Presentation is loading. Please wait.

Presentation is loading. Please wait.

Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property.

Published byAugustine Cameron Modified over 9 years ago

Similar presentations

Presentation on theme: "Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property."— Presentation transcript:

1 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. Citrix NetScaler and Quarri POQ

2 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. HTTPS as the solution: fighting the last war? Data Center Security HTTP/S User / PC security Focus Threat ► Browser are the information delivery platform ‒ Enterprise apps, cloud / SaaS services ► Browsers are missing link in security chain ‒ Key loss vector for cybercrime and data theft ► Sensitive web apps are flying blind ‒ Site has little data on end point’s security state

3 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. Endpoints create risks to web applications and content Browser application behavior: Caching content, cookies, credentials, history User actions : Social engineering target Saves data on untrusted PC Poor browser security settings Malicious users stealing content Malware: Keyloggers Screen capture Data miners MITB / MITM Phishers / Pharmers …

4 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. Who cares and why? Enterprise Applications Business to Customer SaaS / Cloud - Account theft - Data leakage - Data theft - Account theft - E-fraud - Privacy loss Wild West

5 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. Extending web security to the browser ► Citrix and Quaresso are announcing partnership ► Quaresso will be Citrix Ready certified in Nov 2010 ► Integration of Quaresso’s Protect On Q with Citrix NetScaler ► Combined solution enables true end-to-end security of web sessions ‒ From LB/WAF through the HTTPS tunnel all the way to the browser ► Quaresso provides anti-malware, and browser DLP ‒ Via on-the-fly agent delivered by integration with NetScaler

6 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. About Quarri Protect On Q ► ON THE FLY: Web site quickly provisions temporary armored browser ► CONTROL: Site-specific policy controls the defense mechanisms ► SECURITY: Anti-malware + data leak protections ► TARGETED: Only affects browser session connected to the web site ► VISIBILITY: Web site can enforce use of armored browser

7 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. Sample of Protect On Q security features FeatureBenefit Zero Hour Anti-Malware Defenses Heuristic defenses from key loggers/frame grabbers Continuous defense against user account theft, session input and rendered display data Browser Process Integrity Whitelisting of BHOs / plug ins Mitigates the risk of session compromise via exploits against plug in vulnerabilities or hostile browser extensions compromise session Browser Session Data Privacy Real time encryption of all session data Reduces information leaks to unauthorized users or real time cache mining malware Information Leak Protection C ontrols ability to copy, save, print, clipboard, etc. Prevent data leakage & aids compliance by controlling user actions, including MS Office and Acrobat launched within armored browser Browser Networking Control Allows administrative control of browser networking Strengthens web sites’ servers from attacks such as XSS and CSRF, as well as browser hijacking Hostname Resolving Bypass Admins can controls brower host resolving process Protects against malware performing DNS server attacks, local HOSTS poisoning or client DNS settings SSL Certificate Integrity Bypass malicious HTTPS certificate manipulation Reduces the risk of hostile Man-In-The-Middle HTTPS proxies intercepting encrypted traffic

8 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. How NetScaler delivers and enforces armored browsing 1. User connects to protected app(s) 4. If not armored, deliver site-specific armored browser 5. Armored connections (verified as in Step 2) Protect On Q Server (Java) 2. NetScaler intercepts Employees Business Partners Customers Data Center 3. Using HTTP Callout verifies session

9 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. Summary ► Malware trends make browsers a key security concern ► HTTPS protection does not defend against these threats ► Citrix + Quarri enables web sites to extend security to end point ‒ without the downside of managing client software ► Integration with the world’s leading web front end, enables easy customer deployment and enforcement

10

11 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. Protect On Q – product packaging ► Protect On Q is a software solution ‒ Uses subscription based model ‒ Per user, with 1, 2 or 3 year subscription terms ‒ Will be available in appliance form factor via partner ► User count based on number of users protected ‒ Unlimited number of web applications or web servers ‒ Upgrade of user counts available ► Subscription includes: ‒ All software updates during coverage term ‒ Standard 8x5 technical support ‒ Premium (24x7) support available for additional cost

12 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. Quaresso’s patented technology: Enforcer Applications Operating System S y s t e m C a l l s Site specific policy Operating System Internet Explorer ENFORCER S y s t e m C a l l s Browser Security Malware Protection Cache Crypto Audit Info Controls URL Control ► X86 binary uses Java or ActiveX to bootstrap ► Small footprint < 500KB ► Injects into IE address space ‒ Controls / filters various APIs ► Minimal user prerequisites ‒ No admin rights, no system mods ► Memory resident only, no permanent installation ► Anywhere delivery without IT risks Security feature settings Branding / UI customize Whitelists Opening landing URL....

13 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. Deploying Protect on Q ► Software (Java) based solution ► All communications via HTTPS ► Recommend locating near web services ► POQ integration via SOAP today ‒ Web filter modules in next version POQ Manager Web Site Data Center POQ Server POQ Manager: - Support UI for policy definition - Maintains policies &Enforcer binaries - Collects log files POQ Server: - Provisions Enforcer to end users - Pulls policy from POQ Manager - Integrates with web apps - Multiple POQ servers can be deployed

14 Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property of their respective owners. © Quarri 2011. Protect On Q: target markets Customer Web Applications Online consumer banking Online trading applications Ecommerce Hosted web mail (Gmail, Hotmail, etc.) Partner Web Applications Healthcare portals B2B commerce trading applications Government portals Partner extranets ERP, SFA, CRM applications Employee Web Applications Web mail (Outlook Web Access, iNotes) ERP, SFA, CRM applications (mySAP, Oracle, etc.) Employee intranets Company HR portals

Download ppt "Quarri Confidential and Proprietary Information. Quarri and the Quarri logo are trademarks of Quarri. All other product or service names are the property."

Similar presentations

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Call Center Call Center on a Stick Ceedo for Call Center Presentation.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Call Center Call Center on a Stick Ceedo for Call Center Presentation.
HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.

HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.
© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo Client Offerings For Service Providers Ceedo Client Workspace Virtualization.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo Client Offerings For Service Providers Ceedo Client Workspace Virtualization.
Microsoft Goals Engineer a product less vulnerable to piracy and counterfeit Provide set of tools to help ensure a more managed installation environment.

Microsoft Goals Engineer a product less vulnerable to piracy and counterfeit Provide set of tools to help ensure a more managed installation environment.
Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.

Blue Coat and the Blue Coat logo are trademarks of Blue Coat Systems, Inc., and may be registered in certain jurisdictions. All other product or service.
New trends on cyber security - Cyber Espionage & Identity theft By K S Yash, CRO 1.

New trends on cyber security - Cyber Espionage & Identity theft By K S Yash, CRO 1.
Www.tectia.com COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.

COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.
Persistent Protection Using E-DRM Technology Jason Fasoo 06/18/2008.

Persistent Protection Using E-DRM Technology Jason Fasoo 06/18/2008.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Barracuda Web Application Firewall

Barracuda Web Application Firewall
©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.

©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.
Citrix ® Secure Gateway Phil Montgomery Senior Product Manager Citrix Products and Services October 2001.

Citrix ® Secure Gateway Phil Montgomery Senior Product Manager Citrix Products and Services October 2001.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
The World's Most Secured Browsing Solution COCKPIT4i is a radically new, powerful solution that protects against the security risks posed by exposure to.

The World's Most Secured Browsing Solution COCKPIT4i is a radically new, powerful solution that protects against the security risks posed by exposure to.
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.

Similar presentations

Ads by Google