Presentation is loading. Please wait.

Presentation is loading. Please wait.

Challenges in Network Security 2011 SonicWALL Inc.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Challenges in Network Security 2011 SonicWALL Inc."— Presentation transcript:

1 Challenges in Network Security 2011 SonicWALL Inc.

2 Technology Trends - Networking a Key Driver 2  Bandwidth  Performance  Availability  Efficiency  Manageability  Security

3 Network Security Remains an Issue  Computer malware, still a problem later:  1971 - Built in the Laboratory – Creeper (BBN)  1981 - In the wild – Elk Cloner (Skrenta)  1988 - On the Internet – Morris Worm (Cornell)  2010 – Unyielding Malware and Spam fueled by self propagating BotNets  Physical security analogy – Bank Robberies Why rob banks? “That’s where the money is” CONFIDENTIAL All rights reserved. 3

4  Network Attacks have evolved to the Application Level Why do they exist? It’s Human Nature …  Programmers make mistakes  Malware exploits mistakes Software everyone uses daily…

5 Seemingly Safe Applications Adobe PDF Reader CONFIDENTIAL All Rights Reserved 5 http://www.zdnet.com/blog/security/another-day-another-adobe-pdf- reader-security-hole/7693 Adobe Download Manager http://glanceworld.com/the-worst-security-flaw-in-adobe- download-manager.html

6 “The Dirty Dozen” Most Vulnerable Applications for 2010 Which do you use? 1. Google Chrome 2. Apple Safari 3. MS Office 4. Adobe Acrobat 5. Mozilla Firefox 6. Sun JDK 7. Adobe Shockwave Player 8. Microsoft Internet Explorer 9. RealNetworks RealPlayer 10. Apple Webkit 11. Adobe Flash Player 12. Apple Quicktime and the Opera Web browser (tied) CONFIDENTIAL All Rights Reserved 6 http://www.networkworld.com/news/2010/111510-google-chrome-dirty-dozen.html

7 Malware Lurks in Social Networks CONFIDENTIAL All Rights Reserved 7 Set-up: Create bogus celebrity LinkedIn profiles Lure: Place link to celebrity “videos” in profile Attack: Download of “codec” required to view video Infect: Codec is actually Malware Result: System compromised

8 SonicWALL Security Center www.sonicwall.com/securitycenter.asp A Typical Day in 2010

9 Application Chaos “Bad  Control”“Good  Prioritize?” Challenge: Secure Separate good from bad  More applications  Fundamental shifts in infrastructure  Less budget  Less staff  Less control

10 Traditional Firewalls Obsolete Current Traditional Firewall Threats Legacy System Access IDS/IDP Basic Applications Worms Application Access Application Layer Threats Proxy Software Vulnerabilities 1 1 2 3 Required Complete Inspection must span the communicati on spectrum 10 Copyright 2010 SonicWALL Inc. All Right Reserved. Traditional Firewalls -Ignore Application Level Traffic -Focus on network level threats -Point solutions become complex to manage and are not adequate in scalability and security Threats have evolved, Firewalls must too

11 Network Security & 10 Gig Security Network Security must evolve due to … 1.Need for Application Control  Including SSL Inspection 2.Need for Full Security with Deep Packet Inspection 3.Faster interconnect (10GbE) Who wants 10+ Gb Security?  Government (ie: DoE, NSx, CIx, etc)  University (ie: 10GE infrastructure)  Business (ie: Cloud / Data Center / Backbone / App Clusters)  Core Internet Players  Cloud providers  Internet Service providers  Mobile Internet Service providers 11

12 Next Generation Security Architecture 12 SonicWALL Solution Features 1. Consolidated & Integrated Security Technology 2. Application Visibility - Inspection of Real-time & Latency Sensitive Applications/Traffic 3. Scalable & High Performing Enough to Protect Against Perimeter and Internal Network Challenges Multi-Tiered Protection Technology Security Requirements Patented Re-Assembly Free DPI (RFDPI) Multi-Core High Perf. Architecture 12 Copyright 2010 SonicWALL Inc. All Right Reserved.

