Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managed Services Provider & Nationwide Network Operator

Published byJean-Charles Dumont Modified over 5 years ago

Similar presentations

Presentation on theme: "Managed Services Provider & Nationwide Network Operator"— Presentation transcript:

1 Managed Services Provider & Nationwide Network Operator
SD-WAN UCaaS Voice and Data Long Distance Managed Network & IT Services Ultimate Firewall Comparison: Cisco®-Meraki® vs. Fortinet vs. PaloAlto vs. SonicWALL - Which Solution is the Right Fit for Your Client? Mike Chase, J.D. SVP Solutions Engineering & Principal Architect CCIE# 7226, LPIC2, VMware VCP + 30 certs Legal disclaimer: all content is my opinion, always do your own research!

2 Who am I? -- Mike Chase SVP Solutions Engineering
30+ industry certifications, CCIE# 7226, LPIC2, VMware VCP Certs: Juris Doctor in Law degree (J.D.) Experience in telecom, datacenters, cloud & more Co-founder of VARs, Cloud companies, etc. aka “Dr. Cloud” Working with you to design complex scenarios & drive new products to market Agent training & acceleration Link to me on LinkedIn! LinkedIn: = WhatsApp  2

3 Cloud, Voice & Managed Network Services
Founded in 2001 100% Channel Focused Debt free and profitable Family owned and operated Managed Services Provider & CLEC Processing over 4 billion calls per month Currently servicing 14,000 plus businesses Multi-location Experts Global, around the clock NOC support AireSpring brings together all the advantages of managed voice, connectivity and cloud applications under one umbrella.

4 The AireSpring Advantage
Single Point of Contact One-Stop-Shopping One Bill Full Life Cycle, White Glove Support Focused Delivery Concierge Support

5 One Stop Shop – NNIs with 20+ Carriers

6 cybersecurity

7 Security Features - Definitions
Next Generation Firewall (NGFW) Where the earliest firewalls cut out at Layer 3 or 4 of the OSI model, modern firewalls go all the way to Layer 7 and usually incorporate stateful processing and deep packet inspection (DPI), as well as all the basic port and protocol filtering capabilities. Unified Threat Management (UTM) Unified Threat Management (UTM) is a term to describe a category of security appliances which integrates a range of security features into a single appliance. UTM appliances combine firewall, gateway anti-virus, and intrusion detection and prevention capabilities into a single platform. UTM is designed protect users from blended threats while reducing complexity. Network intrusion detection and intrusion prevention (IDS/IPS) These devices not only watch traffic flow for signs of tampering or intrusion, but they are increasingly able to act automatically to block various types of attacks and shut down attempts at denial of service (DoS and DDoS). Anti-malware protection Security appliances with UTM capability now routinely screen incoming files, messages and other content for signs of malware, including viruses, worms, rootkits, spyware and so forth. Anti-spam protection UTM security appliances will typically perform various types of spam detection and filtering, to prevent unwanted and especially malicious from crossing the network boundary. Content filtering Content filtering is used to implement company policies related to information system usage. For example, it's common to filter websites containing pornographic materials or social-networking sites unrelated to work. Under this heading you’ll find whitelisting and blacklisting techniques, URL filtering, protocol filtering and actual content inspection techniques put to work.

8 Think You’re protected? Think again!
Next Generation Firewall Test Report Products Tested Barracuda Networks CloudGen Firewall F800.CCE v7.2.0 Check point Next Generation Threat Prevention (NGTP) Appliance vR80.20 Cisco Firepower 4120 Security Appliance v.6.2.2 Forcepoint NGFW 2105 Appliance v build (Update Package: 1056) Fortinet FortiGate 500E V5.6.3GA build 7858 Palo Alto Networks PA-5220 PAN-OS 8.1.1 SonicWAll NSA 2650 SonicOS Enhanced n Sophos XG Firewall 750 SFO v17 MR7 Versa Networks FlexVNF 16.1R1-S6 WatchGuard M670 v B562953 SonicWall NSa2650 98.8% of attacks stopped 100% of evasions blocked SonicWall was successful in countering 100 percent of all advanced HTTP evasion, obfuscation and fragmentation techniques.

