Presentation is loading. Please wait.

Presentation is loading. Please wait.

Application Usage and Risk Report 7 th Edition, May 2011.

Published byKianna Wesley Modified over 10 years ago

Similar presentations

Presentation on theme: "Application Usage and Risk Report 7 th Edition, May 2011."— Presentation transcript:

1 Application Usage and Risk Report 7 th Edition, May 2011

2 About Palo Alto Networks Palo Alto Networks is the Network Security Company World-class team with strong security and networking experience - Founded in 2005, first customer July 2007 Builds next-generation firewalls that identify / control 1250+ applications - Restores the firewall as the core of the enterprise network security infrastructure - Innovations: App-ID, User-ID, Content-ID Global footprint: 4,000+ customers in 70+ countries, 24/7 support

3 Applications Anytime, Anyplace! © 2010 Palo Alto Networks. Proprietary and Confidential.Page 3 |

4 Application Usage & Risk Report – May 2011 © 2010 Palo Alto Networks. Proprietary and Confidential.Page 4 | http://www.paloaltonetworks.com/literature/forms/aur-report.php

5 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 5 | Methodology and Demographics Methodology - Analysis is based on live customer traffic – not a survey - How are networks being used? - What applications are running on enterprise networks? - What are the risks associated with the existing application mix? Demographics - 1,253 organizations worldwide, up from 723 - 1,042 applications found, up from 931 - 28 Exabytes of bandwidth

6 Key Findings Organizations are blind to hidden application traffic - More than 40% of the applications can use SSL or hop ports; consumes roughly 36% of the overall bandwidth Work is more social - Social networking and webmail use shows 5X growth, IM use doubled over the past 6 months File transfer applications: will history repeat itself? - Browser-based file-sharing adapting same characteristics as P2P © 2011 Palo Alto Networks. Proprietary and Confidential.Page 6 |

7 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 7 | Hidden application traffic 41% of the applications (433) found can use SSL or hop ports Consuming roughly 36% of overall bandwidth Only 43% use the browser Worldwide: Many Hidden Applications

8 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 8 | Can use SSL on 443 or any other port… 215 applications, 8% of bandwidth consumed Heavy emphasis on consumer, end-user applications; highest amount of business and security risk Many collaborative applications both business and personal Many P2P Filesharing, proxy, and social networking also fall into this group Examples: Most Google apps, Facebook, Twitter, several SW update apps

9 Can use SSL on 443 Only… Small group of applications (29) – includes SSL proper Consumes 14% of bandwidth Business: Webex, NetSuite, a range of software updates Non-business: Tor, party-poker, google-location-service © 2011 Palo Alto Networks. Proprietary and Confidential.Page 9 |

10 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 10 | Can use SSL on any port except 443… Small group of applications (18) and 1% of bandwidth Business applications include Cisco VPN and Microsoft Exchange Non-business applications include Gnutella and icq

11 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 11 | Can Hop Ports… 171 applications; 14% of the bandwidth consumed Filesharing (30), photo-video (24) and VoIP (21) are most common in this group SharePoint, NetFlow and many storage applications also fit this definition The darker side: P2P, gaming, some encrypted tunnel (hotspot-shield, gbridge)

12 Filesharing: Will History Repeat Itself? © 2011 Palo Alto Networks. Proprietary and Confidential.Page 12 | Browser-based filesharing; increasingly popular; more than 60 variants New business and security risks introduced through differentiation Premium service via a persistent client Repurposed technology: peer-to-peer, RTMPT

13 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 13 | Work Has Become More Social Social Networking and webmail show nearly 5X growth; IM use almost doubles Facebook, Linkedin, Twitter make up top 3 Facebook extends dominance; usage remains passive

14 Consumerization is driving business © 2011 Palo Alto Networks. Proprietary and Confidential.Page 14 |

15 Business Use of Social Networking Report : The state of corporate social media in 2011 from usefulsocialmedia.com. The majority of companies expect social media to become integrated into more than just marketing throughout 2011. 89% of the companies expect social media budgets to increase over 2011. The most common corporate social media use is for marketing (88%) and communications (93%). By the end of 2011, the biggest change in corporate use of social media will be the growth of companies using it for customer service (73%), employee engagement (59%) and product development (52%). © 2011 Palo Alto Networks. Proprietary and Confidential.Page 15 |

16 Summary Organizations are blind to SSL - and the amount of SSL in use is forecast to continue growing - Policy and controls must address this Social networking is making the workplace MORE social - Use continues to expand - It isn't replacing other modes of interaction – in fact, it may be helping them Browser-based filesharing is rapidly evolving – many now have the same characteristics as P2P - Some introducing clients, connecting peers - Will they introduce the same types of risks? © 2011 Palo Alto Networks. Proprietary and Confidential.Page 16 |

