Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hank Johnson, Area Manager Check Point Software Technologies

Published byHarold Washington Modified over 5 years ago

Similar presentations

Presentation on theme: "Hank Johnson, Area Manager Check Point Software Technologies"— Presentation transcript:

1 Hank Johnson, Area Manager Check Point Software Technologies
Security Observations & Ideas from the field Dallas Data Connectors 2015 Hank Johnson, Area Manager Check Point Software Technologies

2 What’s driving Security Spending ?
Upgrade of existing, aged equipment Consolidation of multiple point products Consolidation + New Security Features Compliance Executive Support & Demand for ITSec Security Readiness – Where are you ?

3 Security is now Mainstream IT
Redefinition of the Enterprise: Remote Locations ( Mfg / Branches/ IP devices) Mobile Devices ( where is the “Edge” ? ) A Good Offense is the Best Defense: Advanced Threat Protection = Known & Unknown Reporting & Forensics = SOC & Trending Data +Context + Visibility = Actionable Intelligence

4 Data : Dashboard , Detail & Forensics
Security Trends Security Readiness Data : Dashboard , Detail & Forensics Product Enterprise Security Strategies Monitor / React Proactive / Trend User Involvement ** Redefine the Enterprise: Remote sites & Mobile **Client Execs involved at a new level **

5 Security has been underfunded…
By other valid IT & Business Priorities including: IP Telephony / Unified Communications Storage & Server Virtualization; Converged Computing SAP , Oracle, other applications SF.com & other CRM systems Cloud & Hybrid Data Center Initiatives Impact to Security: Most are in Catch Up Mode Security is “MainStream” Key issues: Personnel / Organizational Structure Policy ( Social media, Document Retention, Breach planning ) Strategy ( Current State to Future State ) Show up as entire paragraph 1 then 2

6

7 Start Here Self Assessment

8 Client Assessments: Work to be Done
1st Key Question: “Where am I today?” Follow up questions: Desired Future State First Priority What’s possible today Where do I start

9 Minimize Risk & Shorten the Curve
Have a Current State – Future State roadmap Anticipate Future Requirements ( Leads to proper sizing ). Consider a “Good – Better – Best “ architectural review Invest in Training.

10 High Level Security Planning Framework - 4 things Infrastructure
Threat Mobility Management & Visibility Knowing that business is dynamic and the threat landscape is dynamic….CP is centered in our innovation and our passion to deliver uncompromising security, performance, agility, etc….to ensure client success

11 More control & reporting
Infrastructure Consolidation is real but you own Architecture Firewall and VPN Software Blades IPS Software Blade Application Control Software Blade Identity Awareness Software Blade Antivirus & Anti-Malware Software Blade URL Filtering Software Blade DLP Software Blade Anti-Bot Software Blade Fewer Suppliers & Maintenance contracts More control & reporting

12 Granular Control of All Security Layers
Network Threat Prevention IPS Anti-Bot Antivirus Granular Visibility Mobile Access Mobile Access Sensitive Data DLP Internet Applications Usage SmartEvent Application Control URLF User Access Identity Awareness

13 Priority: Keep System Software Current
Check Point Research Industry Feeds Sensors & Sites Priority: Keep System Software Current We are feeding the ThreatCloud with many sources, both internal and external, and pushing security protections back to all Check Point products around the globe.

14

15 One of the most dynamic areas of Security
Threat Prevention

16 Known ( IPS / IDS / URL / App ) Unknown ( SandBox / Zero Day / APT )
& Mobile Reporting / Context / Forensics / Trending Knowing that business is dynamic and the threat landscape is dynamic….CP is centered in our innovation and our passion to deliver uncompromising security, performance, agility, etc….to ensure client success

17 We Spend Time and Budget On.. While Positioning for Future Challenges
TODAY’S INFRASTRUCTURE FUTURE ATTACK VECTORS Firewall VPN IPS Anti-Spam URL Filtering Anti-Virus DDoS Polymorphic Malware APTs Mobility 12B: FW – $4.9M IPS – $1M SWG - $1.6M Aspam – $1M AV ( EP) – $3.4M $400M FEYE – $260M ( ~65% organic growth from 2013 $160M) PAN – 12M Check Point - 24 Others – dambala, sourcefire Have the Platform Built 1st !!