9 Competitive Firewall UTM Feature Comparisons
Cisco Meraki SonicWALL Fortinet Palo Alto Next Generation Firewall IDS/IPS Requires the UTM License Requires the Threat Prevention License Antivirus Basic -  - Enhanced – Requires Wildfire License Anti-Bot Requires the Wildfire License Malware Sandboxing Requires the Threat Grid License SSL VPN IPv6 Support DPI-SSL X Content Filtering Requires the URL Filtering License URL Filtering Data Leak Prevention (DLP) Requires the Systems Manager License Application Filtering

10 Not All Firewalls Are Created Equal

11 Managed Security Options That Won’t
Break your budget!

12 Think You’re protected? Think again!
Differences in Approach & most top shelf firewalls use a deep packet inspection (DPI) method for protection You can’t filter what you can’t see so functionality like DPI-SSL/TLS is critical Once you get to the actual filtering… ~80%+ of all traffic today is encrypted with SSL/TLS Signatures are useful but too static to stop zero day dynamic threats Try going to you get redirected to !! Zero day threats can’t rely on heuristics alone Sandboxing is the only way to get to 100% blockage of zero day threats You can’t filter what you can’t see so eliminating evasion techniques is critical Having a managed service cuts way down on TCO Weekly ed PDF report shows customer’s security posture Free E-waste at end of 1/2/3 year contract; upgrade to latest hardware

13 DPI SSL/TLS Deployment Challenges
Attacks are being delivered over SSL/TLS According to NSS Labs research, 41.7% of enterprises deploy dedicated SSL/TLS appliances. Users who enable SSL/TLS decryption are finding that the performance of their NGFWs is being impacted. Key Findings: Although results are not directly comparable, the following was observed when measuring product performance with SSL/TLS turned off versus with SSL/TLS turned on: There was a 92% drop in the average connection rate of the tested products, connection degradation ranged from 84% to 99%. Latency in the average application response time of the tested products increased by 672%; latency ranged from 99% to 2,910%. There was a 60% drop in the average throughput of the tested products, throughput degradation ranged from 13% to 95%.

14 Throughput drops significantly when DPI-SSL is turned on
SonicWall Features TZ300 Interfaces 5xGbE, 1 USB, 1 Console NGFW throughput 750 Mbps Threat Prevention throughput 235 Mbps DPI-SSL/TLS inspection and decryption throughput 50 Mbps IPsec VPN throughput 300 Mbps Site-Site VPN Tunnels 10 Cisco Meraki Features MX 68 Interfaces WAN - 2 GbE - 1 USB LAN - 10GbE – 2 PoE NGFW throughput 450 Mbps Threat Prevention throughput 300 Mbps DPI-SSL/TLS inspection and decryption throughput N/A IPsec VPN throughput 200 Mbps Site-Site VPN Tunnels 50 Palo Alto Features MX 68 Interfaces 8 GbE – 1 USB Dual Purpose NGFW throughput 500 Mbps Threat Prevention throughput 260 Mbps DPI-SSL/TLS inspection and decryption throughput Not published IPsec VPN throughput 100 Mbps Site-Site VPN Tunnels 200 Fortigate Features 30E Interfaces WAN 1 GbE – LAN 4 GbE NGFW throughput 950 Mpbs Threat Prevention throughput 150 Mbps DPI-SSL/TLS inspection and decryption throughput 125 Mbps IPsec VPN throughput 75 Mbps Site-Site VPN Tunnels 200

15 Best Enforceable Option
NGFW without DPI-SSL/TLS You are still protected, but not as deeply as if you had DPI-SSL. NGFW with DPI-SSL/TLS Seat belts and airbags together afford the best Protection!

