted To Know About Multi- Tenancy Speaker:
A Better Way Huawei Financial Agile Network Solution Success Cases.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.
Infrastructure Deployment Services Dell Networking Deployment Services.
Breaking free from conventional thinking about CRM Presented by: Microsoft Dynamics CRM and HP platforms Plaza Dynamics Conventional Thinking: Integrated.
New cloud services demand new security solutions. The evolving cloud landscape is paving the way for modern and more sophisticated technology. Among the.
CAMPUS LAN DESIGN GUIDE Design Considerations for the High-Performance Campus LAN.
Software Defined Networking BY RAVI NAMBOORI. Overview  Origins of SDN.  What is SDN ?  Original Definition of SDN.  What = Why We need SDN ?  Conclusion.
Barracuda NG Firewall ™
Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda
Fourth Dimension Technologies
SDN challenges Deployment challenges
Azure Infrastructure for SAP®
Integration of and Third-Generation Wireless Data Networks
Introduction to the Junos Operating System
Introducing Novell IPv6 Stack
New Features for Virtualized Environments
ONAP Amsterdam Architecture
Firewalls at UNM 11/8/2018 Chad VanPelt Sean Taylor.
Your Next LIMS: SaaS or On-Premise? Presented by:
Managing Clouds with VMM
Developing a Baseline On Cloud Security Jim Reavis, Executive Director
What a non-IT auditor needs to know about IT & IT controls
File Transfer Issues with TCP Acceleration with FileCatalyst
Enterprise Program Management Office
The Software-Defined Perimeter in Action
Windows Server 2016 Guest Offering September 19, 2016
Salesforce.com Salesforce.com is the world leader in on-demand customer relationship management (CRM) services Manages sales, marketing, customer service,
Features Overview.
Microsoft Virtual Academy
Presentation transcript:

Security Platforms Past, Present and Future May 3, 2012 Aaron Robel

Agenda Past Present Future Questions

Anyone Remember the Checkpoint Firewall 1,2,3 days? Well Defined Policy Control Integrated Logging and reporting GUI driven Platform Checkpoint Management GUI Simple architecture Reduced change risk Physical Firewalls

Only Physical separation Only a Global Policy Built for the Enterprise Many DMZ’s Large segments Huge policies Policy control No logical partitioning No delegation capability Multi- Tenancy Scalability through physical addition Challenges between OS and software Platform Old Checkpoint Platform Challenges

Enter: The Cisco Firewall Services Module Enter: The Cisco Firewall Services Module Consolidated Hardware and Software Robust Throughput Tightly Integrated with Network Core The Platform Distinct Logical firewalls Compartmentalized Policies Granular Service separation Quick scalability for new services Multi- Context Mode

Firewall Service Module Challenges Limited to 1 gig flows Limited visibility in backplane HA traffic coupled with data traffic Tightly integrated with Network Core The Platform Limited to stateful firewalling Firewall proliferation Inefficient packet flows Multi- Context Mode No log monitoring or reporting Still have to implement firewalls in CLI Not ready for multi-tenancy Cisco Security Manager

Tenants of a New Solution Delegated Service ModelSimplify Firewall ArchitecturePerformance LeapBeyond Stateful FirewallingManagement Single Pane of GlassProvider Grade ScalabilityReduce Operational Cost

After 6 successful years and long service life it’s now time to replace the FWSM… The RFP process was started to find the next generation security platform. Gathered RequirementsWent out for a RFIVendor Interviews/DemosWent out for RFPEvaluation, evaluation, evaluation…

The ASV is…

What drove this decision?? PerformanceFeaturesSupportPotential

Performance 480 Gig of stateful firewalling 71 Gig for IPS 32 Gig for Anti-Virus/Malware Throughput 132 million concurrent connections 1.1 million new connections per second Connections Up to 3000 individual VDOM’s or virtual firewalls Capacity

Primary Features Stateful firewallIDS/IPSApplication policy controlFQDN policy enforcementActive directory IntegrationURL filteringVPNScalability and HAL2 and L3 capabilityUnified MGMT GUI

Features VDOM 1 FirewallingRouting tableIPSIPSec VPNClient SSLVPN VDOM 2 FirewallingLayer 2 bridgeIPS VDOM 3 FirewallingRouting TableURL FilteringIPS Application ID Integrated with AD

Support Technical Account MGR Resident Engineer Training Lab Equipment

Potential Data Loss PreventionAnti-Virus/Malware InspectionIntegrated Wireless ControllerWAN OptimizationWEB CachingVoIP SupportIPv6 Support

Platform Challenges No proven track record with the State The Unknown Migration from vendor to vendor is always tough 6 years with FWSM Data flows may introduce challenges New datacenter infrastructure Datacenter deployment

Some Architectural Thoughts… Next Generation Architecture Re-Think SGN Cloud Scalability Hypervisor Firewalls

Lets get the 2 most frequently asked questions out of the way…

I love to talk so, OTHER questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.