13 Application Intelligence & Control on Next Generation Firewall CONFIDENTIAL All Rights Reserved 13 Application Chaos So many on Port 80 Critical Apps Prioritized Bandwidth Acceptable Apps Managed Bandwidth Unacceptable Apps Blocked Identify By Application - Not by Port & Protocol By User/Group -Not by IP By Content Inspection -Not by Filename Categorize By Application By Application Category By Destination By Content By User/Group Users/Groups Ingress Control Prioritize Apps by Policy Manage Apps by Policy Block Apps by Policy Detect and Block Malware Detect & Prevent Intrusion Attempts Policy Visualize & Manage Policy Cloud-Based Extra-Firewall Intelligence Egress Malware Blocked Massively Scalable Next-Generation Security Platform High Performance Multi-Core Re-Assembly Free DPI Visualize

14 Better Network Intelligence CONFIDENTIAL All Rights Reserved 14

15 App Traffic Visualization for Fast Analysis CONFIDENTIAL All Rights Reserved 15

16 User Identification  Single Sign On (AD/LDAP Integration)  Local Login  Identify Top Bandwidth users CONFIDENTIAL All Rights Reserved 16

17 Powerful Control CONFIDENTIAL All Rights Reserved 17  Bandwidth Manage OR Block  By User or Group, with Exceptions  By Schedule  By App Category  By App Feature  By Single App Available Today since SonicOS 5.0

18 SonicWALL Scalable DPI/NGFW Lineup $25K $295 1600 Mbps Least Expensive NGFW from any Vendor One software code base One architecture Order of Magnitude Scalability NGFW Features TZ200 TZ100 TZ210 NSA 240 NSA 2400 NSA 3500 NSA 4500 NSA E 5500 NSA E6500 NSA E7500 NSA E10000* 25Mbps 18 Fastest NGFW from any Vendor NSA E8500

19 SuperMassive E10000 Series CONFIDENTIAL All Rights Reserved 19

20 CONFIDENTIAL All Rights Reserved 20 Next Generation Security Platform Introducing Project “SuperMassive”

21 Next-Generation Network Security Platform Comprehensive Inspection  Application Intelligence & Control  Powerful IPS, Multi-gig performance  Management/Visualization of traffic  RFDPI Technology  SSL Traffic Inspection  High Availability: A/P, A/A, StateSync, Clustering The Technology  96 processor cores  40+ Gbps Stateful Inspection  30+ Gbps IPS  30+ Application Control  10+ Gbps Threat Prevention  Detects over 1 Million unique threats Detects, Classifies and Controls over 3,500 Unique Applications

22 Design for Extreme Performance CONFIDENTIAL All Rights Reserved 22 Ultra-Low Latency High Performance 240 Gbps Interconnect Near-Linear Scalability with doubling of processing cores