16 Think You’re protected? Think again!
Differences in Approach Meraki & other security products use a Cloud based reputation filtering for protection The concept is if malware is blocked at it’s source no inspection is required; saves resources Very affective against botnets, phishing URL’s and ransomware Sandboxing is an additional license known as ThreatGrid No DPI-SSL; HTTPS decryption available but bogs down CPU resulting in an 85-90% throughput decrease on the box Few if any false positives Updated hourly Some security is better than no security

17 Think You’re protected? Think again!
NGFW techniques illustrated: Prevention of Evasion Techniques IP Packet fragmentation Stream segmentation RPC Fragmentation URL Obfuscation HTML Obfuscation HTTP evasion FTP evasion TCP Split Handshake DPI-SSL/TLS Support for 30+ ciphers used to encrypt data on websites, file transfers & other protocols today Support for emergent ciphers TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 x25519 Elliptic Curve Key Exchange Prevention of weak ciphers Null ciphers (no encryption of data provided) Anonymous ciphers (no authentication provided) Certificate validation Decryption performance Evasion Techniques (continued) Binary Obfuscation SandBox Evasion Non Standard Port Usage Virtual Machine Evasion Timing Non-local environment check Layered Evasions

18 Think You’re protected? Think again!
URL Obfuscation • Escape encoding (% encoding) • Microsoft %u encoding • Path character transformations and expansions ( /./ , //, \ ) • Premature URL ending • Long URL • Fake parameter • TAB separation • Case sensitivity • Windows\delimiter • Session splicing • Different combinations of methods listed above Virtual Machine Evasion • Hypervisor o VMWare I/O port o Backdoor Instruction o Hypervisor bit o CPU information o Performance Check –API o Performance Check – Instruction RDTSC timing difference o Performance Check – Instruction VMExit handling • Guest OS Profile o GDT address o LDT address o IDT address o TSS address o Number of processors (Exception address) o Services o Driver and files o Directory o Registry o Named pipe FTP Evasion • Inserting spaces in FTP command lines • Inserting non-text Telnet opcodes • Different combinations of methods listed above Binary Obfuscation • Packing/compression/crypters/encoding • Code virtualization • Code obfuscation • Polymorphism • Metamorphism Sandbox Evasion • Human interaction o Cursor position o Keyboard stroke – simple stroke o Keyboard stroke – input pattern o Clipboard content o Pop-up message, e.g., “Click to continue” • Stalling Code o Loop

19 Why SMBs Need Better & Stronger
IT Security Over 70% of breaches occur in organizations sized under 100 employees! 53% of compromised companies learn of the breach from a third party. The average cyber attack goes unnoticed for 146 days! Small companies pay an average of $690,000 to recover from hacking incidents, while mid-sized companies average costs of over $1 million. Source: untangle 2018 SMB IT Security report

20 Why SMBs Need Better & Stronger Organizations Size (Employees)
IT Security Table 1: Breaches by Organization Size Organizations Size (Employees) Percentage of Total 1 to 10 4.9% 11 to 100 66.7% 101 to 1,000 5.6% 1,001 to 10,000 3.2% 10,001 to 100,000 2.7% Over 100,000 1.2% Unknown 15.8% Total 100%

21 Why Small Businesses Need Stronger IT Security
Why Security Solutions Are Important to Small Businesses

22 What Challenges do SMBs Face with IT Security?
Source: untangle 2018 SMB IT Security report

23 Why Challenges do SMBs Face with IT Security?
Almost 40% of SMBs have experienced a Cyberattack. Malware & Phishing are top threats followed by Ransomware. More than 50% of respondents had a budget less than $5000 per year for IT Security, half of those had less than $1000 per year. Budget constraints are the biggest challenges SMBs face when it comes to IT security. Small budgets make it impossible to stay current let alone ahead of the daily emerging threats. Many SMB’s go out of business after a major attack.