17 Applications Have Changed; Firewalls Have Not © 2011 Palo Alto Networks. Proprietary and Confidential.Page 17 | Need to restore visibility and control in the firewall BUT…applications have changed Ports Applications IP Addresses Users Packets Content The gateway at the trust border is the right place to enforce policy control Sees all traffic Defines trust boundary

18 Technology Sprawl & Creep Are Not The Answer More stuff doesnt solve the problem Firewall helpers have limited view of traffic Complex and costly to buy and maintain © 2011 Palo Alto Networks. Proprietary and Confidential.Page 18 | Internet Putting all of this in the same box is just slow

19 The Right Answer: Make the Firewall Do Its Job © 2011 Palo Alto Networks. Proprietary and Confidential.Page 19 | New Requirements for the Firewall 1. Identify applications regardless of port, protocol, evasive tactic or SSL 2. Identify users regardless of IP address 3. Protect in real-time against threats embedded across applications 4. Fine-grained visibility and policy control over application access / functionality 5. Multi-gigabit, in-line deployment with no performance degradation

20 © 2010 Palo Alto Networks. Proprietary and Confidential. Beware of Imitators………..

21 To Block or Not Block © 2010 Palo Alto Networks. Proprietary and Confidential.Page 21 | http://www.paloaltonetworks.com/cam/enterprise20/blockornot/

22 Next Generation FW for Dummies at our Table © 2010 Palo Alto Networks. Proprietary and Confidential.Page 22 | http://www.paloaltonetworks.com

23 Thanks! Jeff Stiling 503-430-5272 jstiling@paloaltonetworks.com © 2010 Palo Alto Networks. Proprietary and Confidential.Page 23 |

24 © 2011 Palo Alto Networks. Proprietary and Confidential.Page 24 |

Download ppt "Application Usage and Risk Report 7 th Edition, May 2011."

Similar presentations

Case Study: Examining the Results of P2P Collaboration at PricewaterhouseCoopers February 14, 2001 Case Study: Examining the Results of Collaboration at.

Case Study: Examining the Results of P2P Collaboration at PricewaterhouseCoopers February 14, 2001 Case Study: Examining the Results of Collaboration at.
TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Symantec 2010 Windows 7 Migration EMEA Results. Methodology Applied Research performed survey 1,360 enterprises worldwide SMBs and enterprises Cross-industry.

Symantec 2010 Windows 7 Migration EMEA Results. Methodology Applied Research performed survey 1,360 enterprises worldwide SMBs and enterprises Cross-industry.
Symantec 2010 Windows 7 Migration Global Results.

Symantec 2010 Windows 7 Migration Global Results.
RAC One Node – The “Always On” Single Instance Database

RAC One Node – The “Always On” Single Instance Database
Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.

Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Chapter 1 The Study of Body Function Image PowerPoint

Chapter 1 The Study of Body Function Image PowerPoint
Demystifying IPv6: Ensuring a Smooth Transition John Curran ARIN President & CEO This presentation describes the impending depletion of Internet Protocol.

Demystifying IPv6: Ensuring a Smooth Transition John Curran ARIN President & CEO This presentation describes the impending depletion of Internet Protocol.
A Media Subscription Service By Peter Kriens CEO aQute OSGi Technology Officer www.aQute.se.

A Media Subscription Service By Peter Kriens CEO aQute OSGi Technology Officer
1Abacast - Confidential1 Hybrid Content Delivery Network (CDN) Technologies and Services.

1Abacast - Confidential1 Hybrid Content Delivery Network (CDN) Technologies and Services.
© Copyright IBM Corporation 2009 IBM Global Business Services Innovation driving strategic choices for P2P Saul Berman Global & Americas Leader, IBM Strategy.

© Copyright IBM Corporation 2009 IBM Global Business Services Innovation driving strategic choices for P2P Saul Berman Global & Americas Leader, IBM Strategy.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Mean, Median, Mode & Range

Mean, Median, Mode & Range
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.

FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Peer-to-peer and agent-based computing Peer-to-Peer Computing: Introduction.

Peer-to-peer and agent-based computing Peer-to-Peer Computing: Introduction.
Next Generation FWs Against Modern Malware and Threads Hakan Unsal – Technical Security Consultant Tunc Cokkeser – Regional Sales Manager.

Next Generation FWs Against Modern Malware and Threads Hakan Unsal – Technical Security Consultant Tunc Cokkeser – Regional Sales Manager.
© Tally Solutions Pvt. Ltd. All Rights Reserved Shoper 9 License Management December 09.

© Tally Solutions Pvt. Ltd. All Rights Reserved Shoper 9 License Management December 09.
Copyright, 2011 WowWe® VERS. 2.0. 1 ONLINE 2 3.

Copyright, 2011 WowWe® VERS ONLINE 2 3.

Similar presentations

Ads by Google