23 CONFIDENTIAL All Rights Reserved 23 24 Cores (A/A Config) 24 Cores 48 Cores 96 Cores SuperMassive E10000 Series

24 CONFIDENTIAL All Rights Reserved 24 Stateful: 40 Gbps App Control:30 Gbps IPS:30 Gbps Anti-Malware: 10 Gbps VPN:20 Gbps Conn/sec:640k/sec SPI Conn:12,000,000 DPI Conn:10,000,000 Stateful: 40 Gbps App Control:30 Gbps IPS:30 Gbps Anti-Malware: 10 Gbps VPN:20 Gbps Conn/sec:640k/sec SPI Conn:12,000,000 DPI Conn:10,000,000 Stateful: 10 Gbps App Control:7.5 Gbps IPS:7.5 Gbps Anti-Malware: 3 Gbps VPN:5.0 Gbps Conn/sec: 160k/sec SPI Conn:3,000,000 DPI Conn:2,500,000 Stateful: 10 Gbps App Control:7.5 Gbps IPS:7.5 Gbps Anti-Malware: 3 Gbps VPN:5.0 Gbps Conn/sec: 160k/sec SPI Conn:3,000,000 DPI Conn:2,500,000 Stateful: 20 Gbps App Control:15 Gbps IPS:15 Gbps Anti-Malware:6.0 Gbps VPN:10 Gbps Conn/sec:320k/sec SPI Conn:6,000,000 DPI Conn:5,000,000 Stateful: 20 Gbps App Control:15 Gbps IPS:15 Gbps Anti-Malware:6.0 Gbps VPN:10 Gbps Conn/sec:320k/sec SPI Conn:6,000,000 DPI Conn:5,000,000 Stateful: 5+ Gbps App Control:3.0+ Gbps IPS:3.0+ Gbps Anti-Malware:1.5+ Gbps VPN:2.5+ Gbps Conn/sec:80k/sec SPI Conn:1,500,000 DPI Conn:1,250,000 Stateful: 5+ Gbps App Control:3.0+ Gbps IPS:3.0+ Gbps Anti-Malware:1.5+ Gbps VPN:2.5+ Gbps Conn/sec:80k/sec SPI Conn:1,500,000 DPI Conn:1,250,000 SuperMassive E10000 Series 6x10 GbE SFP+ 16x10 GbE SFP 6x10 GbE SFP+ 16x10 GbE SFP 6x10 GbE SFP+ 16x10 GbE SFP 6x10 GbE SFP+ 16x10 GbE SFP 24 Cores (A/A Config) 24 Cores 48 Cores 96 Cores

25 SonicGRID: Security Protection at Scale  1,000,000+ Individual Threats  25,000 Threat Family Signatures  3500+ Application Signatures 25 World Renowned Expertise Active industry research contributor Delivers continuous security subscription IP and content 100% IP ownership of all signatures

26 SonicWALL: Dynamic Security for the Global Network  Next Generation Firewall and 10/40 Gigabits of full security protection  Global, Distributed, Mobile and Cloud  Real-time Awareness and Visibility  Communication of Shared Threats and Shared Defenses  Proactive Risk Management and Compliance  Best Economics 26

27 Q&A CONFIDENTIAL All Rights Reserved 27

Download ppt "Challenges in Network Security 2011 SonicWALL Inc."

Similar presentations

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
1 © Copyright 2013 Fortinet Inc. All rights reserved. Fortinet High Performance Network Security Data Connectors – Los Angeles Edwin Mendoza – Manager.

1 © Copyright 2013 Fortinet Inc. All rights reserved. Fortinet High Performance Network Security Data Connectors – Los Angeles Edwin Mendoza – Manager.
RSA Media & Analyst Briefing March 2-4, 2010. The CxOs Balancing Act Changing World, Changing Priorities, Increasing Danger 2 Changing WorldBusiness Priorities.

RSA Media & Analyst Briefing March 2-4, The CxOs Balancing Act Changing World, Changing Priorities, Increasing Danger 2 Changing WorldBusiness Priorities.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Www.cleo.com Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.

Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.

Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.
Why It’s Time to Upgrade to a Next-Generation Firewall

Why It’s Time to Upgrade to a Next-Generation Firewall
Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel

Joshua Senzer, CISSP Sr. Systems Engineer – North East Channel
Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.

Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.
AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.
Solutions Road Show 2014 March’ 2014 | India Protection from Next Gen Threats Pralobh Menon Sales Engineer DELL SonicWALL (South) Pralobh Menon Dell India.

Solutions Road Show 2014 March’ 2014 | India Protection from Next Gen Threats Pralobh Menon Sales Engineer DELL SonicWALL (South) Pralobh Menon Dell India.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
MSIT 458: Information Security & Assurance By Curtis Pethley.

MSIT 458: Information Security & Assurance By Curtis Pethley.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.

SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
SonicWALL WXA – WAN Acceleration

SonicWALL WXA – WAN Acceleration

Similar presentations

Ads by Google