18 Multi-Layer Threat Prevention
Industry Feeds Global Sensor Data Check Point Research Known Known ThreatCloud Emulation Service As threats have evolved so has our technology. Where threats are concerned, we are all in this fight together. We have created the largest collaborative threat prevention cloud that collects input from 100’s of check point researchers, industry feeds and our own Check Point gateway sensors, the most extensive in geography and deployment. We call it ThreatCloud. Once it collects the intelligence, it translates it into real-time protections that are implemented in the Check Point gateways to stop threats. We also have created an intelligence marketplace with TC IntelliStore that gives organizations more protection and access to unique intelligence feeds that may be relevant to their industry, geography or specific attack types. Beyond protecting against the known threats, we have also innovated to build threat emulation technologies so that we can protect you against unknown malware. Today, IPS, Antivirus and Anti-Bot are effective technologies against known malware. But hackers create variants to evade signature-based detection. To detect these unknown variants and to find zero-day attacks we run the malware in a virtual sandbox to detect and prevent these malicious files. As these unknowns are found and become known, we feed the information to our ThreatCloud and then update other gateways so that all of our customers have the most up to date protection. Unknown Known and Unknown Malware X X

19 “Threat” requires a holistic view
Managing Unknowns Sandbox Quarantine Emulation INSPECT EMULATE PREVENT SHARE “Threat” requires a holistic view ** New CPU level solution – Stop before threats get to the OS level. [Protected] Non-confidential content

20 UNIQUE AND INNOVATIVE DETECTION
INTEGRATED WITH CHECK POINT THREAT EMULATION Check Point Threat Emulation CPU-Level Threat Prevention + HIGHEST CATCH RATE UNIQUE AND INNOVATIVE DETECTION

21 You can’t manage what you can’t measure
Optics & Reporting

22 What happens when things go wrong ?
Management Simplicity & Power in One Plate of Glass What happens when things go wrong ? Integrated / Correlated Security Management Event Management Log Management Built-In Compliance Engine

23 SPOG Management & Visibility

24 360o Visibility of Network Security
Time shows topline security events Map shows origin of attacks and threats Let’s take a look at one view in our management console. This example shows top line information from multiple angles, including summary of critical attacks over time, geographic information on source or destination of attacks, lists of important events, and counts of events by type. Each of these views can be expanded to show more detail and exported as reports for additional analysis. Important security events highlighted Rate and frequency of potential attacks

25 Mobility

26 Today’s Mobile Solutions have Security Gaps
MDM = Management NOT Security Mobile Security Same policies as On Net APT protection Document Security Mgt & Reporting Script: Today organizations are trying to put together solutions to address these challenges. But, assembling independent, unrelated solutions to address all the mobile security challenges creates security gaps that leave the organization potentially vulnerable to threats. The main solutions today are predominantly focused on device management, and focus very minimally on actual device and data security. They may secure data that is in a container, but provide no security for documents once they leave the device. They don’t protect devices from threats, and do not prevent users from accessing potentially malicious websites and content. Companies are utilizing independent methods such as: Controlling access to devices, device management, file and disk encryption; and secure containers These independent methods do not provide a complete and unified solution that can protect organizations from the threats facing them today, or in the future, and they do not protect organizational data throughout its life, wherever it goes. How do you protect devices from THREATS? How do you protect DATA wherever it goes? [Restricted] ONLY for designated groups and individuals

27 The Internet So many points of entry! Connected via the internet
Data Center Internal Servers Remote offices Virtual Servers Cloud computing Remote workers Mobile devices

28 Final Thoughts The Issues are Real The Solutions are Many Assess – Plan – Execute For the entire Enterprise Hold the industry accountable Network& Idea share ! Don’t overthink it: get after it!

29 Everyone has a plan ‘till they get punched in the mouth Mike Tyson
So you have a track record market leadership With an excellent product but then “shellshock” happens or “poodle” or Heartbleed and I can go on That catches the entire industry vulnerable This is where the people come into play

Download ppt "Hank Johnson, Area Manager Check Point Software Technologies"

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
© Blue Coat Systems, Inc. 2011. All Rights Reserved. APTs Are Not a New Type of Malware 1 Source: BC Labs Report: Advanced Persistent Threats.

© Blue Coat Systems, Inc All Rights Reserved. APTs Are Not a New Type of Malware 1 Source: BC Labs Report: Advanced Persistent Threats.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Security Observations & Ideas from the field

Security Observations & Ideas from the field
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
©2015 Check Point Software Technologies Ltd. 1 Dallas Data Connectors 2015 Hank Johnson, Area Manager Check Point Software Technologies SECURITY OBSERVATIONS.

©2015 Check Point Software Technologies Ltd. 1 Dallas Data Connectors 2015 Hank Johnson, Area Manager Check Point Software Technologies SECURITY OBSERVATIONS.
© 2004-2014. Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.
IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.

IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.

©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.

Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C97-721796-00.

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.

1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.
The Changing World of Endpoint Protection

The Changing World of Endpoint Protection

Similar presentations

Ads by Google