Presentation is loading. Please wait.

Presentation is loading. Please wait.

HP ProCurve Alliance + Dr Carl Windsor CISSP Major Account Manager

Published byAmbrose Davis Modified over 6 years ago

Similar presentations

Presentation on theme: "HP ProCurve Alliance + Dr Carl Windsor CISSP Major Account Manager"— Presentation transcript:

1 HP ProCurve Alliance + Dr Carl Windsor CISSP Major Account Manager
February 2008

2 What is the HP ProCurve Alliance?
Membership alliance program run by HP ProCurve to offer customers security and mobility solutions with interoperability with HP ProCurve products Members are Fortinet, Mitel, AirWave, DVTel and ShoreTel Fortinet Confidential 2

3 Why ProCurve? Complete portfolio of LAN, WAN, WLAN segments
Strong product features, combined with very cost-effective pricing ProCurve provides Industry Standard Solutions Best Warranty in the Industry Lifetime hardware warranty Free phone support Free software updates

4 Why ProCurve? - Synergies with Fortinet
Cisco growing presence in the security space Traditionally Cisco has taken a “build everything” approach ProCurve provides an attractive alternative to Cisco ProCurve will establish alliances to build up security functionality ProCurve and Fortinet are leaders in their respective industries Opportunity for Fortinet to grow its presence in new markets

5 Why Fortinet? - Synergies with ProCurve
External threat protection UTM feature set (Firewall, IPS, VPN, Anti-virus, Anti-spam, Content Filtering) Internal threat protection IDS/IPS Broad portfolio of UTM appliances and management tools SMB to Enterprise level solutions UTM appliances are interoperable with ProCurve Network Immunity Manager

6 Why ProCurve and Fortinet?
Unified Threat Management Network Deployment Location Edge – Users Connect Distribution – Aggregation Core & Data Center Perimeter Distribution All deployment scenarios Security Functionality NBAD (via sFlow) L2/L3 Switching VoIP Firewall, IPS, Antivirus, Antispyware, Antispam, IM/P2P Control, Web Filtering Complete security from L3-L7 plus application layer +

7 Network Immunity Manager Standalone
Detection Analysis Duplicate IP IP spoofing IP fan out DNS tunneling Packet size deviation used Protocol anomalies TCP/UDP Fan out ProCurve Manager Network Immunity Manager NBAD/sFlow based virus alert sFlow samples Possible Virus or attack identified by anomaly engine Per port response, Reconfiguration of switch The Network Immunity (NI) Manager is a plug in to PCM and is on a server Virus detection The ProCurve switches send sampled traffic using sFlow technology to the NI Manager which runs NBAD (Network Behavior Anomaly Detection) on the data to detect virus attacks The NI Manager can also accept virus alerts from switches running Virus Throttle Response The Network Immunity Manager can respond to a virus attack by reconfiguring the switch to take the actions listed on the slide on the source port of the attack Risk that traffic is misidentified Response Methods Quarantine VLAN Offender MAC lockout Offender port shutdown Offender port rate limiting Offender port mirroring for deeper analysis Enable sflow at the offender port notification Network switches

8 Network Immunity Manager with FortiGate One Arm IPS
Detection Analysis Duplicate IP IP spoofing IP fan out DNS tunneling Packet size deviation used Protocol anomalies TCP/UDP Fan out ProCurve Manager Network Immunity Manager NBAD/sFlow based virus alert sFlow samples IDS/AV alert Possible Virus or attack identified by anomaly engine Traffic correctly identified One-Arm IPS Build Per port response, Reconfiguration of switch The Network Immunity (NI) Manager is a plug in to PCM and is on a server Virus detection The ProCurve switches send sampled traffic using sFlow technology to the NI Manager which runs NBAD (Network Behavior Anomaly Detection) on the data to detect virus attacks The NI Manager can also accept virus alerts from switches running Virus Throttle Response The Network Immunity Manager can respond to a virus attack by reconfiguring the switch to take the actions listed on the slide on the source port of the attack The NBAD software detects viruses but it does not detect the virus using virus signature file matching like and IDS/IPS security appliance An IDS/IPS virus signature file match provides a high confidence a known virus is present and it provides the name of known viruses while NBAD software provides broad coverage and detection of zero day attacks (new viruses) If a virus signature file match is desired for known viruses, a customer has the option to have the NI Manager configure the switch to remotely mirror suspect traffic as identified by the NBAD software to an IDS/IPS/UTM security appliance that can perform a virus signature file match and then generate a virus alert to the NI Manager that will then respond (the security appliance must be in IDS mode and be connected to a ProCurve switch that supports remote mirroring) A IDS/IPS appliance is in IDS (intrusion detection system) mode if it is just monitoring traffic that’s mirrored to it to detect viruses, it’s in IPS (intrusion prevention system) mode if it’s inline as a bump in the wire to detect viruses and then block traffic to prevent the spread of the virus. Mirror Suspect Traffic Response Methods Quarantine VLAN Offender MAC lockout Offender Port shutdown Offender Port rate limiting Offender Port Mirroring for deeper analysis Enable sflow at the offender port notification Network switches

9 Network Immunity Manager with FortiGate Inline
Detection Analysis Duplicate IP IP spoofing IP fan out DNS tunneling Packet size deviation used Protocol anomalies TCP/UDP Fan out ProCurve Manager Network Immunity Manager IPS alert Inline UTM The Network Immunity (NI) Manager is a plug in to PCM and is on a server Virus detection The inline IPS sends and alert to NI Response The Network Immunity Manager can respond to a virus attack by reconfiguring the switch to take the actions listed on the slide on the source port of the attack Per port response, Reconfiguration of switch Response Methods Quarantine VLAN Offender MAC lockout Offender port Shutdown Offender port rate limiting Offender port mirroring for deeper analysis Enable sflow at the offender port notification Network switches

10 ProCurve / Fortinet Integration
The sensitivity with which the HP ProCurve switch port detects traffic anomalies is configured as appropriate

11 ProCurve / Fortinet Integration
Network Immunity Manager is configured to understand the Fortinet SNMP Trap format and Signature ID

12 ProCurve / Fortinet Integration
When the FortiGate identifies malicious traffic, it notifies the Network Immunity Manager via an SNMP Trap

13 ProCurve / Fortinet Integration
The Network Immunity Manager responds by reconfiguring the switch according to the pre-set rules

14 For more information please visit http://www.fortinet.com
Questions? For more information please visit 14

15 For more information please visit http://www.fortinet.com
Backup Slides For more information please visit

16 ProCurve Switch Functionality

Download ppt "HP ProCurve Alliance + Dr Carl Windsor CISSP Major Account Manager"

Similar presentations

Network Systems Sales LLC

Network Systems Sales LLC
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
True Unified Threat Management

True Unified Threat Management
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Lisa Farmer, Cedo Vicente, Eric Ahlm

Lisa Farmer, Cedo Vicente, Eric Ahlm
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Department Of Computer Engineering

Department Of Computer Engineering
Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.

Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.
Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.

Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
PROJECT PAPER ON BLUEFIRE MOBILE SECURITY. BY PONNURU VENKATA DINESH KUMAR STUDENT ID # A0815 PROFESSOR – VICKY HSU CS-426.

PROJECT PAPER ON BLUEFIRE MOBILE SECURITY. BY PONNURU VENKATA DINESH KUMAR STUDENT ID # A0815 PROFESSOR – VICKY HSU CS-426.
ShareTech 2015 Next-Gen UTM.

ShareTech 2015 Next-Gen UTM.
Common Devices Used In Computer Networks

Common Devices Used In Computer Networks

Similar presentations

Ads by Google