24 AireSpring White Glove Support

25 AireSpring Premium Firewall Support – SonicWall
Premium Firewall Support is provided at no additional cost through our SonicWall Security Operations Center (SOC) SOC will configure, implement, manage, support, troubleshoot, report, track and handle any Moves, Adds, Changes and Deletions required by the customer on an ongoing basis, including but not limited to the items listed below: þ SonicWALL Hardware þ Comprehensive Gateway Security Services (CGSS): Gateway antivirus, antispyware, intrusion prevention, application control, content filtering. þ Global Management System (GMS) þ Deep Packet Inspection· Secure Sockets Layer (DPI·SSL) þ Firewall and network related functionality required by Firewall as a Service (FWaaS)

26 Final Thoughts & Conclusions
(my opinion) þ Make the risk/effort greater than the benefit to any hacker looking to target your business. þ To be at a high level of protection you have to deploy DPI-SSL, Capture ATP and Score 100% in NSS Labs evasion technique elimination test. SonicWALL has done that. þ For small but high speed link type offices (SOHO) a Cisco Meraki is a great choice. þ For medium to high/enterprise sized offices there is no firewall with more bang for the buck than SonicWALL. They’re no longer part of Dell and are innovating rapidly. This is seen via enhancements over the last few years such as DPI-SSL, sandboxing (Capture ATP), and the recent availability of both a physical and now virtual firewall form factor. þ AireSpring gives customers a FREE web portal to see all firewalls at all sites. þ AireSpring's 24/7/365 Managed Service includes installation, configuration, maintenance, weekly reports, software/signature upgrades, licensing of all security features, automatic replacement of failed hardware during the life of the contract. þ AireSpring has a deep bench of certified route/switch & SIP experts to debug issues. þ AireSpring can take over management of existing SonicWALL's, or put SonicWALL or Meraki Firewalls at each customer site or in our datacenters for centralized cloud/network based Firewall to further limit cost and add value.

27 Questions Questions??

28 Thank You! Contact: Mike Chase, J.D., CCIE# 7226
SVP Solutions Engineering / Principal Solutions Architect Certs: LinkedIn: O: M: (whatsapp)

29

30 SPIFFs & Promotions Double SPIFF on SD-WAN! SPIFF ends June 30th!!
6x MRC Voice & Cloud 1.5 X MRC Connectivity Svc $1600 cash Bonus TF Svc $800 Cash Bonus LD Svc

31 Meet with AireSpring at These Events

32 Enter our Drawing for a $100 Amazon Gift Card
Please complete the survey at the conclusion of this presentation for a chance to win a $100 Amazon gift card! Congratulations to our May winner Jon Kopczyk

33 Thank You for joining AireSpring Today. We value your partnership!

Download ppt "Managed Services Provider & Nationwide Network Operator"

Similar presentations

Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
1 © Copyright 2013 Fortinet Inc. All rights reserved. Fortinet High Performance Network Security Data Connectors – Los Angeles Edwin Mendoza – Manager.

1 © Copyright 2013 Fortinet Inc. All rights reserved. Fortinet High Performance Network Security Data Connectors – Los Angeles Edwin Mendoza – Manager.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.

Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.
1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.

1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.

Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.

1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.
Protecting Customer Websites and Web Applications Web Application Security.

Protecting Customer Websites and Web Applications Web Application Security.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.

1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
1 1 Hosted Network Security EarthLink Complete™ Data.

1 1 Hosted Network Security EarthLink Complete™ Data.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
1 Session Number Presentation_ID © 2002, Cisco Systems, Inc. All rights reserved. Using the Cisco TAC Website for Security and Virtual Private Network.

1 Session Number Presentation_ID © 2002, Cisco Systems, Inc. All rights reserved. Using the Cisco TAC Website for Security and Virtual Private Network.
Security fundamentals Topic 10 Securing the network perimeter.

Security fundamentals Topic 10 Securing the network perimeter.
©2013 Check Point Software Technologies Ltd. Small Business. Big Security New SMB Appliances Clinton Cutajar Team Leader – Information Security Computime.

©2013 Check Point Software Technologies Ltd. Small Business. Big Security New SMB Appliances Clinton Cutajar Team Leader – Information Security Computime.

Similar presentations

Ads by Google