Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 ForeScout Technologies Inc. Frontline Defense against Network Attack Tim Riley, Forescout.

Published byAbel Harrison Modified over 8 years ago

Similar presentations

Presentation on theme: "1 ForeScout Technologies Inc. Frontline Defense against Network Attack Tim Riley, Forescout."— Presentation transcript:

1 1 ForeScout Technologies Inc. Frontline Defense against Network Attack Tim Riley, Forescout

2 2 ActiveScout Solution ActiveScout solution provides:  Preemptive identification of potential attackers  Accurate identification of potential attackers to reduce false positives to zero  Automatic action to block attackers in real time  Minimal installation and daily operational costs

3 3 Evolution of Perimeter Protection Firewall Provides robust static security according to predefined policies

4 4 Evolution of Perimeter Protection IDS Sends alerts when attack is recognized and already through the firewall

5 5 Evolution of Perimeter Protection Frontline Network Defense ActiveScout Provides accurate detection and blockage of known and unknown attacks before they reach the network

6 6 Port Scan launched Typical Attack Process without ActiveScout Firewall Internet Router Enterprise IDS Attacker The majority of network attacks are preceded by reconnaissance activity. In this example, a port scan is used. These recon techniques seldom change.

7 7 Typical Attack Process without ActiveScout Firewall Enterprise IDS Attacker The network sends information about hosts and services in response to the recon. This information may be used to subsequently exploit the network. Network responds with legitimate, available services Internet Router

8 8 Typical Attack Process without ActiveScout Firewall Internet Enterprise IDS Attacker Utilizing the network information received, the attacker uses existing or new exploits to attack network hosts and services and effectively breaks into the network. Exploit is launched Router

9 9 Port Scan launched ActiveScout Frontline Network Defense Firewall Internet Router Enterprise IDS Attacker ActiveScout The attacker uses reconnaissance techniques, a port scan in this example, to discover potentially vulnerable network resources. ActiveScout Console

10 10 Firewall Enterprise IDS Router ActiveScout Frontline Network Defense ActiveScout ActiveScout Console Attacker Internet ActiveScout responds with virtual services Network responds with available services ActiveScout identifies recon activity and watches for the network to respond. It then generates marked traffic that is sent back to the potential attacker. This traffic is not distinguishable from legitimate network traffic.

11 11 Firewall Enterprise IDS When the attacker next uses the marked information to launch an exploit, ActiveScout with ActiveResponse technology then identifies the marked traffic. The attack is accurately identified and optionally blocked by ActiveScout or the firewall if desired. Router ActiveScout Frontline Network Defense ( ) ActiveScout ActiveScout Console Exploit is launched Attacker Internet

12 12 ActiveResponse Technology Patented technology that:  Identifies all reconnaissance activity  Replies to the recon attempt with an authentic- looking response, created on the fly and registered within ActiveScout  Identifies potential attacks based on this ‘marked information’ and optionally blocks them, regardless of attack method Result: Accurately identifies attackers and then prevents them from implementing new and/or existing attacks against the network.

13 13 ActiveScout Solution Distinguishes real attacks from the noise  Scarce security resources are focused on the real crises and do not waste time on false positives  Identifies ‘low and slow’ attacks Provides Closed Loop Perimeter Protection  After identifying an attacker ActiveScout can optionally: –Automatically block attackers –Have the firewall automatically block –Update all ActiveScouts when an attacker has been identified to provide automatic perimeter lockdown

14 14 ActiveScout Management “At-a-glance” attack situation display Map identifies attacker location Shows both current & historical data for trend analysis Generates historical management reports Enterprise Console consolidates information from multiple ActiveScouts

15 15 Summary The ActiveScout solution utilizes patented ActiveResponse technology to provide Frontline Network Defense that  Eliminates false positives  Prevents Unkown attacks  Reduces OpEx through automation  Provides Enterprise wide protection

Download ppt "1 ForeScout Technologies Inc. Frontline Defense against Network Attack Tim Riley, Forescout."

Similar presentations

1 Effective, secure and reliable hosted email security and continuity solution.

1 Effective, secure and reliable hosted security and continuity solution.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.

11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.
ForeScout Technologies Ayelet Steinitz, Product Manager April, 2003.

ForeScout Technologies Ayelet Steinitz, Product Manager April, 2003.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Lisa Farmer, Cedo Vicente, Eric Ahlm

Lisa Farmer, Cedo Vicente, Eric Ahlm
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.

Intrusion Detection using Honeypots Patrick Brannan Honeyd with virtual machines.
John Kristoff DePaul Security Forum 2003 1 Network Defenses to Denial of Service Attacks John Kristoff +01 312 362-5878.

John Kristoff DePaul Security Forum Network Defenses to Denial of Service Attacks John Kristoff
Intrusion Detection CS-480b Dick Steflik. Hacking Attempts IP Address Scans scan the range of addresses looking for hosts (ping scan) Port Scans scan.

Intrusion Detection CS-480b Dick Steflik. Hacking Attempts IP Address Scans scan the range of addresses looking for hosts (ping scan) Port Scans scan.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Controls for Information Security

Controls for Information Security
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
Lecture 11 Intrusion Detection (cont)

Lecture 11 Intrusion Detection (cont)
Department Of Computer Engineering

Department Of Computer Engineering

Similar presentations

Ads by Google