1. 1 Endpoint Security Considerations

2. 2 Agenda Open Networks PROs & CONs Challenges Alternatives

3. 3 Open Networks are … Open P2P applications Wireless Net Meeting Instant Messenger Email Internet access Outsourcing Wireless Partners/Consultants Telecommuting Traveling Employees Website access InsideOutside PERIMETER

4. 4 Information Security Challenges Know When you are Finished ? Missing protection Security investment not at work Misconfiguration Solve ‘solved’ problems again and again Misuse/Misbehavior Tradeoff Protection for productivity Missing in actionChasing the unknown What to do?...

5. 5 Challenge Finished when you Stop Rogues Open Networks Valid Device Valid Device Valid Device Valid Device Rogue Device Rogue Device

6. 6 Challenge and… Prevent valid devices from becoming Rogues Open Networks Valid Device Valid Device Valid Device Valid Device Rogue Device Rogue Device

7. 7 Open Network What is a Rogue? Gartner Vulnerabilities Old Patch Recent Patch New Vulnerability Misconfiguration Customer experience Rogues

8. 8 Compliance Models Voluntary Compliance Model Turning the crank faster doesn’t help

9. 9 Process Discover –missing in action Protect -mis-configuration, -missing protection, -misuse and misbehavior. Enforce -endpoints, -access points -all of the time. Remediate – to reconnect

10. 10 Know when you’re finished

11. 11 Requirements Devices – managed, unmanaged, unmanageable Roles – educate software not people Processes - network, security, operations Plumbing – switches, wireless, VPN, SSL Relentless – always, everywhere

12. 12 ManagedUnmanaged Corporate-owned devices Computers owned by partners, suppliers, customers, outsourcers, employees or public kiosks Network Dark Matter rogue computers, network infrastructure, and embedded devices Unmanageable Devices

13. 13 Educate software not people Security policies must adapt from HQ to hotel to home to hotspot Policies must change by role, device type, location and connection Without transparency, CSOs must choose between good security or productive users Adaptive Policies RoleDevice TypeNetwork LocationPolicy ExecutiveCorporate OwnedEnterprise LANTrusted, file sharing on, full application access Sales personEmployee OwnedHome wirelessHI, file sharing off, IM off, print sharing off, limited application access OutsourcerUnknownPublic InternetVD, HI, SSL VPN access only and webmail only with data sanitization

14. 14 Policy Verification Radius DHCP/DNS Plumbing AV & PFW & IPS AD & LDAP Patch Policy Repositories Policy Enforcement VPN Switch Wireless AP Clients Windows Linux/Macintosh PDA & Phone

15. 15 NAC * NAP * TNC Comparison

16. 16 Trusted Computing Group Standards TCG –a thought leading organization working together to help enterprises ensure a trusted computing environment Trusted Network Connect Sub-Group is creating a standard for interoperability to prevent untrustworthy devices from connecting to enterprise networks. Leverage existing standards – current consideration -IEEE 802.1x protocol and the IETF EAP RFC 3748 protocol for host access negotiation with network devices. -RADIUS [RFC 2865] for making access verification decisions and defining network access privileges. Ability to leverage the Trusted Platform Module (TPM) microchip for hardware based level of assurance.

17. 17 Summary – Requirements Devices – managed, unmanaged, unmanageable Roles – educate software not people Process – security, network, operations Plumbing – switches, wireless, VPN, SSL Relentless – always, everywhere

18. Thank you for your time